Overview#

The Client Credentials Grant (or other forms of client authentication) can be used as an Authorization Grant when the authorization scope is limited to the protected resources under the control of the OAuth Client, or to protected resources previously arranged with the Authorization Server. OAuth Client credentials are used as an Authorization Grant typically when the client is acting on its own behalf (the client is also the Resource Owner) or is requesting access to protected resources based on an authorization previously arranged with the Authorization Server.

More Information#

There might be more information for this subject on one of the following:

• Authorization API
• Federated Authorization for UMA 2.0
• Grant Types
• Grant_type
• OAuth 2.0 Use Cases
• OAuth 2.0 Vulnerabilities
• Protection API
• Refresh Token

---

• [#1] - RFC 6749 Client Credentials - based on data observed:2015-05-18