In this authorization method, the token is issued only to the client application without being tied to the user. 1) The client application submits a POST request to the server with the following data: 1.1) Options: grant_type = client_credentials — authorization type 1.2) Headers: Content-Type = application/x-www-form-urlencoded — request body type Plus, client authorization is required, for example, you can select the BASIC type: Authorization = Basic aWQtalU4NXNoTnNqVUlpWGQ2MDJhTXhtVjFqSmlPTUdSSko3ZHJHeTRCSGlFZEN0SVk6UWNxUVl0OExRWVVEbDdtMk1KOVNFNkFxYklKOE9MWHdnNkJTSVRnTEFjMHpKcXBRY3I= — соединяем через двоеточие client_id:client_secret — and encode the resulting string into BASE64 format Example request in cUrl:

2) The server outputs the value in JSON format with parameters: access_token — access token token_type = Bearer — token type expires_in — access token expiration time in milliseconds Sample response:

0) Be sure to check that the authentication settings are set to OAuth2 client credential flow

Otherwise, authorization with the code will not work. Also, make sure that option Client secret basic is selected in the Client Authorization block. After setting this parameter, do not forget to click on the save button.

1) Let's create a new client application in the admin panel

2) Let's find him in the list of registered clients

3) Let's send a POST request to the authorization server using the http://localhost:9000/oauth2/token link

Here we get the access token for the client application.