- The client credentials grant flow is used for server-to-server interaction, and allows clients to obtain an access token outside of the context of a user
- Since client authentication is used as the authorisation grant, no additional authorisation request is needed
- As with other server-server flows, a refresh token will not be supplied
- Salesforce can act as the client, and as of Winter '23, Salesforce also supports this flow while acting as the server. When Salesforce participates as the server, an execution user must be selected in the connected app which determines the running user and permissions for any integration activity
Documentation
Reference Implementations
This Flow in Context
