Consumer Authentication

/

API reference

/

M2M Authentication

/

M2M Client Object

M2M Client object

An M2M (machine-to-machine) client represents a machine identity that can access your APIs without the need for a human to authenticate the access. M2M clients use the OAuth 2.0 Client Credentials Grant to retrieve access tokens.

M2M clients are a good fit for any type of application that requires programmatic access to your APIs. Examples include:

  • Microservice authentication

  • cron jobs or background jobs

  • CI/CD pipelines

  • External API Clients

M2M clients can be granted granular permissions via scopes. The scopes given to a client will be present in that client's access tokens.

M2M access tokens are JWTs (JSON Web Tokens) signed by your Stytch project's JWKS (JSON Web Key Set) using the RS256 algorithm. They can be validated locally using any Stytch Backend SDK, or any library that supports the JWT protocol.


Fields


client_idstring

client_namestring

client_descriptionstring

client_secret_last_fourstring

next_client_secret_last_fourstring

statusstring

scopesarray[strings]

trusted_metadataobject

OBJECT

{
    "m2m_client": {
        "client_id":"m2m-client-test-d731954d-dab3-4a2b-bdee-07f3ad1be885",
        "client_name":"Example client name",
        "client_description":"Example client description.",
        "client_secret_last_four":"DzJj",
        "next_client_secret_last_four":null,
        "status":"active",
        "scopes":["read:users","write:users"],
        "trusted_metadata":{}
    }
}