An M2M (machine-to-machine) client represents a machine identity that can access your APIs without the need for a human to authenticate the access. M2M clients use the OAuth 2.0 Client Credentials Grant to retrieve access tokens.
M2M clients are a good fit for any type of application that requires programmatic access to your APIs. Examples include:
- Microservice authentication
- cron jobs or background jobs
- CI/CD pipelines
- External API Clients
M2M clients can be granted granular permissions via scopes. The scopes given to a client will be present in that client's access tokens.
M2M access tokens are JWTs (JSON Web Tokens) signed by your Stytch project's JWKS (JSON Web Key Set) using the RS256 algorithm. They can be validated locally using any Stytch Backend SDK, or any library that supports the JWT protocol.