Postman, etc.). For this, OAuth2 provides a type of grant called Client Credentials that simply exchanges a client ID and client secret for an access token. There is no ID token since it's not part of the OpenID Connect standard and there's no user involved.
WorkflowGen GraphQL APIapplication registered as well.
My script, service or application name
Accounts in this organizational directory only (Single tenant)
WorkflowGen GraphQL APIapplication in the list.
defaultin the Permission column.
My secret, or something that identifies this as the client secret.
WorkflowGen GraphQL APIapplication's scope in its Expose an API section.
.) before the
defaultscope name in the URL when passing the scope as a parameter in the request to retrieve the access token (e.g.
https://<workflowgen url>/graphql/.default). See the scope parameter in the cURL example.
My Server Application
client IDyou retrieved earlier from your application registration in Azure AD