Machine to Machine (M2M)
Machine-to-machine communication (M2M communication) refers to the direct interaction and exchange of data between two or more machines without human intervention. It involves the automated exchange of information, commands, or instructions between devices or systems.
The appropriate grant type to use is typically the Client Credentials Grant. The Client Credentials Grant allows the machine (client) to authenticate itself directly with the authorization server using its own credentials, such as a client ID and client secret. This grant type is suitable when the machine needs to access protected resources on behalf of itself, without involving any end-user interactions.
The source code of this project can be found here.
To implement the M2M communication in a console application, you'll need to follow the following steps.
1. Configure a scope
If a read scope is configured, then skip this step.
Utilize the administration UI to configure a new scope :
- Open the IdentityServer website at https://localhost:5002.
- On the Scopes screen, click on the
Add scopebutton. - Select
API valueand click on next. - Fill-in the form like this and click on the
Savebutton to confirm the creation.
| Parameter | Value |
|---|---|
| Name | read |
| Description | Read |
- Navigate to the new scope, then select the
API Resourcestab and click on theAdd API resourcebutton. - Fill-in the form like this and click on the
Addbutton to confirm the creation.
| Parameter | Value |
|---|---|
| Name | shopApi |
| Value | Shop API |
2. Configure an application
Utilize the administration UI to configure a new OpenID client :
- Open the IdentityServer website at https://localhost:5002.
- On the Clients screen, click on the
Add clientbutton. - Select
Machineand click on next. - Fill-in the form like this and click on the
Savebutton to confirm the creation.
| Parameter | Value |
|---|---|
| Identifier | m2m |
| Secret | password |
| Name | m2m |
- Click on the new client, then select the
Client scopestab and click on theAdd clientscope button. Choose thereadscope and click on theSavebutton.
3. Create a console application
Finally, create and configure a Console Application project.
- Open a command prompt and execute the following commands to create the directory structure for the solution.
mkdir RequestAccessTokenM2M
cd RequestAccessTokenM2M
mkdir src
dotnet new sln -n RequestAccessTokenM2M
- Create a console application project named
ConsoleApp
cd src
dotnet new console -n ConsoleApp
- Add the
ConsoleAppproject into your Visual Studio solution.
cd ..
dotnet sln add ./src/ConsoleApp/ConsoleApp.csproj
- Edit the
Program.csfile and copy the following code. This code executes an HTTP request to obtain an Access Token.
using (var httpClient = new HttpClient())
{
var form = new Dictionary<string, string>
{
{ "grant_type", "client_credentials" },
{ "client_id", "m2m" },
{ "client_secret", "password" },
{ "scope", "read" }
};
var tokenResponse = httpClient.PostAsync("https://localhost:5001/master/token", new FormUrlEncodedContent(form)).Result;
var json = tokenResponse.Content.ReadAsStringAsync().Result;
System.Console.WriteLine(json);
}
When you run the Console Application, the Access Token will be displayed.