Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Does anyone use OAuth with the client credentials flow to authorise requests? I get how to set it up I just don't know the best practises for the resource server knowing it is an internal service and not to perform user level authorisation.
Any resources that describe this would be greatly appreciated