The client credentials flow applies when a Clientapplication cannot prompt a human user for input. This flow requires a secret know to the Authorization Servicewhich the Clientapplication can protect. This flow is initiated when the Clientsends the client_secret to Authorization Service which validates it and returns an Access Token.

The complete flow is described in RFC 5392, Clause 4.4.

A requestTypeof “client_credentials” in the UserTokenPolicy(see 6.5.2) means the Authorization Servicesupports the client credentials flow.