Restricting OAuth2 client credentials to a specific integration?
SummaryIs there a way to limit OAuth2 client credendials to authenticate to a specific OIC integration?
We have successfuly used the documentation https://www.ateam-oracle.com/trigger-oic-integration-using-oauth-client-credentials to create oauth client credentials in IDCS to be able to trigger our OIC integrations. However, the credentials allow you to run any integration in the OIC instance. Is there a way to limit the OAuth2 client credentials to a specific integration or set of integrations?
As an example, we might have integrations that are customer specific, and ideally, we would only want customers to be able to run integrations specific to them. If, by chance, they were able to figure out the integration api's, the OAuth2 credentials would technically allow them to run any of them. We would like to limit the credentials to just the ones belonging to a specific customer.