Glossary
Key terms and concepts in agricultural APIs and precision farming.
Key terms and concepts in agricultural APIs and precision farming.
Machine-to-machine (M2M) authentication is an authentication pattern where one service authenticates directly with another without any human user present. Unlike interactive OAuth 2.1 flows where a user signs in through a browser, M2M auth uses pre-shared credentials (typically a client ID and client secret) to obtain access tokens programmatically.
M2M authentication applies to server-side scenarios where no human is available to click through a consent screen:
FieldMCP uses two M2M authentication patterns:
The dashboard communicates with the gateway using a shared INTERNAL_SECRET. The dashboard includes this secret in requests to internal endpoints like POST /internal/invalidate-cache. This is a simple shared-secret pattern suitable for trusted service-to-service calls within the same infrastructure.
For external M2M access, FieldMCP supports the OAuth 2.1 client credentials grant. The service sends its client ID and secret to the token endpoint and receives a scoped access token — no redirect flow needed. The returned JWT has the same format and validation rules as interactive tokens.
M2M credentials require careful handling: