OAuth is typically meant for a user (resource owner) to delegate some authorizations on a protected resource to a client. If your headless system is trying to hit an API with authorizations granted by particular users, you'll need some way for the users to grant that access.
But the client credential flow assumes the client _is_ a resource owner and already has authorizations to do its business. Thats what you would typically use for pure system-to-system use cases, and basically amounts to "hit this endpoint periodically to get the current API key"
But the client credential flow assumes the client _is_ a resource owner and already has authorizations to do its business. Thats what you would typically use for pure system-to-system use cases, and basically amounts to "hit this endpoint periodically to get the current API key"