Machine-to-Machine Access for Organizations is now in General Availability (GA)

The possibility to scope machine-to-machine access to a specific organization is now Generally Available. This feature allows you to define the organizations that a given application can access for each API via the Client Credentials Flow.

You can easily define and enforce access to one, many, or all the organizations in your tenant and securely expand the reach of your SaaS APIs to more use cases and scenarios, making sure sensitive data and operations are only accessible to authorized parties. After configuring the access rights for your API, you simply have to inspect the org_id in access tokens of incoming requests, independently of whether they come from third-party applications or your own applications.

This feature is available for B2B Professional, Enterprise and Enterprise Premium customers.

To learn more, read the reference documentation.