"Hello everyone, I'm trying to understand how all the available OAuth 2.0 connection types work. I came across this paragraph in the section on 'Client Credential Flow,' and I'm not quite sure what it refers to. Aren't we supposed to generate the certificate for this type of connection ourselves and upload it to 'OAuth 2.0 Client Credentials Setup'? It seems to imply that Netsuite is generating some kind of certificate, but throughout the process, the public key of the certificate created by yourself is used https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_158255317571.html

the responses for oauth 2 base flows is in the form of a JWT

But what implications does that have when creating an unattended automated process? Does someone have to be aware of that change to update integration configurations, etc.? So the process cannot be completely 100% automated?

if you verify that netsuite issued the token, then you need to write logic that gets the public key from the url it lists, you cannot hardcode its public key

Thank you very much for your clarification.