Credentials
1. Create credentials on both ends
If two services need to talk to each other, both must have the necessary M2M credentials created. Don’t assume symmetry — define explicitly on both sides.2. Lock down the physical environment
Access Manager store credentials locally. That means anyone with access to the hardware could potentially extract them. Make sure the physical or virtual machine hosting the tool is tightly secured — this is your first line of defense.3. Avoid exposing endpoints that retrieve the credentials.
Admins in Access Manager (via Identity) can retrieve credentials — which is exactly why these endpoints should not be integrated into any back-office system. Keep sensitive operations isolated to reduce the chance of accidental exposure.Security recommendations
Use Application-to-Application flows for sensitive endpoints
For critical accesses like the Ledger, we recommend interacting through Applications. This ensures you have full control over each credential. If something leaks, you can revoke or delete the Application without bringing down your entire system.Manual actions? Use user-based credentials
When human access is required (for debugging, operations, or support), always create user credentials using thepassword grant — not client_credentials. This approach allows you to easily manage access, revoke permissions, and trigger forced logouts when needed via the appropriate endpoint.
We strongly recommend implementing a credentials rotation policy and performing regular access reviews to minimize exposure and ensure only authorized users retain access.
Always enforce the principle of least privilege, granting only the exact permissions needed — nothing more, nothing less — for both users and applications.