I have a client application accessing my server resources protected by authorization code grant type. Now the client application need another resource access which is protected by client credentials.
Since they already have client credentials for authorization code grant type, they want to use the same credentials for client credentials grant type.
Is it recommended to use the same client credentials for both authorization code and client credentials grant type? If yes/no, why?
You can use the same clientid and secret for both flows and that is something that you can enable in many token providers.