With asp.net MVC the FE calls the server side mvc api via Ajax. Server side MVC logic then gets bearer access jwt from STS using client credentials. It then securely calls Microservice by passing bearer token.
How do we achieve the same with nextjs headless? Should we expose api route which mimic asp.net solution or is there elegant way to achieve this.
Note that we do not want bearer token exposed/stored on to browser storage.
I have done a quite a bit of readings and found these resources. But doesn't have examples for client credential flow which should be lot simpler than authorization code or implicit flow.
https://www.ietf.org/archive/id/draft-bertocci-oauth2-tmi-bff-01.txt
