Micah
Fair point. The client credentials flow is for operations that don’t involve an end user - like a batch or automated process. This is really for demo purposes and is not terribly prsctical 
I’m working on an upcoming post on the authorization code flow with PKCE from the command line, which is meant for native, mobile and web apps without a client secret.