How do I authenticate using an access token based on client credentials?

[Evertt]

I retrieve an access token using the client_credentials grant type. Then I try to access a protected resource using this access token, but then I always get the error HttpException : Full authentication is required to access this resource.

I'm wondering if I set up my config wrongly. Here's my fos_auth_server.yaml:

fos_oauth_server:
    db_driver: orm
    client_class:        App\Entity\OAuth2\Client
    access_token_class:  App\Entity\OAuth2\AccessToken
    refresh_token_class: App\Entity\OAuth2\RefreshToken
    auth_code_class:     App\Entity\OAuth2\AuthCode

And here's my security.yaml:

security:
    encoders:
        App\Entity\User:
            algorithm: auto

    providers:
        app_user_provider:
            entity:
                class: App\Entity\User
                property: email

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            anonymous: true

        oauth_token:
            pattern:    ^/oauth/v2/token
            security:   false

        api:
            pattern:    ^(?!/oauth).*
            fos_oauth:  true
            stateless:  true
            provider:   app_user_provider

    access_control:
        - { path: ^(?!/oauth).*, roles: [ IS_AUTHENTICATED_FULLY ] }

What's also interesting is that when I get an access token based on client_credentials, then of course that access token is not connected to any user. So I'm wondering if maybe Symfony is throwing that exception, because no user can be found. If that's the case, how can I configure Symfony that it's okay if no user can be found?

[niamzor]

@Evertt I'm curious if you find a solution ? I am currently thinking about a way to authenticate a PHP application accessing a PHP API. The client_credentials grant type seems the way to go in my case.