so at my Company we are implementing Laravel Passport as an OAuth solution for our Service Architecture.
Lets say there is a Job running in one Service , call it Order Service, thats wants information about the Products so makes an https request to the Order Service : (https://order-service.myhost.com/api/v1/products/123 ).
This route is guarded with a middleware that goes to my Passport auth Server with a bearer token to see if the request is authorized.
Whats the correct solution for this? I thought i am using Personal Access Tokens (PAT), but as i understood it, for this i have to create User thats corresponding to me Product Service something like Product User, and for this user ill have to create a PAT.
But with this token i can also go to every other service that is using the middleware.
Also whats the point of the Personal Access Client?