I’m assuming based on your wording that you are registering an External app with Application Type: Confidential and Scope: Application in which case you would follow the Client Credentials instructions.
What this documenation doesn’t highlight is that you can send your credentials as an Authorization Header or as part of the Body (They show it as part of the Body), however you want to note that it is not a JSON Payload, but a list of Key:Value pairs sent as application/x-www-form-urlencoded
Option 1: Send a POST Request with Basic Auth Header
Headers:
Content-Type: application/x-www-form-urlencoded
Authorization: Basic {{OAuth_BasicToken}} (Where token is the Basic Auth encoded form of your ClientID & Client Secret)
Body:
grant_type:client_credentials
scope:{{OAuth_Scope}}
Option 2: Send a POST Request with Client Credentails in body
Headers:
Content-Type: "application/x-www-form-urlencoded"
Body:
grant_type:client_credentials
scope:{{OAuth_Scope}}
client_id:{{OAuth_ClientId}}
client_secret:{{OAuth_ClientSecret}}
If you are using something like Postman to test it out you can set it up under the Authorization tab and setting Type to OAuth 2.0 and fill out a few fields. This method still requires you to fetch and set the Authorization Token to use, you could skip this and write a few dozen lines of code in the Pre-request Script that would look after the initial Authentication and also handle refreshing the token when it becomes invalid.
An older post that may help you as well regarding Postman
Anil_G
ashokkarale
Ajay_Mishra
Gautham_Pattabiraman
BHUSHAN_NAGAONKAR1
vrdabberu
ABHIMANYU_THITE1
lrtetala
samantha_shah
shyamala_shyamu