Is it possible to generate a token using /auth/oauth/v2/token without providing the mag-identifier or device identifier if we are not requesting the token for a mobile device?  Currently if we don't pass the mag-identifier/device iedentifier in the header, we get the below error:

{ 

    "error": "invalid_request",

    "error_description": "The given mag-identifier is either invalid or points to an unknown device"

}

Release : 10.1/OTK 4.x

User registered the client id with scope that contains msso.  The policy /auth/oauth/v2/token calls the encapulated assertion OTK Scope verification that checks the scope and see if it contains msso, then it will need to validate mag-identifier or device identifier. 

Registered a new client id with scope does not contains msso.  It worked using the new Client id/ClientSecret with grant_type=client_credentials.