Minimum php code for certificate authentication for an API

Hi,

I am looking for some tutorial or documentation on the minimum code required to call an API endpoint that requires certificate authentication using cert.pem and key.pem. I also have an encryption key.

From my testing, I think that the authorization grant type is not correct. I am not getting any response, and I think overall code is too much. It should only require the cert.key, key.pem, and the encryption key.

Can anyone guide me on this?


	global $token_url, $client_id, $client_secret;

	$content = "grant_type=client_credentials";
	$authorization = base64_encode("$client_id:$client_secret");
	$header = array("Authorization: Basic {$authorization}","Content-Type: application/x-www-form-urlencoded");

	$curl = curl_init();
	curl_setopt_array($curl, array(
		CURLOPT_URL => $token_url,
		CURLOPT_HTTPHEADER => $header,
		CURLOPT_SSL_VERIFYPEER => false,
		CURLOPT_RETURNTRANSFER => true,
		CURLOPT_POST => true,
		CURLOPT_POSTFIELDS => $content,
		CURLOPT_SSL_VERIFYHOST => '2',
		CURLOPT_CAINFO => 'key.pem',
		CURLOPT_SSLCERT => 'cert.pem' 
	));
	$response = curl_exec($curl);
	curl_close($curl);

	return json_decode($response)->access_token;
}