我想先澄清一些概念.客户端凭据流用于获取应用程序权限，而不是应用程序的委派权限.通常，OAuth 2.0代码授予流程用于获取委托权限.

I want to clarify some concepts first. The client credential flow is used for acquiring the application permission instead of delegated permissions for the app. Normally, the OAuth 2.0 code grant flow is used to acquire the delegate permission.

从描述中看来，您似乎想通过客户端凭证流获得应用程序许可，但是该令牌对于调用Dynamics CRM Web API无效.经过研究，我发现这个问题已经提出过好几次了，但是没有答案.

From the description, it seems that you want to acquire the application permission through the client credential flow, however the token is invalidate to call the Dynamics CRM Web API. After the researching, I found this issue was raised several times however there is no answer.

根据我的理解，Dynamics CRM Web API似乎不支持应用程序令牌(使用客户端凭据流获取)，因为当您在Azure上为此API注册应用程序时，我们无法检查任何权限/应用程序级别的范围如下图所示:

Based on my understanding, the Dynamics CRM Web API seem doesn’t support the app-token(acquiring using client credential flow) because when you register the apps for this API on Azure, we are not able to check any permission/scope for the application level like figure below: