We just enforced SAML SSO for our org, and now our CI/CD pipelines are failing to fetch OAuth tokens. The client credentials grant to POST /oauth/token is returning a 401, which is weird since service accounts shouldn’t care about SAML. I’ve double-checked the client_id and secret, and they’re correct.
Has anyone else hit this wall? Do I need to whitelist the service account in the SAML config or is there a different auth endpoint I should be hitting for non-human users? The docs are vague on this overlap.