Best practice for REST API token for background automation.

Community Novice

Are there any best practice recommendations for generating tokens for use by background IT automation processes? Currently I am using an access token generated under by admin user on our test site for interactions with the REST API. This background process will not be able to use an OAUTH workflow as there will not be a user agent available. It would also be nice to have an access token with less surface area than full admin access.

I did see that developer keys can be generated with explicit scope on the REST API but I could not find a way to use them without an OAUTH user-agent based token workflow.