Server-Side Authentication Flow Research

I need help solving two server-side authentication challenges. Both involve obtaining short-lived guest access tokens programmatically from a Cloudflare Worker (Node.js-compatible environment, no browser). Challenge 1: A retail site uses a Kong API gateway that issues JWT tokens to guest users. I need to understand the token acquisition flow and implement it server-side. The gateway client ID is known. The goal is to make authenticated GraphQL requests without a browser session. Challenge 2: A retail site uses Salesforce Commerce Cloud (SFCC) with their Shopper Login and API Access Service (SLAS). Guest tokens are typically available via a PKCE OAuth2 flow. I need this implemented in a Cloudflare Worker environment. The organization ID and site IDs are known. Deliverables: • Working code (TypeScript/JavaScript) for each token acquisition flow • Notes on token TTL and refresh strategy • Tested against the actual endpoints (details provided after agreement) Skills needed: OAuth2/PKCE flows, JWT, Cloudflare Workers, REST APIs