diff --git a/pkg/featureflags/set.go b/pkg/featureflags/set.go
index 80a8f0c5..dcea1ca7 100644
--- a/pkg/featureflags/set.go
+++ b/pkg/featureflags/set.go
@@ -18,7 +18,7 @@ var (
 	// ConfigDisallowUnknownFields enables to forbid unknown fields in the config while unmarshaling.
 	ConfigDisallowUnknownFields = newFlag("config_disallow_unknown_fields", false)
 
-  // ClientCredentialGrantEnabledByDefault enables the client_credentials grant type by default
+	// ClientCredentialGrantEnabledByDefault enables the client_credentials grant type by default
 	// without requiring explicit configuration in oauth2.grantTypes.
 	ClientCredentialGrantEnabledByDefault = newFlag("client_credential_grant_enabled_by_default", false)
 )
diff --git a/server/handlers.go b/server/handlers.go
index a2b20f23..87b5698c 100644
--- a/server/handlers.go
+++ b/server/handlers.go
@@ -1540,6 +1540,8 @@ func (s *Server) handleClientCredentialsGrant(w http.ResponseWriter, r *http.Req
 
 	nonce := r.Form.Get("nonce")
 
+	// Empty connector ID is unique for cluster credentials grant
+	// Creating connectors with an empty ID with the config and API is prohibited
 	connID := ""
 
 	accessToken, expiry, err := s.newAccessToken(ctx, client.ID, claims, scopes, nonce, connID)