Which OAuth flow to user for Kiosk application where end user will not have any login? User will only need to provide 2 details: coupon number and order number. These 2 values will be saved by using the API protected by Azure Active Directory.
This application will run on our Food store handheld device.
I am not sure if any authorization flow will work as we will not ask user to login. Client credential may work but again this is mobile application so how will that work for unsecure device?
There is no way to do what you want securely. Device is unsecure -> user needs to authenticate. But since user cannot authenticate, there is nothing that can be done securely.
You cannot call an AAD protected API from such a device. What you could do is make an API that does not require authentication. This API then uses client credentials authentication to call the protected API. Note this of course makes those endpoints essentially anonymously accessible.