At the moment, the AM/IDM integration relies on the OAuth2Provider service settings. However, I customer may want to configure their external-facing OAuth2 AS differently to settings that would be compatible with this integration.
The AM/IDM integration OAuth2 functionality should be fulfilled by internal oauth clients (a different agent/application type?), and an internal set of OAuth 2 AS settings, in the same way as we do so for Java and Web Agents.
This would then allow customers to change the settings of their external OAuth2 AS without impacting the AM/IDM integration. It would also substantially simplify the CDM/FRaaS base configurations.