Wait this is awesome. A huge issue with Enterprise OAuth2.0 is managing all the random apps. Each with their own half-baked enterprise controls for managing scopes, token expiry, and no control over device bound sessions.

So instead, you can run centralized infra to validate a user, device, what scopes their requesting and duration, and enforce policies for all your apps?

Can we get this in other OAuth 2.0 clients?