OAuth 2.0 endpoints

When acting as an OAuth 2.0 authorization server, AM exposes the following endpoints:

OAuth 2.0 Endpoints
Endpoint	Description
`/oauth2/par`	Register a pushed authorization request and get a request URI (RFC 9126 PAR endpoint)
`/oauth2/authorize`	Obtain consent and an authorization grant (RFC 6749 authorization endpoint)
`/oauth2/bc-authorize`	Initiate backchannel authorization (Backchannel flow endpoint)
`/oauth2/access_token`	Obtain an access token (RFC 6749 token endpoint)
`/oauth2/device/code`	Obtain a device code (Device flow endpoint)
`/oauth2/device/user`	Obtain consent and authorization grant (Device flow endpoint)
`/oauth2/token/revoke`	Revoke both access and refresh tokens (RFC 7009 endpoint)
`/oauth2/introspect`	Retrieve metadata about a token, such as approved scopes and the context in which the token was issued (RFC 7662 endpoint)
`/json/token/macaroon`	Retrieve metadata about a macaroon, and add caveats.

As an OAuth 2.0/OpenID Connect/UMA provider, AM also exposes the following:

OAuth 2.0 endpoints to perform administrative tasks, such as creating clients. For more information, see OAuth 2.0 administration REST endpoints
OpenID Connect-specific endpoints. For more information, see OpenID Connect 1.0 endpoints.
UMA-specific endpoints. For more information, see UMA endpoints.