This tutorial describes how to configure a policy to allow specific OAuth2 clients for a REST service. A REST service typically allows only requests from an allow list of OAuth2 clients.
In the PingAuthorize Policy Editor, define a policy in which each rule specifies an allowed client.