We have a requirement, where organization wants to use only oauth2.0 feature of APIGW as standalone product i.e. APIs are not going to be exposed through Gateway but some other server; however it needs to be secured with oAuth component (otk 3.2 add-on), which is installed in our gateway. Is it possible?
My understanding is that oAuth add on with API GW can be used only to secure the APIs, which are being exposed through Gateway because its assertion will be used in API policy. Please let me know if otherwise.