John,
The grant type, authorization endpoint, and token endpoint are going to be defined in the API properties, not within the swagger file. Note that this only works with Portal published APIs, and not Gateway published APIs.
If you go to publish a new API or edit an existing API from the API Portal, you will want to go to the "API Explorer" section, select "OAuth 2" for the Authentication type, then you will be able to specify the Grant Type, Authorization endpoint and Token endpoint. This will be reflected in API Explorer once you save it.
Screenshot:
As for the Scopes (read/write), those are going to be defined within the Application, and not within the API.
Regards,
Azad