I have followed several tutorials on setting up MuleSoft as an OAuth2 provider in Mule 4, such as this one: https://www.apisero.com/oauth-2-0-implementation-in-mule-4-using-mule-oauth2-provider/.
End result is a MuleSoft application that can act as an OAuth2 provider with the following endpoints:
/authorize -creates the client
/token -provides a token after the client is created
/validate -validates the token
The client accessing the API should only have to use the /token endpoint with the provided client id and secret.
The Mule developer or admin would need to create a client application (or use an existing one) in Exchange and request access to the API. This would then generate the client id and secret. But in addition, they would need to send the client id and secret to the oauth2 /authorize endpoint to create the client.
Is there a way to automatically authorize clients that are created in Exchange using the Mule 4 OAuth2 provider? This article shows it being done in Mule 3 and I am surprised all the documentation and articles I have read do not mention this. (https://dzone.com/articles/oauth2-using-external-provider-in-mule)