In reviewing the CX Framework, it seems there is a way to add new OAuth consumers for IDM by editing the file, but today, it doesn't seem there is a way to say what those consumers are authorized to do. It would be nice to have a management interface to manage 3rd party OAuth consumers and scope what API calls they are authorized to make.