We need to be able to manage trust for OAuth.
Check if we can/should use CAs for trust, or if we need to be able to add public keys (similar to how it works for Certificate Transparency Logs, under System Configuration).
If we use the latter solution, decide where to add the trust management in the UI. Should it be under System Configuration or Administrator Roles?
Since it is UI related, ping Services or Support and check if they can/want to be involved or have any input.