End of the day, an Oauth2 user is just an user admin that creates a child user account for each app, with restricted permissions. Then the app logins with "their" username (client ID) and password (client secret).