A new service provider interface 'com.openexchange.oauth.provider.authorizationserv er.spi.OAuthAuthorizationService' has been introduced, to verify OAuth 2.0 access tokens via a 3rd party authorization server. Custom implementations need to be published as OSGi services.