Use the OAuth token to consume API Gateway for Java thick clients

Use an OAuth access token to authenticate requests sent from Java thick clients to endpoints exposed through API Gateway.

Include the access token in the HTTP authorization header for each outbound request issued by the client application.

This approach enables API Gateway to validate the client identity and apply inbound security controls without storing sensitive credentials within the client runtime.