Dive into a comprehensive lab session on configuring OAuth servers to protect APIs using access tokens. Learn to adjust token lifetimes, create custom scopes, add custom claims to JWT access tokens, and understand the implications of token validation decisions. Follow along with instructor Aaron Parecki as he guides you through practical exercises, including registering confidential clients, configuring token lifetimes, creating rules and policies, managing group claims, and adding custom claims. Gain hands-on experience with Okta's developer API service and explore best practices for securing your applications and APIs using OAuth.