I noticed even though I have only one authorization server
I can get token from both end points
I found out that if you take token from one endpoint and validate on other then it will fail as it should.
Because my client was taking token from oauth2/default/v1/authorize
But API was validating with /oauth2/v1/introspect
I can make both client and API point to same end point but my question is why do we have other one working (note: I have only one default authorization server) ?