This is really just an "out of curiosity" question, but when using an OAuth access token to make a call to the REST API, why does it require the Authorization type to be "OAuth" rather than "Bearer"? I bring this up because in the documentation it says: "The built in OAuth service is based on the OAuth 2.0 specification", but when I'm using Postman to test requests, if I use OAuth 2.0 as the Authorization type, set the access token and send the request, I get a 403 response because Postman sets the Authorization type to "Bearer" followed by the access token. If I set the Authorization header manually to OAuth {access_token} the requests succeeds - which is expected based on the documentation on using access tokens to make requests.
Thanks!