NGINX and NGINX Plus can act as an OAuth 2.0 Relying Party, sending access tokens to the Idenity Provider for validation and only proxying requests that pass the validation process.