OAuth 2.0 is an authorization framework that enables a third-party application to request an HTTP service with limited access permission, either on behalf of a resource owner, or on behalf of the third-party client itself. In z/OS Connect EE, OAuth 2.0 is applied when a z/OS application calls an API from a request endpoint.

This link contains an illustration of how OAuth 2.0 works in z/OS Connect EE

In the illustration, there is a box for a component named 'Authorization server'

Can Top Secret act as an authorization server for an OAuth2 for z/OS Connect EE environment ?

The application must have the ability to issue RACROUTE calls or LDAP calls to talk to Top Secret. 

Please check with the vendor to see if the application has this capability.

If the vendor provides documentation using IBM RACF as the authorization server, the RACF commands can be converted to the equivalent Top Secret commands.