When we want to use OAuth with Azure API Management, the documentation states that we need to associate the APIM instance with an OAuth server in the OAuth 2 section of the portal. But I'm a bit confused about this because when I missed doing that, the validation of a JWT token (Validate JWT policy) works just fine. It sounds like the association between APIM and an OAuth 2 server is only needed when we want to use OAuth 2 from the developer portal or the developer console. Am I right?