Use token-endpoint instead of issuer for oauth2 authorization

Checklist

I agree to the terms within the OpenFGA Code of Conduct.

Describe the problem you'd like to have solved

Some IdPs do not use /oauth/token as a suffix for an oauth2 (not oauth!) token exchange.
Entra-id for example uses /oauth2/v2.0/token even though the old /oauth/token endpoint is still supported for backwards compatibility.

We currently cannot specify these endpoint as the suffix is hard coded:

token_url = f"https://{configuration.api_issuer}/oauth/token"

Describe the ideal solution

Use either a /.well-known/openid-configuration to determine the token endpoint, or, maybe easier, allow users to specify the token endpoint directly (without suffixing it in the code snippet above).

Alternatives and current workarounds

Switch IdP - bad idea :)

References

No response

Additional context

No response