Restrict the access granted to third party applications

Description

Version 1.50.0 introduces the concept of a third party application. Third party applications are meant to represent applications not "owned" by the entity acting as the IdP and/or resource server, and need to be granted authorization and optionally scopes by a resource owner/user. Because of this arms-length relationship, third party applications should not be afforded the same permissions and accesses as first party applications.