You’re not missing anything. To shed some light on why it’s currently disabled: OAuth apps today don’t go through an installation consent flow by admins as they’re not “installed into” sites.
With Forge user consent and external authentication, there’s not a clear distinction between the app asking for Forge scopes and the regular OAuth consent flow which ends up very confusing for users/admins. It’s very likely the Atlassian OAuth restriction will be removed from external authentication when we’re rolled out finer grain admin controls for OAuth apps or removed Forge user consent per We're removing the allow access prompt for Forge apps
2 Likes