A clarifying question: do you want the application to create issues as the application or on behalf of a user? The former, I believe would use a 2LO (2 legged-auth) flow and the latter a 3LO (3 legged-auth).
It might also be worth editing the topic and moving it to the JSM Cloud Category as that Category is specifically for JSM Cloud conversations.
The other is OAuth 1.0a. It is difficult to configure and use. Frankly, it’s not well documented because it’s more a “legacy” option that grew up in the world of on-premise Server. “That way leads to madness.”