I solved by splitting the configuration into two classes. One for OAuth login and the other for the resource server. Configured
on the resource server Configuration class and made it’s Order as 1 and Open Id configuration order as 2. In Resource server configuration I have disabled session creation.
In this way, if any external clients are calling with a JWT token with header ‘Authorization’ then it will be handled by Resource server configuration or else it will be handled by the second/OAuth configuration.
CLICK HERE to find out more related problems solutions.