Hi,
yes so you could directly throw a PSX\Json\Rpc\Exception\ServerErrorException in your action where you can define a custom error code. But this is then only useful if you invoke your action via JsonRPC.
You can also throw a PSX\Http\Exception\StatusCodeException where the HTTP status code gets used as error code and it works for both RPC and REST calls.
Regarding OAuth2 currently it is not possible to use a different OAuth2 server since all App/Scope Token handling is deeply integrated into Fusio, so I dont see currently a way to use an external authorization server.
best regards
Christoph