tl;dr: Cloudflare has opened self-managed OAuth to all customers, letting developers create their own OAuth applications for delegated API access instead of relying on API tokens. To support this, they upgraded their underlying Hydra OAuth engine through a staged 1.X then 2.X migration, using a blue-green strategy with a Cloudflare Queues-based revocation replay system to avoid downtime. The upgrade yielded notable performance gains, including a 45% drop in P95 API latency and 37% lower CPU usage.