OAuth Token pinning/friend-names/aliases

Here is the use case:
Tech 1, “Mr. A” creates an Oauth consent for Tenant 1 and uses it in a deployment scoped to the tenant.
Tech 2, “Mr. B”, is working on a deployment for Tenant 2, and uses an “existing token” when prompted for consent.
When “Mr. B” looks at the available tokens, it is unclear which tokens are for which tenants.

If Mr. B picks the token for Tenant 1, it will produce unexpected results, such as the machine for Tenant 2 joining Tenant 1.

The feature request would be a way to either scope a token to a tenant (like software keys can be), or to display the tenantID/name in the Oauth token selection, or let the token creator add a friendly name so other techs are clear which is associated with what.

Really appreciate all the work that’s gone into getting the OAuth flow working. It’s a big improvement. But a tenant identifier is necessary in order for it to be reasonably maintainable at any kind of scale.

Perhaps the token tab moves to be a tab under each individual tenant?