Current NAM doesn't support for configuring an authentication contract to a specific OAuth client application. For Authorization code flow to select a specific authentication contract the client application need to send the acr_values parameter in the initial request. NAM OAuth server doesn't validate if the acr_values are for a particular OAuth Client. It would be helpful if we have an option similar to step up authentication for SAML SP connections even for a OAuth client application.