We recently switched a REST API resource from passing a shared secret in an HTTP header to using OAuth2 authentication. We're using Google as the auth provider and it appears we're using fairly standard configuration. When a user accesses an app with that resource, they are prompted to go through the OAuth2 consent flow.
Here's the bug. When the app has a module with that resource no prompt loads, the user cannot authenticate via OAuth2 and the resource is unusable.
We're happy to provide details on those modules, etc. There are no debugging logs to report with regards to a failure to initiate the OAuth2 prompt.
These posts (here, here and here) report the same kind of behavior of no prompt initiating, but the solutions are not relevant given the error is localized to modules and not apps directly using the REST API resource.