I am creating OAuth API endpoints for external clients, specifically for infosec scanning and logging tools like Splunk or Palo Alto SSPM or Valence.   I want to I grant the respective service accounts both admin and snc_read_only roles.  

However I think this blocks the ability to register the client, create the auth token, or update refresh tokens.
Should I add the oauth_credentials table to glide.security.snc_read_only_role.tables.exempt_write ?
What other tables might I need to add to allow a proper integration?

https://www.servicenow.com/docs/r/platform-administration/user-administration/c_ReadOnlyRole.html

Once the integrations have been established the records on User table would be toggled from Human to Machine.