Roel

when you say public domain what exactly do you mean?

you wouldnt need oauth2 or any authentication if they are open web services.

oauth2 while not crazy complex needs a little work.
You will need a user database of sorts for all the possible users and possibly information on what APIs they are allowed to access

then you would need an authentication endpoint that shows a login and handles the authentication and returns an auth code and your state value and redirects the user to the supplied url
then you need an endpoint to exchange the auth code for an auth token that can then be used to authenticate api calls

oauth2 is probably overkill for what you want to do.

if you just need simple authentication you could use a simple basic http authentication with a database of authentication codes and force HTTPS to ensure transport level encryption