Oauth inbound configuration on CPI cloud foundry

Experts,

I am trying to configure Oauth configuration for one of my iFLow for the sender system to use. I followed https://help.sap.com/viewer/368c481cd6954bdfa5d0435479fd4eaf/Cloud/en-US/6c052ce62b27449385d3e75aeeb08f05.html but even after that the iFlow clould be accessed by sender system(client posting HTTP messages)using Basic authentication without fetching a bearer token by simple using Basic Authentication and putting client secret and id I provided to generate token and the customer have shown that by simulating in Postman. Any help on how to restrict the client to not access the iFlow/Service without the token?

I followed https://blogs.sap.com/2019/10/18/technical-service-user-cloud-platform-integration-for-inbound-communication/comment-page-1/#comment-527251 but that is for client certificate which is not applicable in my case.

Thanks for your help in advance!