Add Option to Keep OAuth access even when "Disable Personal Access Tokens" is selected

Background

Currently brought up here - internal only. Let's use this issue to discuss whether the current behavior is as intended or if we should consider a change. At the very least we should update our docs to make this more explicit.