I like mTLS, I've worked in scenarios where both mTLS and OAuth are used separately and together, but if the comment here is suggesting certificates will be less complicated than OAuth then I would say I spent an equal amount of time banging my head against the wall with regards to learning and wrangling both, but maybe that's just me, would appreciate anyone else with experience in both to add their take.