I now have a NodeJS REST API. It is CRUD service. Does anyone know how to secure/protect my APIs step by step with wso2 OAuth2?
If you simply want to protect your REST API with OAuth2 use the WSO2 API Manager.
You can follow the quick start guide to get started. Details related to adding your API and enabling OAuth2 protection is mentioned here in the quick start guide.