Is it possible to update the environment and/or oauth2 configuration to limit the access token validity to the environment that created it?

Assuming that Org "O1" has two environments "E1" and "E2"

Currently, if a token is created on environment "E1" with scope S1, we can use the same token to access products in the "E2" environment which allow scope S1.

I read the one post the suggests to limit the products into one environment and create two product, one for E1 and another for E2, but this is not feasible if we have a growing number of products and we have to make sure that whoever is designing the product is familiar with the oAuth Tokens and how they work and go against the normal product creation screen of ticking the check-boxes for the environments they need the product available on.