Hi @madax,
Yes, any M2M token that is issued for non-Auth0 APIs (i.e. anything not scoped to the management API or authentication API) will count against your quota, even if they are a third party.
We don’t currently have a built in feature for handling this, but there is a feature request you can upvote.