AM acts as an autorization server (AS) and Apigee is a Resource Server (RS).
All tokens are issued by AM. It doesn't matter which OAuth2 grant was used to issue token. However if you decide to use either client credentials or resource owner password grants, Apigee offers quite easy way of integrating those flows. Example of such integration can be found in Wayne's blog.
If you decide to use either authorization code or implicit grants, it is easier to issue token directly at external AS and just use the token to protect APIs at RS. If it is required to pass all requests through Apigee, then I suggest to proxy autorization and token endpoint to AS without trying to use any Apigee flows.
Creating a seamless session experience with OIDC
Instructions for using Apigee to Integrate ForgeRock AM With Your API Gateway
Instructions for protecting applications in the Pivotal Cloud Foundry Ecosystem.
Understanding OAuth 2.0 key rotation in AM
Using RegEx-Defined Scopes With OpenAM