Hello Abhishek!
Thanks for you explanation. Am I right that you would like OTK User Authentication to accept an additional parameter that enables the policy to use a certain IDP? That is a good idea which we already have discussed here in the OTK team.
But please be aware that you would still have to modify that policy to handle a specific branch (IDP). OTK cannot know which IDP you may want to use and how you want to identify it.
As to your question regarding the database IDP, that should have its own branch within that policy.
CA Mobile API Gateway (MAG) leverages the same authentication methods as OTK. The only addition is that MAG supports social login. If an additional social login platform should be supported policy work is required.
Something we are looking into is that OTK User Authentication could include an empty encapsulated assertion especially made for customers. It would be installed but would not do anything by default. You as a customer could then implement the inside of it. For example, supporting a database backed IDP. Using this approach would allow you to add whatever you want but without touching the OTK policies itself.
Please let me know if you have any questions or other suggestions.