Hey, we are using CA OTK 3.4 and are trying the authorization code grant flow. If we are using external logon service, how can we associate the resource owner to the access token?
For example, on calling authorize endpoint, the flow will be redirected to our own external logon service, where our member abc can be authenticated with the credentials. Some security cookie will also be generated to show that the member is already authenticated. Once the access token is generated by the authorize call, is there a way for OTK to associate the member abc, also is the resource owner, to the access token? It seems now the access token is saved with the test client in the token store and it will be overwritten with new access tokens.
Can we use the l7otk2a cookie to add the resource owner, and save the access token with the resource owner?
Thanks for your helps!