A customer is implementing MAG 4.1 + OTK 4.2 + Gtw 9.3 with two nodes (in cluster) and API Portal 4.2.x.
They have different business units, where each one must have one or more mobile applications using MAG and each business unit has its own authentication repository (LDAP or database).
How can they achieve this goal? What is the best practice in this case?
1 - Custom grant types for each business unit?
2 - Creating different Instance Modifiers for OTK and MAG for each BU?
3 - Any other suggestions?
Thanks for your help.