I have this situation where I have multiple identities associated with a single username. When I login I redirect to a custom page using the rules and let my client choose the identity they want to proceed with. Now the issue is how to uniquely identify the identity for the user logging in, since I can have multiple sessions where different identity should be accepted. I thought of binding the identity to my access token, is it the right way? Do you have any suggestion around my use case?