Hi,
We have Auth0 added recently in our organization to support integration with external clients who have their own oAuth2.
Our clients “abc” and “xyz” has their own oauth2 implementations and we are able to add them in auth0 configuration and auth0 is able to do the authentication with authorization grant flow.
But the token returned by auth0 doesn’t say who the issuer is which means whether user is coming from “abc” or “xyz” signin. And also it doesn’t include the token from “abc” or “xyz” signin flow.
The reasons we need to know who the original issuer is because we we render ui differently (like displaying issuer company name, logo and hiding certain features). The reason we need accesstoken given by original issuer is that’s the token third party company “abc” or “xyz” uses to return additional information related to user info (purchase history, properties owned etc) when our apis call their apis.
So we need to hold that token. Where can we get this information from ?