Hi, Let me provide detailed description .
our Scenario has two gateways with one acting as external and the other as internal gateway, now in a same way external gateway has OTK & it is the first point of interaction with any outside application, so application will be hitting external OTK for any kind of oauth related operation. Now we do not want to perform any kind of Oauth operation on external OTK except accepting request from applications & forwarding them to internal OTK(gateway) where all the Oauth operation will be performed as in token generation,validation etc.
Does this scenario make sense? please provide any inputs on achieving this scenario.
thanks