PFA attached document on steps needed to make Layer7 with OTK act as OAuth Provider and Ca SSO as OAuth Client. There is some useful info about OAuthStateDataCookie in it as well which is not documented any where.
A sample policy using the 'Retrieve OAuth 2.0 Token' Assertion with the Client Credentials and Resource Owner Password Credentials grant types. This policy makes use of the OAuth 2.0 test clients (id/secret). For the Resource Owner Password Credentials the Resource Owner ID/PW...
no search term matches found in comments.