We have our own OpenID Connect Server (OAuth2) and our applications can talk directly to it to obtain access_tokens. What would be the easiest way to just add the Authorization bearer header check to registered APIs within TYK? This check should consist of calling the OpenID Introspection endpoint and verifying the response. Ideally we want the response, if valid, to be cached locally within TYK to avoid too many round trips to OpenID. Basically we want to put the API Manager in front of our Resource Server.