Third party authorization server


#1

Hi, i have a case i’d like to solve with Tyk
or at least know if i have a chance

I wish for an application to use tyk gateway without using client credentials to access another application,
but giving an existing Oauth2 token.
I can’t use Tyk built in Authorization server, because it doesn’t support the token exchange feature.
Therefore i need an external Authorization server
Edit : even if Tyk’s embedded Authorization server were to support the token exchange, it would not work because the token to exchange is coming from another Authorization server

Here is a example of what i wish :
https://www.websequencediagrams.com/?lz=dGl0bGUgVG9rZW4gZXhjaGFuZ2UgVHlrR2F0ZXdheQoKcGFydGljaXBhbnQgVXNlciBhcyBVAAkNQXBwMSBhcyAxAAgOdXRob3JpemF0aW9uIFNlcnYANgZJRFAAGw5UeWsgAGcHIGFzIEcATBAyIGFzIDIKCgpub3RlIG92ZXIgMTp0aGlzIEFwcCBpcyBPSURDIHByb3RlY3RlZApVLT4xOgCBJQVnb2VzIHRvIHRoZSBhcCB3aXRoIElEXG5hbmQgQWNjZXNzIHQAgXQFZnJvbSBJRFBcbihzaW1wbGlmaWMAgTMFKQBfFndhbnQgdG8gZG8gYSBjYWxsIG9uAF8HcDJcblVzaW5nAHEFQVBJIGcAgkQGXG5vbiBiZWhhbGYgb2YAgQ8FdXNlcgoxLT5JRFAxOnJlcXVlc3QAgQsHAIMCCQCBFgVBUFAxIHRvAEoFAIMSB1xuKHNraXAgc29tZSBkZXRhaWxzKQpJRFAxLS0-MTpyZXR1cm4gYQCBWQ1vcgCBBQwsXG4Agg0FAEIGADoJMS0-RzoAgU8FdQCBQgUAJxwKRwCBNgcAgkEGaW50cm9zcGVjAIIYBXZlcmlmeQCCdwYAgmILAIEcCEcAgRwIT0sKb3B0IG9wdGlvbm5hbAogICAgAFEIIGdldACCIwVpbmZvIChiZWNhdXNlAINNBQCDNQZnb3QAg1sFb3BlbmlkIHNjb3BlKQA-BQBfCQA3DAplbmQKRy0-MjpBUEkgQ2FsbCBpbiBodHRwIChmb3Igbm93KVxuIG5leHQgc3RlcCA6XG4tIGFkZACDKAVJRCBpAINjBmhlYWRlclxuLQCDfwVub3RoZXIAgywPCjIAgWEFMjAwIE9LCkcAgxIFAAYHCgo&s=rose

I saw the identity broker feature, but i’m not sure that’s what i wish.
Do i have a chance, or should i find another way to solve my issue ?

I read Tyk gateway / Tyk Idenitity Broker conenction to Oauth2
but i didn’t found a hard yes answer

Thanks of for any help