You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Basically, this describes a process of exchanging one token for another. In our flows, it is exchanging an id_token for an access_token to downstream services. The downstream services are APIs. id_tokens are NEVER to be used as a means to access APIs. id_tokens are ingested into a rules engine that determines what level of access is to be granted, and that results in a brand new access_token being minted. That new access_token is our bearer token.
An example of implementing a custom exchange can be found here