About OTK, is it possible to acquire logs (including user information etc.) when performing authentication? 

In the meaning of "authentication" in OAuth, there are two meanings of "authentication of user (resource owner)" and "authentication of" OAuth Client.


Authentication of "user (resource owner)" is done with API of /login.
By executing the API, execution of authentication is performed with "OTK User Authentication" encapsulation assertion.
If authentication succeeds with this assertion, resource owner information is output with ${current.username} or ${resource_owner}.


Authentication of API Client is done with API of /token.
By executing the API, authentication is performed with the "OTK Client Authentication" encapsulation assertion.
If authentication succeeds with this assertion, Client ID information will be output with ${client_id}.

These variables can be output to the log in the following way.
  -Create a policy with an Add Audit Details Assertion

  -Specify ${resource_owner} or ${client_id} within the add audit details assertion to log the resource owner and client id.