About OTK, is it possible to acquire logs (including user information etc.) when performing authentication? 

CA API Gateway 
CA API Management OAuth Toolkit 

In the meaning of "authentication" in OAuth, there are two meanings of "authentication of user (resource owner)" and "authentication of" OAuth Client ".


Authentication of "user (resource owner)" is done with API of / login.
By executing the API, execution of authentication is performed with "OTK User Authentication" encapsulation assertion.
If authentication succeeds with this assertion, resource owner information is output with $ {current.username} or $ {resource_owner}.


Authentication of API Client is done with API of / token.
By executing the API, authentication is performed with "OTK Client Authentication" encapsulation assertion.
If authentication succeeds with this assertion, Client ID information will be output with $ {client_id}.

These variables can be output to the log in the following way.
  . Create Policy with Add Audit Details Assertion

  .Set up Traffic Log at log sync and set the cluster property trafficlogger.detail
Specify $ {resource_owner} or $ {client_id} in