Need support for "Layer 7 API gateway version 10" for some reason
Whether Api gate v10 (OTK 4.4) support Opaque token?
Opaque token requirement:
The opaque token is a random unique string of characters issued by the authorization server. It is one of the possible formats that access tokens or refresh tokens can take. The opaque token does not pass any identifiable information on the user so it’s impossible for the resource server to make any authorization decisions based on the opaque token itself. The opaque contains an identifier to information stored on the authorization server. To validate the token and retrieve the information on the token and the user, the resource server calls the authorization server and requests the token introspection.
Release : 3.4
Component : Integration with APM
The token is Opaque tokens are UUIDs they are random unique string of characters issued by the authorization server.
It can be encrypted, but OAUTH tokens do not require encryption in the OTK database because they are random UUID's generated as opaque tokens and not related to any identifiable client info.
"Is that any service\end point (like introspection url) available to exchange opaque access token with JWT access token?"
It is either Opaque or JWT. And there is NO endpoint/service for exchanging the Opaque for JWT.
Note you can look into customizes end point: Either add a separate endpoint for this exchange (Opaque to JWT and vice versa) and leverage that appropriately before calling any OTK endpoints (token, introspect/validate, etc.,) or they have to customize their OTK solution for this exchange.