We followed this article https://knowledge.broadcom.com/external/article/258505/remove-resource-field-from-authoauthv2to.html and we realized the order and number of assertions are different. We are running OTK 4.6.2 on apigw v11 and jwt is enabled. For these reason we added the following values in a different way into clientResponse variable. 

Apparently it works fine however let us know if this proposed solution is safe to our use of jwt and we will not have problem with any grant type or you might have another workaround or solution to disable the resource field?