My service is virtualized on Mediator.
My consumer invoke my service by passing an access token from an OpenId Connect server.
My client expects that we extract the clientid from the token and validate that clientId is allowed to invoke the service.
We have implemented our own secutiy policy and I would like to know if there is an internal API (javadoc) to retrieve the list of consumerId allowed to invoke the service to compare to the clientId received.
Thank you in advance for any help