So our company setup has several application which use Okta. We have created a single sign-in page which is using the Okta widget. We are customizing the redirect uri based on the origin uri. One of the application needs to use the access token to call a web api for authorization. Since the login page is on a different domain (a.com) than the application (b.com) what would be the best approach to accessing the access token?