If you login to an application to get an access token in a user identity context i.e. not client credentials grant, can the application access multiple custom authorization servers on the same Okta tenant instant? or should an application only use a single custom authorization server for an Okta tenant (in user identity context)?
For Example, We have two API Products, and scopes for those APIs are defined in different custom Authorization servers.
CustomAuthServer1:
Issuer: https://dev-#####.oktapreview.com/oauth2/aus8zlpy8i8IaiccN0h7
Scopes: team.photos.read team.photos.readwrite team.photos.private
CustomAuthServer2:
Issuer: https://dev-#####.oktapreview.com/oauth2/aus9879046CkVDWt5
Scopes: im.contacts.read im.contacts.readwrite im.contacts.private
How can an application request an access token (on user behalf) for scopes when users login if they are defined in different custom authorization servers?