Hi,

Currently it is not possible to get the access token when logging in to Universal/Indicium and use it in your application.

The OpenID provider registered in IAM (used for logging in), might be a different app registration compared to the OAuth server configured in the Software Factory for your application.

It might even have different API permissions.

Note: That even if we did figure out the client_id and all settings where the same - the access token created during the login process might already be expired when it would be used in the application, because access tokens have an expiration date.

This means that the access tokens returned by the OpenID provider in IAM, can not be easily re-used by OAuth servers configured in the SF, even when the issuer is the same).

That being said, when used the “OAuth user login” in your process flow, it is possible to set the input parameter “Use prompt” to “No”. In that case, when the “OAuth user login” is started, it will show the “Signed in successfully” page of Indicium - which will automatically close after 5 seconds and the process flow will continue without any user interaction.

This can be seen below in the gif. I logged into this Universal gui through my Microsoft account - it does show a popup, but no Microsoft account has to be selected.

Does this sufficiently answer your question?

Hello,

Thank you for your example but is still does not match my requirements since if the user has already stored more than 1 Microsoft account in the browser then the same pop up for selection appears.