Remote controller forwards trusted client aware calls on a federated scenario
When a client makes for example a token list request to a remote controller using a federated token, the remote controller responds with a "
Forbidden: this API client cannot manipulate other clients' access tokens." error message.
This most probably be due to the fact that federated tokens are cached on the remote controller's database but not linked to a trusted client.
The right solution would probably be to make controller forward those requests to the token issuing cluster so that from the client's perspective the operation is transparent.