I am using Auth Code Flow and the OpenIdConnectAuthenticator to authenticate users in my app against my identity provider. However, I also need to make a separate call to another web resource, Amazon S3, in order to get access credentials. To do this, I need access to the tokens that are returned as part of the initial authentication flow. It doesn't look like the API exposes these tokens. Is this something that could be exposed for such a purpose?