We are building a new auth service right now while we have opaque tokens in place currently and searching for the best methods to use