Hi Matt, [This](https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/basic.multi_auth_conf) might be helpful to you.

Mohib, the link you provided in the response is helpful and may be part of the solution we are looking for, but what I am really looking for is a way to configure Gluu to read from different user repoos and construct a token full of claims that are aggregated from multiple user repos. I realize this may not be possible because how would Gluu know that user1 in user repo1 is in any way related to user1 in repo2. Gluu would have to know the two users are linked before it could even attempt to aggregate attributes from both into claims for a token. Any further insight you can provide into dealing with this type of solution would be helpful.

In order to release claims we need to put these users claims (attributes) to Gluu internal LDAP. We uses Cache Refresh (CR) process which periodically check for specified attributes changes in organizations LDAP and copy these attributes to internal LDAP. This CR process can also works with RadiantOne VDS server. It can send update request to specified VDS server to trigger user entry update. There is an alternative. In Gluu server there are dynamic scopes. If you client request this scope oxAuth calls dynamic script to get these claims. Here is [sample script](https://github.com/GluuFederation/oxExternal/blob/master/dynamic_scope/sample/SampleScript.py). In this script you can implement logic to get data from any source. Hence you can do: - use CR + VDS to put data into Gluu LDAP to release required claims - use dynamic scopes to implement custom logic to get these claim

Yes, thank you Yuriy. This is exactly the kind of flexibility we were looking for, I will dig into this and see where it takes us. Thanks!