We want to restrict the API access to eDirectory, by using the logged in user credentials, and only allow the user security context.
It is possible to do that using NMAS login method, for example, the SAML login method.
We want to be able to use OAuth access token for logging into eDirectory. I believe eDirectory will have to implement rfc7628 for that.
This is also required for products like SSPR - please refer to this thread: