We are looking to create a pass through proxy for a SOAP service which has its own internal security service to generate tokens. I am trying to use the GenerateAccessToken to cache the token in Apigee. The credentials in use are associated with an app and product so are valid in terms of accessing the service. The call to the backend soap service returns the access token in a soap envelope and I have managed to extract the token successfully but the issue I am facing is related to the client_id as the only option is to set the request.formparam.client_id in the request but this results in the backend service failure as the soap payload is replaced by the formparams. I need to be able to reference the client_id in another location for this policy to pass but the documentation states that the only valid value for the ClientId element is - request.formparam.client_id. I have even used an assign message policy to try and set the variable (the variable is set as expected), but the policy still fails.

The trace shows variable read/assigned:

oauth_external_authorization_status oauthV2.failed oauthV2.OA2-GenerateAccessToken.failed oauthV2.OA2-GenerateAccessToken.fault.name oauthV2.OA2-GenerateAccessToken.fault.message apigee.metrics.policy.OA2-GenerateAccessToken.timeTaken 

I have used jwt.io to validate the token and there is no issue with that. 

Is there anything that anybody knows of that could help with this issue?