Keeping track of tokens
When building a UI or application that potentially performs actions across different projects or even domains, there is a concern about how to keep track of the various tokens that get generated.
For example, a user may initially get an unscoped token, then get 3 different project scoped tokens from that token to perform various project specific operations.
What is a good practice to be able to perform the appropriate house keeping of these tokens? In the situation above, there are 4 tokens. In Horizon for example, which one gets DELETED when doing a sign out? What happens to the others?
In particular if PKI tokens are used, keeping those around may become problematic due to the size, if carried around through cookies.