Customize tokens returned from Okta with a dynamic allow list