I want to implement a custom authenticator for /oauth2/token, Where along with grant_type, username, password, and scope will pass one more parameter OTP and that will be validated with custom logic.

Is there any way of verifying additional parameters with external custom logic?

I can see in WSO2 docs, Writing a Custom OAuth 2.0 Grant Type but that will verify the additional params internally.