Is it possible to generate a [delegated](https://www.rfc-editor.org/rfc/rfc8693.html) or [impersonating](https://www.rfc-editor.org/rfc/rfc6750.html) token on behalf of the user upon login, similar to what MEG ([Myproxy](https://docs.globus.org/guides/overviews/security/authorization-authentication-v4/) Enhanced GSI-SSH) did with [GSI credentials](https://www.rfc-editor.org/rfc/rfc3820.html)?
Is it possible to generate a delegated or impersonating token on behalf of the user upon login, similar to what MEG (Myproxy Enhanced GSI-SSH) did with GSI credentials?