Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jan 31 2019 19:29
    leeh starred ory/hydra
  • Jan 31 2019 19:05
    metallurgical starred ory/hydra
  • Jan 31 2019 16:15
    efesler starred ory/hydra
  • Jan 31 2019 13:12
    tdseed starred ory/hydra
  • Jan 31 2019 02:33
    LeonardoTeixeira starred ory/hydra
  • Jan 30 2019 23:59
    Pettsu starred ory/hydra
  • Jan 30 2019 22:26
    aeneasr commented #1275
  • Jan 30 2019 18:13
    DJviolin starred ory/hydra
  • Jan 30 2019 12:22
    dushyantgohil commented #1275
  • Jan 30 2019 12:17
    aeneasr closed #1275
  • Jan 30 2019 12:17
    aeneasr commented #1275
  • Jan 30 2019 12:08
    dushyantgohil opened #1275
  • Jan 30 2019 11:21
    nikolaia starred ory/hydra
  • Jan 30 2019 10:40
  • Jan 30 2019 10:39
    inkebear starred ory/hydra
  • Jan 30 2019 10:16
    cbrevik starred ory/hydra
  • Jan 30 2019 10:15
  • Jan 30 2019 10:15
    safeoy starred ory/hydra
  • Jan 30 2019 08:59
    boljen starred ory/hydra
  • Jan 30 2019 03:25
    vienvu89 starred ory/hydra
Vince Verberckt
@vinceve
Hi, what's the lifetime of a refresh token?
Michel Aquino
@michelaquino

Hi guys, I'm trying to revoke a token using the Go SDK, but an error is occuring
The client that I'm using, has permission to revoke.

Hydra logs:

level=error msg="An error occurred" debug="HTTP Authorization header missing or invalid" error=invalid_request hint="Make sure that the various parameters are correct, be aware of case sens
itivity and trim your parameters. Make sure that the client you are using has exactly whitelisted the redirect_uri you specified."

Someone has an ideia what is happening?

hackerman
@aeneasr

this channel is no longer active please go to https://discord.gg/PAMQWkr

springe2004
@springe2004
how about run hydra on window withdow docker
hackerman
@aeneasr

this channel is no longer active please go to https://discord.gg/PAMQWkr

JorgeRenAscend
@JorgeRenAscend

Hey, everyone, how are you?
i am evaluating to use Ory Hydra at my current job and so far it looks really good, but i have a complex use case and i want to know if it is possible to solve it with Hydra.
Basically, what i want to implement is implement the Trusted Master Access Delegation Pattern described in the book Advanced API Security by Prabath

that in general says

"The APIs are hosted in different departments, and each department runs its own OAuth authorization server due to vendor incompatibilities in different deployments. Company employees are allowed to access these APIs via web applications while they’re behind the company firewall, regardless of the department to which they belong.

All user data is stored in a centralized Active Directory, and all the web applications are connected to a centralized OAuth authorization server (which also supports OpenID Connect) to authenticate users. The web applications need to access back-end APIs on behalf of the logged-in user. These APIs may come from different departments, each of which has its own authorization server. The company also has a centralized OAuth authorization server, and an employee having an access token from the centralized authorization server must be able to access any API hosted in any department."

9781430268185_Fig14-06.jpg
Is it possible to do this kind of Trusted Master Access Delegation?
i want to use Ory Hydra as our Master
Xianzhen
@foresx
hi, I am new to hydra. I'm using third party like azure active directory to integration with hydra. I'm using spring security oauth2 client, but I can't find a way to perform accept login request when I using Oauth2 flow, cause I can't get login_challenge in spring, and I can't find any sample of that, can some one help me out with that?
kingswim
@kingswim
any one here?
I have a problem:I followed the oauth2 initial flow with the default login and consent app,after i successful authenticate,I jump to the same oauth2/auth ,but still need to pass login provider and consent provider.
Is it impossible to avoid jump to login provider and consent provider
Karbal
@karbal
hello
Karbal
@karbal
plz give me one simple login with email and password
one simple exemple
Lê Văn Thịnh
@ThiinhUET
hey guys. i need help with http://127.0.0.1:4444/oauth2/token
let body = JSON.stringify({
code: req.query.code,
client_id: 'auth-code-client',
grant_type : 'authorization_code',
client_secret: 'secret',
});
fetch(config.Hydra.PublicUrl+ '/oauth2/token', {
    method: 'POST',
    body: body,
    headers
  })
  .then(r => r.json())
  .then((body) => {
      res.send(body);
})
this is my fetch call and i get
{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed","error_hint":"Request parameter \"grant_type\"\" is missing","status_code":400}
can anyone help me please
matrixbot
@matrixbot
pahomich R
matrixbot pahomich
cd316
@cd316
does ory hydra support encrypting the access token using JWE spec (per strategy access_token: jwt )
Níko Escobar
@NikoEscobar

Hi. how are you doing guys, I'm having an issue, do you guys have an idea of what might be the cause?

You are seeing this page because configuration key urls.error is not set.

I forgot how to do a search on a gitter chat history, would be a good way of finding if anyone has ever made this question before '-'