-
|
Hello guys! We are planning to move from "another oauth2 server implementation" to Ory Hydra. We've installed and setup Hydra and our application as Identity Provider, everything is working fine and we're almost happy :) But we have a bunch of clients, that have access_tokens and refresh_tokens, and they just renew access_tokens when they are close to expire, so it would be inconvenient for them to go through auth process again. So we would like to know if there a way to insert auth data like access_tokens and refresh_tokens to the Hydra MySQL database? I've reveiwed Hydra MySQL scheme and didn't find any plain access_tokens. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 4 replies
-
|
There is probably a way to do it but the safest and best practice would be to go through the auth process again. |
Beta Was this translation helpful? Give feedback.
-
|
Yeah, I completely understand it. But we still stick to a seamless transition. Could you please help us by pointing where to look? Do I understand that under the hood you use Ory/Fosite and its internal memory storage to keep tokens? |
Beta Was this translation helpful? Give feedback.
-
|
I found this article https://www.ory.sh/hydra/docs/security-architecture/ it's said that tokens are not stored in SQL. so, is there a way to add access_tokens into that another not-sql storage? |
Beta Was this translation helpful? Give feedback.
-
|
Nevermind, I found out how this key.token thinks works |
Beta Was this translation helpful? Give feedback.
-
|
Sorry I missed your question. |
Beta Was this translation helpful? Give feedback.
There is probably a way to do it but the safest and best practice would be to go through the auth process again.
I can understand that this might be an inconvenience , but this will ensure sensitive data is protected and also stays in the future.