Hi, I am using Ory network with OAuth2 from a Java/Kotlin application. The Ory project is using a custom domain. To implement a custom consent endpoint I want to call the

getOAuth2ConsentRequest

method of the Hydra Java client (v2.2.0). To authenticate I created an API Key in the Ory Console and this key works when accessing the Ory REST API with Postman. But when using the Java SDK the authentication does not work and the following sample code results in a 401:

Access credentials are invalid

.

public static void main(String[] args) {
    var basePath = "<https://my-customer-domain.net>";
    var apiKey = "ory_pat_******";
    var consentChallenge = "some-challenge";

    ApiClient defaultClient = Configuration.getDefaultApiClient();
    defaultClient.setBasePath(basePath);
    defaultClient.setBearerToken(apiKey);

    OAuth2Api apiInstance = new OAuth2Api(defaultClient);
    try {
      OAuth2ConsentRequest result = apiInstance.getOAuth2ConsentRequest(consentChallenge);
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling OAuth2Api#getOAuth2ConsentRequest");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }

After some debugging I saw that it seems that the authentication defined in the

ApiClient

by

defaultClient.setBearerToken(apiKey)

is not used by `OAuth2Api.getOAuth2ConsentRequestCall()`and thus the Authentication header is not set in the HTTP request. Did I miss something or is this simply a bug? Any help is appreciated Klaus

When developing against Ory Network, use this SDK: https://github.com/ory/client-java

Wow, there is really now clear documentation about this. It seems that at least the Bearer token is now sent, but now I get a 404 on URL

https://<my-custom-domain>/admin/oauth2/auth/requests/consent

Any ideas?

Can you DM me the details?