@chilly-king-10285 Going through the OAuth2 flow with Ory Hydra results in the user receiving an opaque Access Token as expected, but when trying introspect this (either manually through Insomnia, or through the SDK used in our middleware) we get an array of false/null values, like the following:

#container: array:14 [
    "active" => false
    "aud" => null
    "clientId" => null
    "exp" => null
    "ext" => null
    "iat" => null
    "iss" => null
    "nbf" => null
    "obfuscatedSubject" => null
    "scope" => null
    "sub" => null
    "tokenType" => null
    "tokenUse" => null
    "username" => null
  ]

The client being used has the following configuration, which resulted in a functioning system a few weeks ago:

{
			"client_name": "ClientName",
				"redirect_uris": [
						"<http://127.0.0.1:3001/callback>"
				],
				"grant_types": [
						"authorization_code",
						"refresh_token",
				],
				"response_types": [
					"code",
					"id_token",
				],
				"scope": "offline_access offline openid",
				"audience": [],
				"owner": "",
				"policy_uri": "",
				"allowed_cors_origins": [
						"<http://127.0.0.1:3001>",
						"<http://127.0.0.1:5173>"
				],
				"tos_uri": "",
				"client_uri": "",
				"logo_uri": "",
				"contacts": [],
				"client_secret_expires_at": 0,
				"subject_type": "public",
				"jwks": {},
				"token_endpoint_auth_method": "client_secret_basic",
				"userinfo_signed_response_alg": "none",
				"created_at": "2023-10-23T12:45:50Z",
				"updated_at": "2023-10-23T12:45:49.702943Z",
				"metadata": {},
				"skip_consent": false,
				"authorization_code_grant_access_token_lifespan": null,
				"authorization_code_grant_id_token_lifespan": null,
				"authorization_code_grant_refresh_token_lifespan": null,
				"client_credentials_grant_access_token_lifespan": null,
				"implicit_grant_access_token_lifespan": null,
				"implicit_grant_id_token_lifespan": null,
				"jwt_bearer_grant_access_token_lifespan": null,
				"refresh_token_grant_id_token_lifespan": null,
				"refresh_token_grant_access_token_lifespan": null,
				"refresh_token_grant_refresh_token_lifespan": null
		}

My dockerised Hydra gives the following Logs when a request to this introspect endpoint is made:

2024-06-03 14:51:26 time=2024-06-03T13:51:26Z level=info msg=started handling request http_request=map[headers:map[accept:application/json content-length:100 content-type:application/x-www-form-urlencoded user-agent:OpenAPI-Generator/1.0.0/PHP] host:host.docker.internal:5445 method:POST path:/admin/oauth2/introspect query:<nil> remote:192.168.65.1:53727 scheme:http]

2024-06-03 14:51:26 time=2024-06-03T13:51:26Z level=info msg=access denied audience=application error=map[debug:not_found message:request_unauthorized reason:Check that you provided valid credentials in the right format. status:Unauthorized status_code:401] http_request=map[headers:map[accept:application/json content-length:100 content-type:application/x-www-form-urlencoded user-agent:OpenAPI-Generator/1.0.0/PHP] host:host.docker.internal:5445 method:POST path:/admin/oauth2/introspect query:<nil> remote:192.168.65.1:53727 scheme:http] service_name=Ory Hydra service_version=v2.2.0-rc.3

2024-06-03 14:51:26 time=2024-06-03T13:51:26Z level=info msg=completed handling request http_request=map[headers:map[accept:application/json content-length:100 content-type:application/x-www-form-urlencoded user-agent:OpenAPI-Generator/1.0.0/PHP] host:host.docker.internal:5445 method:POST path:/admin/oauth2/introspect query:<nil> remote:192.168.65.1:53727 scheme:http] http_response=map[headers:map[cache-control:no-store content-type:application/json;charset=UTF-8 pragma:no-cache vary:Origin] size:17 status:200 text_status:OK took:1.4455ms]

Why are my Access Tokens returning an array of null values? And how can I fix this?

A message from kapa.ai

Perhaps that information dump was a bit optimistic 😂