Hmm, I don't know enough to give you a confident answer yet. However, based on the information provided in the knowledge sources, there could be several reasons why your access tokens are not being stored as expected. One possible reason could be a misconfiguration in your OAuth 2.0 flow. For instance, if you're using an implicit or hybrid flow, or the

client_credentials

grant, these methods do not return a refresh token, which could potentially affect the storage of access tokens as well [source](https://www.ory.sh/docs/hydra/debug#oauth-20-refresh-token-is-missing). Another possibility could be that the OAuth 2.0 Client making the request isn't allowed to grant type

refresh_token

, which might also affect the storage of access tokens [source](https://www.ory.sh/docs/hydra/debug#oauth-20-refresh-token-is-missing). It's also worth noting that Ory uses opaque tokens for refresh tokens because they must be immediately revocable if needed [source](https://www.ory.sh/docs/oauth2-oidc/jwt-access-token#refresh-tokens-are-always-opaque). For more detailed debugging, you might want to switch your project to development mode to get more information in the response [source](https://www.ory.sh/docs/hydra/debug#oauth2token-endpoint-fails-for-jwks-based-client). I would recommend checking your configuration and the OAuth 2.0 flow you're using. If the issue persists, you might want to consult the [Ory Hydra documentation](https://www.ory.sh/docs/hydra/) or seek help from the Ory community.

Based on the information provided in the knowledge sources, your client configuration seems to be correct for the Authorization Code flow. The

authorization_code

grant type is appropriate for this flow, and including

code

in the response types is also correct [source](https://www.ory.sh/docs/hydra/debug#openid-connect-id-token-missing). The

openid

and

offline_access

scopes are necessary for obtaining an ID token and a refresh token, respectively [source](https://www.ory.sh/docs/oauth2-oidc/authorization-code-flow#get-a-refresh-token). The

offline

scope you mentioned is not standard in OAuth 2.0 or OpenID Connect, but if it's a custom scope defined in your system, it should not cause any issues with the storage of access tokens. The audience field being empty should not cause any issues with the storage of access tokens. The

aud

(audience) claim in a token is used to identify the recipients that the JWT is intended for. If it's not explicitly set, it usually defaults to the client ID of the client that requested the token. However, it's important to note that in Ory Hydra, access tokens are not stored in the database for security and performance reasons. Instead, Ory Hydra issues self-encoded access tokens and validates them without needing to store them [source](https://www.ory.sh/hydra/docs/concepts/tokens/). If you're experiencing issues with access tokens, it might be due to other factors such as token expiration, token revocation, or issues with the client or user authentication. I would recommend checking these aspects and consulting the [Ory Hydra documentation](https://www.ory.sh/docs/hydra/) for more information.