https://www.ory.sh/ logo
Join Slack
Powered by
<@U04UQ68083H> I currently have OAuthkeeper, Hydra...
# ory-copilot
m
@chilly-king-10285 I currently have OAuthkeeper, Hydra, and Kratos installed on my setup. If I change user data in Kratos, such as my name, even the next time I update the access_token via refresh_token, I’ll still get the old name in the id_token. How can I ensure that the next time I update the access_token, the response will return a fresh id_token?
c
A message from kapa.ai
New message text here
m
@chilly-king-10285 Is there a ready-made solution?
c
A message from kapa.ai
New message text here
m
@chilly-king-10285 How can I differentiate in the token_hook handler whether the token is received by the client or the user?
c
A message from kapa.ai
New message text here
m
@chilly-king-10285 How do I change the header in Oathkeeper Mutator to determine whether it was a user or a client?
c
A message from kapa.ai
Based on the provided knowledge sources, Ory Oathkeeper’s mutators (such as the 
header
mutator) allow you to set headers using Go templates that have access to the 
AuthenticationSession
struct. This struct includes fields like 
.Subject
and 
.Extra
, but the knowledge sources do not explicitly mention a built-in way to distinguish between a user and a client within the mutator template context. Typically, you might differentiate between a user and a client by how the subject is set (e.g., a user ID vs. a client ID), or by including custom claims or extra fields during authentication. If your authentication flow (e.g., via Hydra or Kratos) sets a distinguishing value in the session (such as a claim in 
.Extra
), you could use that in your header mutator template:
Copy code
yaml mutators:   header:     enabled: true     config:       headers:         X-Actor-Type: "{{ if eq .Extra.actor_type \"client\" }}client{{ else }}user{{ end }}"
However, the knowledge sources do not provide a ready-made or automatic way to set such a value; you would need to ensure your authentication process populates 
.Extra.actor_type
or a similar field accordingly [Header mutator documentation](https://www.ory.sh/docs/oathkeeper/pipeline/mutator#header). Summary: You can set headers conditionally in the mutator if your authentication process provides a way to distinguish user vs. client in the session data. There is no built-in or automatic mechanism in Oathkeeper for this; you must ensure the relevant information is present in the session for the mutator to use. If you need more details on how to populate 
.Extra
or similar fields, the knowledge sources do not provide explicit instructions.
m
@chilly-king-10285 Does oauthkeeper support returning response in grpc web format?
c
A message from kapa.ai
I'm sorry, but the knowledge sources do not contain information about Ory Oathkeeper (or "oauthkeeper") supporting responses in gRPC-Web format. The documentation does mention that Oathkeeper can be used as a gRPC middleware for Go applications, allowing it to handle gRPC traffic directly within a Go application, but it does not specify support for gRPC-Web, which is a protocol for browser-based gRPC communication [Oathkeeper gRPC middleware](https://www.ory.sh/docs/oathkeeper/grpc-middleware). If you require gRPC-Web support specifically, the knowledge sources do not provide enough information to confirm whether this is natively supported by Oathkeeper.
Open in Slack
PreviousNext
Powered by