https://www.ory.sh/ logo
#talk-hydra
Title
# talk-hydra
e

early-dinner-11174

03/10/2022, 6:18 PM
@User you have to exchange the auth code for an access token
s

sticky-guitar-94474

03/10/2022, 7:53 PM
Hi @User thanks for the response I have found this API call to make to Hydra Public Endpoint I am not sure where can I get the refresh token? (using the code we received in the Previous step)
e

early-dinner-11174

03/10/2022, 8:02 PM
you don’t need a refresh token for this grant type
you may need to provide the client_secret depending on the client settings
Each client can set
token_endpoint_auth_method
when it is created. A public client can specify
none
which means it won’t have a client_secret and doesn’t need to auth on the token endpoint
The options are client_secret_post, client_secret_basic, private_key_jwt, and none.
client_secret_post - means you add
client_secret
as a body parameter to the token request
client_secret_basic - means you use client_id:client_secret as basic auth credentials to the token endpoint
private_key_jwt - I’ve not used this so I don’t know the details
do you know how your client is configured?
s

sticky-guitar-94474

03/10/2022, 8:07 PM
Ohh understood, So when I received the Code in the first step I should be making a call to the Backend Server to get me an Access Token Is that correct?
e

early-dinner-11174

03/10/2022, 8:07 PM
you can look it up in the admin api
yes
s

sticky-guitar-94474

03/10/2022, 8:08 PM
I am creating the clients, Right now I am playing around to get clear idea on the nuts and bolts of Hydra
@User Thanks for the info, I was able to get the Bearer Token and then used the standard introspection endpoint Also the Token endpoint itself to generate a new Bearer token using Refresh Token
3 Views