I have a question, I'm trying to use Ory/Hydra as an IdP Broker (federating mutiple IdP [Custom OAuth2, Google Workspace OIDC, ...]). I've built a web page with all the "Login with XXXX" links. I get the Access token & Refresh Tokens but i'm still struggling to understand how to properly refresh the token. Does Ory calls the /login page on login-concent-app while refreshing ?
01/22/2022, 12:23 AM
I'm not sure because I'm quite new to hydra. But I think Hydra does not act as an identity broker. Hydra can create/sign/revoke tokens. But it can not federated to others. Hydra is one Idp in the list next to Google, Microsoft, Github, etc.
Using hydra you can only validate tokens that were issued by hydra. Hydra will not validate or revoke tokens that were issued by another Idp.
If you are looking for a Oidc Broker then https://dexidp.io may be something for you.