Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

I have a question, I'm trying to use Ory/Hydra as an IdP Broker (federating mutiple IdP [Custom OAuth2, Google Workspace OIDC, ...]). I've built a web page with all the "Login with XXXX" links. I get the Access token &amp; Refresh Tokens but i'm still struggling to understand how to properly refresh the token. Does Ory calls the /login page on login-concent-app while refreshing ?

I'm not sure because I'm quite new to hydra. But I think Hydra does not act as an identity broker. Hydra can create/sign/revoke tokens. But it can not federated to others. Hydra is one Idp in the list next to Google, Microsoft, Github, etc.

Using hydra you can only validate tokens that were issued by hydra. Hydra will not validate or revoke tokens that were issued by another Idp.

If you are looking for a Oidc Broker then <https://dexidp.io|https://dexidp.io> may be something for you.