Hello :wave: . I am testing out Oathkeeper and Hy...
# talk-oathkeeper
Hello 👋 . I am testing out Oathkeeper and Hydra set up locally using the
authenticator along with
mutator. While trying to use custom claims using the
example in the documentation - https://www.ory.sh/docs/oathkeeper/pipeline/mutator#hydrator, I am receiving a marshaling error for
using this response object as described in the documentation. Has anyone used a hydrator before and can share a working example?
Copy code
  "subject": "anonymous",
  "extra": {
    "foo": "bar"
  "header": {
    "foo": [
  "match_context": {
    "regexp_capture_groups": [
    "url": "<http://domain.com/foo>"
URL should not be a string, rather a struct
If you want to see what oathkeeper forwards (and also expects as a response), just set up the hydrator to send to a page like https://webhook.site/ and you can see the request body
👍 1
Updated the Hydrator url to this now instead of a string as https://mockbin.org/bin/cfd218b9-24c3-4a2c-81d1-a84001a27fc3 looking at the example in this threadhttps://github.com/ory/oathkeeper/discussions/942 . Unfortunately, that does not work either and fails with invalid json error. Do you have a working example to copy from?
I had a service (kotlin) which just had the model
Copy code
data class OryAuthenticationSession(
    val subject: String,
    val extra: JsonObject? = JsonObject(emptyMap()),
    val header: JsonObject? = null,
    val matchContext: MatchContext,
) {
    data class MatchContext(
        val regexpCaptureGroups: JsonArray,
        val url: JsonElement,
        val method: String? = null,
        val header: JsonObject? = null,
is just any json type, and the input would just modify the extra field with
Copy code
override suspend fun hydrateAuthSession(rq: OryAuthenticationSession): OryAuthenticationSession {
        val mapping = repository.findBySubject(rq.subject) ?: throw UnauthorizedException("No such mapping for subject")

        val modifiedExtra = (rq.extra ?: JsonObject(emptyMap())).toMutableMap().apply {
            put(ORG_MAPPING_KEY, JsonPrimitive(mapping.organization))
        return rq.copy(extra = JsonObject(modifiedExtra))
This worked fine together with oathkeeper running
I am testing on
FROM oryd/oathkeeper:v0.38.23-beta.1
Let me try with you version and example
@User Got it finally working. The Oathkeerper hydrator documentation was stale causing the marshaling errors initially and then there was invalid json error after getting past it. Had to look into the Oathkeeper codebase to understand the cause. Stemmed from here - https://github.com/ory/oathkeeper/blob/d942c043aa2370b87e0dd822440ad39d809755f9/pipeline/mutate/mutator_hydrator.go#L232
👍 1