https://www.ory.sh/ logo
Join Slack
Powered by
Hello! I can’t seem to figure out how to get a to...
# talk-hydra
l
Hello! I can’t seem to figure out how to get a token, using version 
2.x.x
of the 
@ory/hydra-client
TypeScript lib (the autogenerated one), for a client credentials flow. e.g. the equivalent of this sort of call:
Copy code
curl -X POST '<http://localhost:4444/oauth2/token>' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --user '${CLIENT_ID}:${CLIENT_SECRET}' \
  --data-raw 'grant_type=client_credentials&scope=${SCOPE}'
The above call works, but is this possible to do using the 
@ory/hydra-client
TypeScript lib? This method seems closest:
Copy code
oauth2TokenExchange(
  grantType: string,
  clientId?: string,
  code?: string,
  redirectUri?: string,
  refreshToken?: string,
  options?: any
): AxiosPromise<OAuth2TokenExchange>
But it’s unclear how I’d provide the client secret or scope, if that is the right method to use here.
d
You probably shouldn't use the hydra client to perform regular OAuth. You should use a dedicated OAuth library
c
Hello friend. 
oauth2TokenExchange
is indeed the correct function to use in order to receive a token. This function is part of the OAuth2Api class. You have to initiate an OAuth2Api object which needs a Configuration object parameter. In the configuration object, you can set hydra's public URL, username = your client_id and password = your client_secret. After that, you should be able to use the 
oauth2TokenExchange
function to get a token. 🙂
I'm not sure about the import paths, but your code should look something like this
Copy code
import { Configuration } from 'hydra-client.configuration';
import { OAuth2Api } from 'hydra-client.api';
config = Configuration(basePath="HYDRA_PUBLIC_URL", username="your_client_id", passwod="your_client_secret")
client = OAuth2Api(config)
token_response = client.oauth2TokenExchange(grantType="client_credentials")
Regarding scopes, i'm pretty sure that when it comes to the client credentials flow, you can only set the scopes when creating the oauth2 client in hydra. After that, they are always the same for all of the tokens issued by that client. Dynamic scope requests are available in other flows like authorization code flow, where a user is required to approve the scopes for every token request.
l
Awesome, ty! That worked 🙂
13 Views
Open in Slack
PreviousNext
Powered by