Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Generally trying to get machine-to-machine stuff working with Oathkeeper and need an endpoint that will return token metadata and whatnot to use with the `bearer_token` strategy. Completely possible there is another way to do this that involves actually generating "identities" for each service. In any case, I need a straightforward way to be able to generate auth tokens (or tuples, `client_id` and `client_secret` is fine) for services to be able to talk to one another, and these tokens should be valid until revoked. Each service that needs to check auth runs an Oathkeeper sidecar that should turn all available auth methods into JWTs for it to consume.