๐๏ธ Check token validity
Token introspection is a mechanism for resource servers to obtain information about access tokens. With this specification,
๐๏ธ Revoke consent
You can revoke user consent on a per-application basis, or for all applications to which the user granted their consent.
๐๏ธ Skip consent
In first-party scenarios, you may want to skip the consent screen and automatically grant consent to the client. This can be done
๐๏ธ JWT access tokens
JSON Web Tokens (JWTs) are a widely used format for representing claims securely between parties. They can be used as access
๐๏ธ Token audience
There are two types of audience concepts in OAuth 2.0 and OpenID Connect:
๐๏ธ JWT profile for OAuth2
JSON Web Token (JWT) for OAuth 2.0 Client Authentication and Authorization Grants is an extension to OAuth2 framework. It allows a
๐๏ธ Configure token expiration
This document describes how to configure the token expiration time for various tokens in Ory, including the user login and consent
๐๏ธ Graceful token refresh
Graceful refresh token rotation is a feature in Ory OAuth2 and Ory Hydra that allows for a smoother transition during refresh
๐๏ธ Scope and claims customization
In this document you will learn how OpenID Connect scope and claims work with Ory OAuth2 and OpenID Connect. It will also cover