📄️ Check token validity
Token introspection is a mechanism for resource servers to obtain information about access tokens. With this specification,
📄️ Revoke consent
You can revoke user consent on a per-application basis, or for all applications to which the user granted their consent.
📄️ Skip consent
In first-party scenarios, you may want to skip the consent screen and automatically grant consent to the client. This can be done
📄️ JWT access tokens
JSON Web Tokens (JWTs) are a widely used format for representing claims securely between parties. They can be used as access
📄️ Token audience
There are two types of audience concepts in OAuth 2.0 and OpenID Connect:
📄️ JWT profile for OAuth2
JSON Web Token (JWT) for OAuth 2.0 Client Authentication and Authorization Grants is an extension to OAuth2 framework. It allows a
📄️ Configure token expiration
This document describes how to configure the token expiration time for various tokens in Ory, including the user login and consent
📄️ Graceful token refresh
Graceful refresh token rotation is a feature in Ory OAuth2 and Ory Hydra that allows for a smoother transition during refresh
📄️ Scope and claims customization
In this document you will learn how OpenID Connect scope and claims work with Ory OAuth2 and OpenID Connect. It will also cover