Why doesn't Kratos continue the Hydra OAuth2 flow after login with login_challenge
?
#3063
Unanswered
davidknezic
asked this question in
Q&A
Replies: 1 comment
-
Hello @davidknezic Also feel free to test it out on Ory Network, there you can avoid the hassle to deploy these services. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I'm struggling to find good examples for the recently added Kratos + Hydra integration.
As far as I understood, all that's really needed is the
OAUTH2_PROVIDER_URL
env var to be set to the Hydra admin url (e.g. http://localhost:4445).With that set, I extended the Kratos Next.js self-service UI example so that the
login.tsx
page accepts thelogin_challenge
query param and passes it on to thecreateBrowserLoginFlow
.This seems to work so far, because I notice that Kratos now initiates a login request with Hydra, which is very cool! Also, there's the
oauth2_login_challenge
set on my flow payload.However, I notice that the
oauth2_login_request
field isn't present at all on the flow. Shouldn't this be the case, though?Now I can continue to log in through my browser. However, when I complete the login flow, I receive a
HTTP 200
response that contains the newly issued session.My question now is, how do I get Kratos to continue the OAuth2 flow? I'd expect it to request a redirect to a public Kratos or Hydra endpoint, but I don't get any such url to redirect to.
I use the most recent Kratos
v0.11.1
and Hydrav2.0.3
and there are no errors displayed in neither logs.Also, this is how I create the OAuth2 client in Hydra:
And how I start the OAuth2 flow:
Which leads me my login url with only the
login_challenge
query param attached:Beta Was this translation helpful? Give feedback.
All reactions