Closed Bdegraaf1234 closed 4 months ago
@mpgxvii
hydra does want or at least allows the client_id in the post request https://www.ory.sh/docs/hydra/reference/api#tag/oAuth2/operation/oauth2TokenExchange
The complete technical spec for oauth can be found here, I linked the section on the authorization code grant, it looks like if you authenticate with basic you don't have to provide the client ID in the post request but you can.
This is the commit where I messed with the token endpoint, it is a bit hacky so I am happy it will be removed, but I think the implementation on the RSA side stands :)
@Bdegraaf1234 Oh okay I see. Thanks for the clarification! :)
adapt the token request in the front end to accomodate ory