Hi, there’s something that I don’t fully understand, is mainly how to catch the tokens in the client-app. I have Hydra running, a consent app and currently I can perform the whole Oauth2 Process similar as the example Golang-consent-app. Checking this I see in the step 5 that my client application should receive the tokens that comes from hydra.
As the example app, I have a callback function inside my consent app where I print the tokens. So:
1.- This consent app will be used by other many of my applications, is it ok? is suppossed that the consent app will be used not only by one app?
2.- I have registered in the hydra database the client that is used by the consent app, for that client I have registered the callback url in the redirect_uris. Currently that url is pointing to my callback endpoint of the consent app, my question is: to who should I point this redirect if I need to get the tokens in the client app?
Just to be more clear: about the clients registered in Hydra, I have this:
client_name: Consent App Client
scope: openid offline hydra.clients hydra.clients hydra.?
Also, in the documentation I read:
Hydra validates the consent response token and issues the auth code to the user agent. The user agent is then redirected to the client application at the registered callback uri with the auth code as a parameter: GET https://example.com/callback?code=aaabbbcccddd
I will have lets say 3 clients-applications that I hope can use the same consent app instance, lets say that I have:
For each one of them, I think that I should register a client in the hydra database correct? then, which user should I use in the consent app to connect with hydra?
Thank you very much!