Are there any REST API available in Hydra that allows creation of access tokens using API without going through login/consent UI flow, when user is already authenticated and session is established. I am not worried much for consent screen, but for the login flow.
For example, I have one web application in which user is already logged in with his/her credentials (user & identity managed by application itself without hydra). I now want to open a 3rd party app from this application, that will ask OAuth server (Hydra) to authorize app level access. I want to avoid the login flow again as user is already logged into the main system. Is there a way to avoid login UI and consent UI and still provide the token when auth is requested by 3rd party App based on existing session data?
Note: If required, on the main application login flow, we could call hydra API (provided hydra supports such API) to establish login session
That is currently not possible unfortunately.
Thanks for clarifying.
Is there a plan to support this flow (login & consent) via REST API (even admin API for that reason) that does not require user to input anything on UI?
Or any alternative way to handle it differently and get login, consent and access token, etc set up behind the scenes (using Hydra CLI or Admin API) on application login?
No, there is no such plan as it is not conformant with OpenID Connect Certification. But if you do not care about that, you control the login and consent UI and can modify it so that it does what you want, even if that is considered bad practice and weak security.