I’ve been experimenting with the ORY stack for some time to asses it’s suitability for an upcoming project in my organization.
While diving into hydra, I encountered one point which confused me:
In the docs for hydra, it is stated under the fifth point of “JSON Web Tokens” section in the advanced topics that ‘[ORY Oathkeeper] will “convert” ORY Hydra’s opaque Access Tokens into JSON Web Tokens for your backend services. […]’.
I want that. Badly.
Unfortunately, I failed miserably in trying to comprehend where Oathkeeper is supposed to do this.
While skimming Oathkeepers REST API, I didn’t find an answer that seemed obvious to me.
Is it part of the “oauth2_introspection” authenticator?
Or am I missing something entirely?
Any guidance on how this process - Oathkeeper converting opaque OAuth access tokens into JWTs - wórks is highly appreciated!
tl;dr: How does Oathkeeper convert opaque OAuth access tokens into JWTs?