Our trusted business partners are authorizing via client credentials. But I want to disable certain client for a while and maybe I want to enable that client later.
I cannot find the way in hydra, like “disable client”.
Just take away client_credentials from the list of allowed flows
And I want to revoke all access tokens related this client, is there any method like “revoke?clientid=XXX” ?
yes:
No 
this is consent request revoke, I want to revoke all access tokens (client_credentials) related to specific client
Ah, my bad - that is in fact not possible right now. You would have to wait for the tokens to expire. Once expired, the client can not request another token.
Hydra tells us dont use jwt token because you cannot revoke it in any time. But Hydra does not support what I ask above.
Now, I am planing delete all token from Hydra database, Do you think this is the good way
We could probably include an endpoint to support that use case. It hasn’t come up so far 
Now, I am planing delete all token from Hydra database, Do you think this is the good way
Yes, that will work!
I’ve created an issue for this:
2 Likes
Thanks you for your efforts.
Any time!