Help with implement login-consent flow by client side application

Hello everyone.
I writed service with implement logic for login-consent flow, but my frontend it is client-side application which can send credentials by POST request ajax. Maybe u can help me or getting some information about this, because ajax not setting csrf cookie which is main problem in my realisation. Thanks for u attation. Any other topics contains old information about this or maybe i didn’t find that


  1. All of the hydra from client side i using redirect
  2. After all, when my login provider initialize login request and execute setting up in my browser login page with login_challenge. i submit my credentials to login_provider by POST request. And after all, login_provider executing next requests to hydra . I really don’t know, how i can enter my credentials by another way.
  3. At the end request from hydra to callback service (which is my login_provider) i getting error:" The CSRF value from the token does not match the CSRF value from the data store"

And also, which i exploring my browser storage, i found the csrf cookie, but this cookie don’t entered by post request. (Frontend writed by Angular Framework).

I solved this trouble. My solution it is setup credentials settings for hydra and oathkeeper responses with allow_credentials. header. Angular library for ajax need setting field with_credentials.
In settings hydra and oathkeeper i added by one line:
for hydra:
for oathkeeper:

1 Like

thanks man :smiley: :rofl: