OAuth 2.0 Authorize Code Flow + PCKE + AppAuth success. Thank you!

Hi all,

Just wanted to say a massive thank you. Spent the past few evenings getting Flutter AppAuth (https://pub.dev/packages/flutter_appauth) working with Hydra and the SureVoIP Portal following https://www.ory.sh/hydra/docs/implementing-consent for access to the SureVoIP API.

Time to get into prod beta and write our app!

If anyone needs any help, let me know. The docs and program are amazing.


1 Like

Really glad to hear that, welcome to the ORY Family :slight_smile:

Any rough patches you had to overcome? Something that could be improved in the docs? Do you maybe want to write a small blog article on how you did it? I’d be happy to help and the community would appreciate it!

1 Like

Hi @hackerman,

Yeah, I was thinking of doing one on blog.surevoip.co.uk once I’m finished and sharing on medium.

I’m not fully complete as about to do the token introspection bit now, but a few little docs patches I could do. Like id in is now client_id in server responses inside client on login and consent replies.

Some urls in docs just say hydra and don’t show port 4445 or 4444 so you need to think if it’s admin or public. Context isn’t mentioned how to get things in there.

All I’m all pretty bloody amazing project. You should be very proud.


I had a great chat with Justin on OAuth2 if any one is interested https://www.se-radio.net/2019/08/episode-376-justin-richer-on-api-security-with-oauth-2/

PKCE is covered too.



Are they docs about refresh token expiry. I’m not clear if it’s 30 days like in a github issue in 2018 default or it doesn’t. Will check and report here.

These are 404 https://www.ory.sh/hydra/docs/sdk/hydra-sdk-api from https://www.ory.sh/hydra/docs/implementing-consent/#user-login “API Documentation”