Hello folks,
We have been playing around with ORY/hydra OAuth1/OpenID connect server and really love it. We are thinking of going to production with this solution. I wanted to reach out to the community and get a feel of how many are using the OAuth2 in production? Any best practices and learning etc.
Thanks a bunch in advance
M
Hi,
currently, I’m trying to test Hydra dev environment, and it works well regardless of some SSL Certificates problems. and me too thinking of using it in production.
you can read this guide: https://www.ory.sh/hydra/docs/production
and share me your opinions about the production environment.
best regard.
F.
Hydra is being used in high-scale prod environments (some of which you find logos of on our website and in the sponsorship section) for years.
Getting to production doesn’t require a lot of effort as there is no real distinction between dev and production for hydra.
SSL Certificate issues come from not using signed SSL certificates from well-known CAs and is something you need to set up yourself (e.g. using LetsEncrypt).
Thanks for the response folks. Much appreciated
M
I don’t see anything in the production guide about flushing expired tokens. Do you recommend we make a perodic call to POST /oauth2/flush . Or does the server take care of it’s own housekeeping?