Retrieving jwt with ORY Hydra and ORY Oathkeeper setup

ORY Hydra
#1

My current setup works as follows:

  1. I retrieve an access token from the quickstart setup given by ORY Hydra (no ORY oathkeeper involvement yet).
  2. I send a request to my service which uses ORY Oathkeeper as the reverse proxy and my service simply returns the request headers as response.
  3. On analyzing the jwt on jwt.io, I found that I can’t find any user information on it.

My rules.json handlers are as follows:

 "authenticators": [{ "handler": "noop" }],
    "authorizer": { "handler": "allow" },
    "mutators": [
      { 
        "handler": "id_token",
        "config":{
          "issuer_url":"http://localhost:4455/",
          "jwks_url": "file:///jwks.json"
        }
      }
    ]

Screenshot from 2020-06-15 16-42-08
Screenshot from 2020-06-15 16-42-081079×764 101 KB

#2

Your authenticator is set to noop which does not do any authentication at all, which is why the sub field is empty. You probably want the OAuth2 Token Introspection there!

#4

Thanks for the help. It’s up and running