Using Hydra to authenticate via external providers


#1

Hello everyone,

I apologize in advance for the potentially silly question, but I’m rather new to the whole concept of OAuth2.0 and OpenID. I am trying to evaluate Hydra (and the ORY echosystem by extent) as an authentication solution, and I’m trying to figure out if one could an external OAuth 2.0 provider (e.g. Github, Facebook, etc.) as the login & consent provider. I’ve tried to read the documentation as carefully as I could but I’m still a bit unclear on this detail.

Thank you very much in advance!

Regards,
Nick


#2

Hi,

I think I found my own answer: No. :grinning:
Since the login & consent provider needs to call Hydra and accept/reject the requests, this indeed has to be written as a layer that knows about Hydra and how to talk to it. Ultimately one could use external providers to obtain user information and then integrate that into the custom login logic.

Please correct me if I’ve still got this wrong. :slight_smile:

Cheers,
Nick


#3

Yup you’re right. Hydra does not manage identities so it doesn’t offer integration with other IDPs directly, but you can obviously implement that in your consent&login app!


#4

Thank you very much for your reply. :slight_smile:

It becomes much more clear after you write a little bit of code to interact with external providers (e.g. Github) and thus realize that Hydra deals with a different concern.


#5

See if https://github.com/dexidp/dex does what you need.


#6

Hello! Thanks for your suggestion. I’m aware of Dex, but we found that the whole ORY ecosystem covers our needs better. We’ll write the missing bits ourselves. :slight_smile: