feat: add docs for session and requester fields in Hydra refresh webh…

…ook (#932)
ory · Aug 1, 2022 · 41996d9 · 41996d9
1 parent 90638d2
commit 41996d9
Showing 1 changed file with 48 additions and 0 deletions.
diff --git a/docs/hydra/guides/updating-claims-at-refresh.mdx b/docs/hydra/guides/updating-claims-at-refresh.mdx
@@ -56,10 +56,58 @@ The refresh token hook endpoint must accept the following payload format:
 {
   "subject": "foo",
   "client_id": "bar",
+  "session": {
+    "id_token": {
+      "id_token_claims": {
+        "jti": "jti",
+        "iss": "http://localhost:4444/",
+        "sub": "foo",
+        "aud": [
+          "bar"
+        ],
+        "iat": 1234567,
+        "exp": 1234567,
+        "rat": 1234567,
+        "auth_time": 1234567,
+        "nonce": "",
+        "at_hash": "",
+        "acr": "1",
+        "amr": [],
+        "c_hash": "",
+        "ext": {}
+      },
+      "headers": {
+        "extra": {
+          "kid": "key-id"
+        }
+      },
+      "username": "username",
+      "subject": "foo",
+      "expires_at": 1234567
+    },
+    "extra": {},
+    "client_id": "bar",
+    "consent_challenge": "",
+    "exclude_not_before_claim": false,
+    "allowed_top_level_claims": [],
+    "kid": "key-id"
+  },
+  "requester": {
+    "client_id": "bar",
+    "granted_scopes": ["openid", "offline"],
+    "granted_audience": [],
+    "grant_types": [
+      "refresh_token"
+    ]
+  },
   "granted_scopes": ["openid", "offline"],
   "granted_audience": []
 }
 ```
+:::note
+
+`session` represents consent session, along with the data that was passed to the [Accept Consent Request](https://www.ory.sh/docs/hydra/reference/api#operation/acceptConsentRequest) in the `id_token` field.
+`requester` is the token request context.
 
 To update the data, the webhook must return a `200 OK` response and the updated session data in the following format: