From 41996d95a22b474ba00171b8a983ca6309674655 Mon Sep 17 00:00:00 2001 From: Serhii Halchenko Date: Mon, 1 Aug 2022 13:31:02 +0200 Subject: [PATCH] feat: add docs for session and requester fields in Hydra refresh webhook (#932) --- .../guides/updating-claims-at-refresh.mdx | 48 +++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/docs/hydra/guides/updating-claims-at-refresh.mdx b/docs/hydra/guides/updating-claims-at-refresh.mdx index 4dd269475..188960c47 100644 --- a/docs/hydra/guides/updating-claims-at-refresh.mdx +++ b/docs/hydra/guides/updating-claims-at-refresh.mdx @@ -56,10 +56,58 @@ The refresh token hook endpoint must accept the following payload format: { "subject": "foo", "client_id": "bar", + "session": { + "id_token": { + "id_token_claims": { + "jti": "jti", + "iss": "http://localhost:4444/", + "sub": "foo", + "aud": [ + "bar" + ], + "iat": 1234567, + "exp": 1234567, + "rat": 1234567, + "auth_time": 1234567, + "nonce": "", + "at_hash": "", + "acr": "1", + "amr": [], + "c_hash": "", + "ext": {} + }, + "headers": { + "extra": { + "kid": "key-id" + } + }, + "username": "username", + "subject": "foo", + "expires_at": 1234567 + }, + "extra": {}, + "client_id": "bar", + "consent_challenge": "", + "exclude_not_before_claim": false, + "allowed_top_level_claims": [], + "kid": "key-id" + }, + "requester": { + "client_id": "bar", + "granted_scopes": ["openid", "offline"], + "granted_audience": [], + "grant_types": [ + "refresh_token" + ] + }, "granted_scopes": ["openid", "offline"], "granted_audience": [] } ``` +:::note + +`session` represents consent session, along with the data that was passed to the [Accept Consent Request](https://www.ory.sh/docs/hydra/reference/api#operation/acceptConsentRequest) in the `id_token` field. +`requester` is the token request context. To update the data, the webhook must return a `200 OK` response and the updated session data in the following format: