You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm in the process of setting up Ory Hydra as my authorization server, and I've hit a bit of a roadblock with the initial configuration, particularly around the urls and secrets settings. I understand that certain URLs need to be predefined in the configuration, but I'm struggling with how to do this effectively before the server is deployed. The specific configuration values I'm unsure about include:
hydra.config.urls.self.issuer
hydra.config.urls.login
hydra.config.urls.consent
hydra.config.secrets.system
I get that these are crucial for Hydra to operate correctly, but my confusion lies in providing these URLs in advance, especially considering the server and the associated endpoints are not deployed or accessible yet.
How do you usually approach defining these URLs for a system that's not yet live?
For the hydra.config.urls.self.issuer, is it mandatory to have the exact deployment URL, or can it be something temporary that I can change later?
For the login and consent URLs, do these need to point to already functioning endpoints, or can I set placeholders during the development stage?
Regarding the hydra.config.secrets.system, any best practices on generating and managing these secrets securely?
Any advice, insights, or examples of how you've tackled these configuration steps would be greatly appreciated. I want to ensure I'm setting this up correctly from the get-go to avoid any security or operational issues down the line.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi everyone,
I'm in the process of setting up Ory Hydra as my authorization server, and I've hit a bit of a roadblock with the initial configuration, particularly around the urls and secrets settings. I understand that certain URLs need to be predefined in the configuration, but I'm struggling with how to do this effectively before the server is deployed. The specific configuration values I'm unsure about include:
I get that these are crucial for Hydra to operate correctly, but my confusion lies in providing these URLs in advance, especially considering the server and the associated endpoints are not deployed or accessible yet.
How do you usually approach defining these URLs for a system that's not yet live?
For the hydra.config.urls.self.issuer, is it mandatory to have the exact deployment URL, or can it be something temporary that I can change later?
For the login and consent URLs, do these need to point to already functioning endpoints, or can I set placeholders during the development stage?
Regarding the hydra.config.secrets.system, any best practices on generating and managing these secrets securely?
Any advice, insights, or examples of how you've tackled these configuration steps would be greatly appreciated. I want to ensure I'm setting this up correctly from the get-go to avoid any security or operational issues down the line.
Thanks in advance!
Beta Was this translation helpful? Give feedback.
All reactions