Tags: ory/hydra
Tags
 Ory Hydra, the OAuth2 and OpenID Connect server designed for web-scale deployments introduces its most advanced update with version 2.2! Want to check out Ory Hydra yourself? Try common OAuth2 flows in the [Ory OAuth2 Get Started guide](https://www.ory.sh/docs/getting-started/ory-network-oauth2)! This version significantly enhances performance, supporting six times more authorization flows than version 2.1, thanks to architectural improvements that minimize database interactions for login and consent processes. Key improvements include: - Enhanced integration with Ory Kratos, ensuring seamless synchronization of login and logout states across both services. Users logged out from Ory Hydra will automatically log out from Ory Kratos, enhancing security and user experience. - The ability to bypass the logout consent screen for specific clients, streamlining the logout process. - Simplified migration with the new feature to import OAuth2 Client IDs, making the transition to Ory Hydra smoother. - Support for the OIDC Verifiable Credentials specification, expanding the server's capabilities in identity verification. Thank all contributors who have made this release available!
This release optimizes the performance of authorization code grant fl… …ows by minimizing the number of database queries. We acheive this by storing the flow in an AEAD-encoded cookie and AEAD-encoded request parameters for the authentication and consent screens. BREAKING CHANGE: * The client that is used as part of the authorization grant flow is stored in the AEAD-encoding. Therefore, running flows will not observe updates to the client after they were started. * Because the login and consent challenge values now include the AEAD-encoded flow, their size increased to around 1kB for a flow without any metadata (and increases linearly with the amount of metadata). Please adjust your ingress / gateway accordingly.
This release optimizes the performance of authorization code grant fl… …ows by minimizing the number of database queries. We acheive this by storing the flow in an AEAD-encoded cookie and AEAD-encoded request parameters for the authentication and consent screens. BREAKING CHANGE: * The client that is used as part of the authorization grant flow is stored in the AEAD-encoding. Therefore, running flows will not observe updates to the client after they were started. * Because the login and consent challenge values now include the AEAD-encoded flow, their size increased to around 1kB for a flow without any metadata (and increases linearly with the amount of metadata). Please adjust your ingress / gateway accordingly.
We are excited to announce the next Ory Hydra release! This release i… …ncludes the following important changes: - Fixed a memory leak in the OpenTelemetry implementation, improving overall memory usage and stability. - Added a missing index for faster janitor cleanup, resulting in quicker and more efficient cleanup operations. - Fixed a bug related to SameSite in dev mode, ensuring proper functionality and consistency in handling SameSite attributes during development. We appreciate your continuous support and feedback. Please feel free to reach out to us with any further suggestions or issues.
We are excited to share this year's Q1 release of Ory Hydra: v2.1.0! Highlights: * Support for Datadog tracing (#3431). * Ability to skip consent for trusted clients (#3451). * Setting access token type in the OAuth2 Client is now possible (#3446). * Revoke login sessions by SessionID (#3450). * Session lifespan extended on session refresh (#3464). * Token request hooks added for all grant types (#3427). * Reduced SQL tracing noise (#3481). Don't want to run the upgrade yourself? Switch to [Ory Network](https://console.ory.sh/registration?flow=d1ae4761-3493-4dd9-b0ce-3200916b38aa)!
PreviousNext