Configure Ory OAuth2 and OpenID
Using the Ory CLI, you can quickly adjust the configuration of the Ory OAuth2 and OpenID and apply config from the Ory Network environment to self-hosted Ory Hydra OAuth2 Server instances.
Ory Hydra is the open-source project that powers the Ory OAuth2 and OpenID.
This feature is useful for fluently moving your local setup to the cloud, or for working on the configuration and testing different settings in the safety of the local development environment.
To work with the Ory OAuth2 and OpenID, you must have an active project. Use the CLI or the Ory Console to create one.
Export configuration from Ory Network
To get your project's Ory OAuth2 and OpenID configuration, run this command:
You must be signed in to an Ory Network account to perform this action. Read this document to learn more.
## List all available projects
ory list projects
## Get config
ory get oauth2-config {project-id} --format yaml
The --format
flag defines the format of the output file. You can choose one of yaml
,json
, or json-pretty
.
Getting the configuration in the YAML format produces output that is ready to use with self-hosted Ory Hydra.
Export to file
For a convenient way to get the Ory OAuth2 and OpenID configuration working in self-hosted Ory Hydra, save the configuration to a YAML file.
Run this command:
ory get oauth2-config {project-id} --format yaml > oauth2-config.yaml
Import configuration to Ory Network
To start using the configuration from a self-hosted Ory Hydra instance in Ory OAuth2 and OpenID, import the configuration file with the CLI:
ory update oauth2-config {project-id} --file config.yaml
Adjust specific keys
You can adjust specific keys in the configuration using the ory patch
CLI command.
Running this sample command sets the time to live (ttl
) for refresh tokens to 999h0m0s
:
ory patch oauth2-config {project-id} \
--replace '/ttl/refresh_token="999h0m0s"'
Read this document to learn more about adjusting project configuration with the Ory CLI.