Welcome to the ORY Hydra HTTP API documentation. You will find documentation for all HTTP APIs here.

v1.9.2 2021-01-29 15:19 UTC


Welcome to the ORY Hydra HTTP API documentation. You will find documentation for all HTTP APIs here.

This PHP package is automatically generated by the OpenAPI Generator project:

  • API version: v1.6.0
  • Build package: org.openapitools.codegen.languages.PhpClientCodegen


PHP 5.5 and later

Installation & Usage


To install with Composer, run:

$ composer require ory/hydra-client:*

Manual Installation

Download the files and include autoload.php:



To run the unit tests:

composer install

Getting Started

Please follow the installation procedure and then run the following:

require_once(__DIR__ . '/vendor/autoload.php');

$apiInstance = new Ory\Hydra\Client\Api\AdminApi(
    // If you want use custom http client, pass your client which implements `GuzzleHttp\ClientInterface`.
    // This is optional, `GuzzleHttp\Client` will be used as default.
    new GuzzleHttp\Client()
$consentChallenge = 'consentChallenge_example'; // string | 
$body = new \Ory\Hydra\Client\Model\AcceptConsentRequest(); // \Ory\Hydra\Client\Model\AcceptConsentRequest | 

try {
    $result = $apiInstance->acceptConsentRequest($consentChallenge, $body);
} catch (Exception $e) {
    echo 'Exception when calling AdminApi->acceptConsentRequest: ', $e->getMessage(), PHP_EOL;


Documentation for API Endpoints

All URIs are relative to http://localhost

Class Method HTTP request Description
AdminApi acceptConsentRequest PUT /oauth2/auth/requests/consent/accept Accept a consent request
AdminApi acceptLoginRequest PUT /oauth2/auth/requests/login/accept Accept a login request
AdminApi acceptLogoutRequest PUT /oauth2/auth/requests/logout/accept Accept a logout request
AdminApi createJsonWebKeySet POST /keys/{set} Generate a new JSON Web Key
AdminApi createOAuth2Client POST /clients Create an OAuth 2.0 client
AdminApi deleteJsonWebKey DELETE /keys/{set}/{kid} Delete a JSON Web Key
AdminApi deleteJsonWebKeySet DELETE /keys/{set} Delete a JSON Web Key Set
AdminApi deleteOAuth2Client DELETE /clients/{id} Deletes an OAuth 2.0 Client
AdminApi flushInactiveOAuth2Tokens POST /oauth2/flush Flush Expired OAuth2 Access Tokens
AdminApi getConsentRequest GET /oauth2/auth/requests/consent Get consent request information
AdminApi getJsonWebKey GET /keys/{set}/{kid} Fetch a JSON Web Key
AdminApi getJsonWebKeySet GET /keys/{set} Retrieve a JSON Web Key Set
AdminApi getLoginRequest GET /oauth2/auth/requests/login Get a login request
AdminApi getLogoutRequest GET /oauth2/auth/requests/logout Get a logout request
AdminApi getOAuth2Client GET /clients/{id} Get an OAuth 2.0 Client.
AdminApi getVersion GET /version Get service version
AdminApi introspectOAuth2Token POST /oauth2/introspect Introspect OAuth2 tokens
AdminApi isInstanceAlive GET /health/alive Check alive status
AdminApi listOAuth2Clients GET /clients List OAuth 2.0 Clients
AdminApi listSubjectConsentSessions GET /oauth2/auth/sessions/consent Lists all consent sessions of a subject
AdminApi prometheus GET /metrics/prometheus Get snapshot metrics from the Hydra service. If you're using k8s, you can then add annotations to your deployment like so:
AdminApi rejectConsentRequest PUT /oauth2/auth/requests/consent/reject Reject a consent request
AdminApi rejectLoginRequest PUT /oauth2/auth/requests/login/reject Reject a login request
AdminApi rejectLogoutRequest PUT /oauth2/auth/requests/logout/reject Reject a logout request
AdminApi revokeAuthenticationSession DELETE /oauth2/auth/sessions/login Invalidates all login sessions of a certain user Invalidates a subject's authentication session
AdminApi revokeConsentSessions DELETE /oauth2/auth/sessions/consent Revokes consent sessions of a subject for a specific OAuth 2.0 Client
AdminApi updateJsonWebKey PUT /keys/{set}/{kid} Update a JSON Web Key
AdminApi updateJsonWebKeySet PUT /keys/{set} Update a JSON Web Key Set
AdminApi updateOAuth2Client PUT /clients/{id} Update an OAuth 2.0 Client
PublicApi disconnectUser GET /oauth2/sessions/logout OpenID Connect Front-Backchannel enabled Logout
PublicApi discoverOpenIDConfiguration GET /.well-known/openid-configuration OpenID Connect Discovery
PublicApi isInstanceReady GET /health/ready Check readiness status
PublicApi oauth2Token POST /oauth2/token The OAuth 2.0 token endpoint
PublicApi oauthAuth GET /oauth2/auth The OAuth 2.0 authorize endpoint
PublicApi revokeOAuth2Token POST /oauth2/revoke Revoke OAuth2 tokens
PublicApi userinfo GET /userinfo OpenID Connect Userinfo
PublicApi wellKnown GET /.well-known/jwks.json JSON Web Keys Discovery

Documentation For Models

Documentation For Authorization


  • Type: HTTP basic authentication


  • Type: OAuth
  • Flow: accessCode
  • Authorization URL: /oauth2/auth
  • Scopes:
  • offline: A scope required when requesting refresh tokens (alias for offline_access)
  • offline_access: A scope required when requesting refresh tokens
  • openid: Request an OpenID Connect ID Token