Describe the bug

Thank you for a great project and documentation. I ran into a bug (I think) while playing with the 5 minute tutorial.

When revoking an access token that is not found the hydra server returns a 404 response but this is not a defined response in the swagger specification. This leads to an error like `response status code does not match any response statuses defined for thi

The OPA-Envoy plugin is integrated with Gloo Edge and a step-by-step tutorial is available here. We should add this tutorial to the Envoy section of the OPA docs. We could update the existing tutorial to send the request body to OPA and use that i

go-jwt seems to not be maintained really. It has open/known security issue (which have multiple PRs open to address, earliest in 2018: dgrijalva/jwt-go#286). And it requires numbers to be floats because it cannot validate ints. [PR to fix this has been made](https://github.com/dgrijalva

I've read the docs, and it seems you can pass through knex instances, but I didn't see if it supports SQLite3 - could you clarify please?

One of the major topics in an enterprise application is encryption at rest. With SQL server 2016+ it is possible to do encryption at rest. .Net Core wasn't compatible until recently, which I think now supports only TDE (Transparent Data Encryption).

I don't know enough to implement enough, but here's an article I found.

https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/c

The following guides may be improved with unit test examples:

• https://github.com/danschultzer/pow/blob/master/guides/custom_controllers.md
• https://github.com/danschultzer/pow/blob/master/guides/sync_user.md
• https://github.com/danschultzer/pow/blob/master/guides/lock_users.md
• https://github.com/danschultzer/pow/blob/master/guides/user_roles.md

There's alread

See the-road-to-graphql/fullstack-apollo-express-postgresql-boilerplate#5 for users domain. Maybe someone wants to add tests for the messages domain too.