oauth2

Asking about this since the NSA recently published guidance advising the public and private sectors to transition to cryptographic algorithms that are no less than sha384 & ec384 (elliptic curves).

While Edwards' Curves are different, its worth noting that prior to this update sha256 & secp256k1 were both on the list of acceptable cryptographic algorithms. My deduction was that 128-bit securit

Description 🐜

With the removal of clientMaxAge and keepAlive in favor of refetchInterval, every time a tab is switched, the session gets revalidated, thus updating a session state in SessionProvider which then causes to rerender all components using useSession.

Is it possible to disable this "revalidation" upon window refocusing?
Thanks in advance.

Is this a bug in your own

There was an error where someone was trying to sign up using the thirdparty recipe and postgres rejected the query cause of value too long for type character varying(128) - and in the thidparty table, only the third_party_user_id column has 128 chars limit.

Error log reference:

[https://app.zenhub.com/files/231921809/8968d6d6-bcdd-48d8-aa60-fd556e934acd/download](https://app.zenhub.com/files

If not for some particular exceptions, the status code returned from our WebAPI on error is always 500, regardless of the kind of error.

If an object already exists, for example, it should be returned as 409. If the object does not pass the schema validation, it should be a 415.

Go through the whole WebAPI and verify that the status codes are being returned correctly.

Hint: Error cl

Is your feature request related to a problem? Please describe.

The hydrator have only Basic auth - see config: https://www.ory.sh/oathkeeper/docs/pipeline/mutator/#configuration-4, however for more flexibility, similiar pre-authorization mechanism could ba added as in the instropsection authenticator handler: https://www.ory.sh/oathkeeper/docs/pipeline/mutator/#configuration-4

**Descri