openid-connect

Asking about this since the NSA recently published guidance advising the public and private sectors to transition to cryptographic algorithms that are no less than sha384 & ec384 (elliptic curves).

While Edwards' Curves are different, its worth noting that prior to this update sha256 & secp256k1 were both on the list of acceptable cryptographic algorithms. My deduction was that 128-bit securit

Is your feature request related to a problem? Please describe.

The hydrator have only Basic auth - see config: https://www.ory.sh/oathkeeper/docs/pipeline/mutator/#configuration-4, however for more flexibility, similiar pre-authorization mechanism could ba added as in the instropsection authenticator handler: https://www.ory.sh/oathkeeper/docs/pipeline/mutator/#configuration-4

**Descri

I need to do a collateral call to google APIs from my backend to get additional information about the user (full name, profile picture, team, ...). For that, I need to have the access token. Unfortunately, now I only have access to the user's email.

A solution could be to return the access token in the header key X-Forwarded-AccessToken but I think we will have to manage when the access token

When building a GitHub provider using the build script, an "Organization" is prompted but it's not entirely clear that this value is expected to be the GitHub Organization used for authentication.