apiVersion: hydra.ory.sh/v1alpha1
kind: OAuth2Client
metadata:
  name: my-oauth2-client
  namespace: default
spec:
  grantTypes:
    - client_credentials
    - implicit
    - authorization_code
    - refresh_token
  responseTypes:
    - id_token
    - code
    - token
  scope: "read write"
  secretName: my-secret-123
  # these are optional
  redirectUris:
    - https://client/account
    - http://localhost:8080
  postLogoutRedirectUris:
    - https://client/logout
  audience:
    - audience-a
    - audience-b
  hydraAdmin:
    # if hydraAdmin is specified, all of these fields are requried,
    # but they can be empty/0
    url: http://hydra-admin.namespace.cluster.domain
    port: 4445
    endpoint: /clients
    forwardedProto: https
  tokenEndpointAuthMethod: client_secret_basic
  metadata:
    property1: 1
    property2: "2"