New Ory Hydra v25.4.0 brings agentic authentication for modern apps and devices

Ory Hydra v25.4.0, the latest release from the Ory OSS ecosystem, introduces significant advancements in agentic authentication, addressing the need for secure, standards-based access management for autonomous agents, IoT devices, and headless clients. This version includes support for the Device Authorization Grant (RFC 8628), token chain revocation, and the OAuth 2.1 discovery endpoint, positioning Hydra as a production-ready OAuth 2.1 and OpenID Connect server. The update enhances security by allowing operators to revoke entire token chains and improves performance with lower latency for session revocations and faster JWT queries. Additionally, Hydra v25.4.0 ensures security across environments with updated cryptographic dependencies and database migration fixes, making it a reliable choice for scalable applications. The release is part of a broader shift to a new versioning scheme aimed at simplifying upgrades and preparing for future agentic use cases, while also emphasizing the importance of Ory Enterprise License for mission-critical production environments requiring continuous security and compliance updates.