fix: jwt documentation link to point to the correct resource

The previous link in the documentation led to a page unrelated to JWT.
Updated the URL to https://www.ory.sh/docs/oauth2-oidc/jwt-access-token,
which provides proper JWT guidance.

.schema/config.schema.json

@@ -874,7 +874,7 @@
         },
         "access_token": {
           "type": "string",
-          "description": "Defines access token type. jwt is a bad idea, see https://www.ory.sh/docs/hydra/advanced#json-web-tokens",
+          "description": "Defines access token type. jwt is a bad idea, see https://www.ory.sh/docs/oauth2-oidc/jwt-access-token",
           "enum": ["opaque", "jwt"],
           "default": "opaque"
         },

client/client.go

@@ -303,7 +303,7 @@ type Client struct {
 	// OAuth 2.0 Access Token Strategy
 	//
 	// AccessTokenStrategy is the strategy used to generate access tokens.
-	// Valid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/hydra/advanced#json-web-tokens
+	// Valid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/oauth2-oidc/jwt-access-token
 	// Setting the stragegy here overrides the global setting in `strategies.access_token`.
 	AccessTokenStrategy string `json:"access_token_strategy,omitempty" db:"access_token_strategy" faker:"-"`
 

internal/config/config.yaml

@@ -365,7 +365,7 @@ strategies:
   # You may use JSON Web Tokens as access tokens.
   #
   # But seriously. Don't do that. It's not a great idea and has a ton of caveats and subtle security implications. Read more:
-  # -> https://www.ory.sh/docs/hydra/advanced#json-web-tokens
+  # -> https://www.ory.sh/docs/oauth2-oidc/jwt-access-token
   #
   #  access_token: jwt
 

internal/httpclient/api/openapi.yaml

@@ -2624,7 +2624,7 @@ components:
             OAuth 2.0 Access Token Strategy
 
             AccessTokenStrategy is the strategy used to generate access tokens.
-            Valid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/hydra/advanced#json-web-tokens
+            Valid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/oauth2-oidc/jwt-access-token
             Setting the stragegy here overrides the global setting in `strategies.access_token`.
           type: string
         allowed_cors_origins:

internal/httpclient/docs/OAuth2Client.md

@@ -4,7 +4,7 @@
 
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**AccessTokenStrategy** | Pointer to **string** | OAuth 2.0 Access Token Strategy  AccessTokenStrategy is the strategy used to generate access tokens. Valid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/hydra/advanced#json-web-tokens Setting the stragegy here overrides the global setting in `strategies.access_token`. | [optional] 
+**AccessTokenStrategy** | Pointer to **string** | OAuth 2.0 Access Token Strategy  AccessTokenStrategy is the strategy used to generate access tokens. Valid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/oauth2-oidc/jwt-access-token Setting the stragegy here overrides the global setting in `strategies.access_token`. | [optional] 
 **AllowedCorsOrigins** | Pointer to **[]string** |  | [optional] 
 **Audience** | Pointer to **[]string** |  | [optional] 
 **AuthorizationCodeGrantAccessTokenLifespan** | Pointer to **string** | Specify a time duration in milliseconds, seconds, minutes, hours. | [optional] 

spec/api.json

@@ -612,7 +612,7 @@
         "description": "OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are\ngenerated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.",
         "properties": {
           "access_token_strategy": {
-            "description": "OAuth 2.0 Access Token Strategy\n\nAccessTokenStrategy is the strategy used to generate access tokens.\nValid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/hydra/advanced#json-web-tokens\nSetting the stragegy here overrides the global setting in `strategies.access_token`.",
+            "description": "OAuth 2.0 Access Token Strategy\n\nAccessTokenStrategy is the strategy used to generate access tokens.\nValid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/oauth2-oidc/jwt-access-token\nSetting the stragegy here overrides the global setting in `strategies.access_token`.",
             "type": "string"
           },
           "allowed_cors_origins": {

spec/config.json

@@ -874,7 +874,7 @@
         },
         "access_token": {
           "type": "string",
-          "description": "Defines access token type. jwt is a bad idea, see https://www.ory.sh/docs/hydra/advanced#json-web-tokens",
+          "description": "Defines access token type. jwt is a bad idea, see https://www.ory.sh/docs/oauth2-oidc/jwt-access-token",
           "enum": ["opaque", "jwt"],
           "default": "opaque"
         },

spec/swagger.json

@@ -2632,7 +2632,7 @@
       "title": "OAuth 2.0 Client",
       "properties": {
         "access_token_strategy": {
-          "description": "OAuth 2.0 Access Token Strategy\n\nAccessTokenStrategy is the strategy used to generate access tokens.\nValid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/hydra/advanced#json-web-tokens\nSetting the stragegy here overrides the global setting in `strategies.access_token`.",
+          "description": "OAuth 2.0 Access Token Strategy\n\nAccessTokenStrategy is the strategy used to generate access tokens.\nValid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/oauth2-oidc/jwt-access-token\nSetting the stragegy here overrides the global setting in `strategies.access_token`.",
           "type": "string"
         },
         "allowed_cors_origins": {