Ory runs a global end-to-end security infrastructure for humans, robots, and servers. We build and use open source software.
License: Apache License 2.0
Ory is the next-gen auth* SaaS - global, data-driven, affordable, and backed by popular and proven open source. Raise issues or have discussions, ask questions and more. The documentation GitHub repository is located at github.com/ory/docs.
Most of the links leading to the docs end up on a 404.
To Reproduce
Navigate to "Email Verification" within console.ory.sh and click on the link: "Email / Phone Verification in the documentation". The link leads to https://www.ory.sh/docs/guides/email-phone-verification-account-activation (404)
It looks like the docs are either not published or haven't been created yet. Perhaps link to https://www.ory.sh/kratos/docs/guides/account-activation-email-verification in the meanwhile?
When accepting an invite to an Ory Cloud project that has already expired, you are still able to sign up, but once you finalise your details and move to the next stage the browser enters an endless loop displaying the message This invite has expired. Please ask for a new one.
[Report Only] Refused to connect to '<URL>' because it violates the following Content Security Policy directive: "connect-src 'self' <URL> <URL> <URL> <URL> <URL> <URL> <URL> <URL> <URL>".
_app-584363c690a23ddb.js:101 [Report Only] Refused to connect to 'https://api.console.ory.sh/.well-known/invites/member/[REDACTED]' because it violates the following Content Security Policy directive: "connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh https://hits-i.iubenda.com https://*.ingest.sentry.io https://sqa-web.ory.sh".
### Relevant configuration
_No response_
### Version
N/A
### On which operating system are you observing this issue?
_No response_
### In which environment are you deploying?
_No response_
### Additional Context
_No response_
Cannot set email templates to use a remote URL such as an amazon storage bucket
Set the email templates field to a URL
{
"email": {
"body": {
"html": "https://aaaa-resources.s3.amazonaws.com/courier-templates/recovery/valid/email.body.gotmpl",
"plaintext": "base64://xxxxx"
},
"subject": "base64://xxxxx"
}
}The response will be an error, denying the URL.
The request was malformed or contained invalid parameters
URL `https://ory-public-resources.s3.amazonaws.com/` is not allowed for `courier.templates.recovery.valid.email.body.html`.
No response
No response
latest
Ory Cloud
Ory Cloud
Related to this slack conversation
https://ory-community.slack.com/archives/C02MR4DEEGH/p1657048318103729
The idea of an auth platform being a set of lego blocks (vs buying a fully built car) that you can use depending on your needs is awesome, BUT, I am really overwhelmed in terms of how to get started using Ory cloud.
The documentation seems to be geared to those who want to really tinker with things under the hood, but as someone who's trying to evaluate auth platforms and get a working example, it would be really helpful to have a repository of basic auth flows using Ory cloud with something like react.js + express (node.js).
I understand there is explicit support for next.js, but not everyone uses it.
Provide a downloadable sample project that at the last uses express or react (if an SPA) on node.js, with an env file that I can fill in the required Ory configuration values for so I can see how different parts of the Ory stack piece together. It would also allow me to try out other Ory features as I could tinker around with the sample project.
Looking at other auth providers that do have downloadable projects that use their service / APIs.
N/A
We're in the process of evaluating alternative auth platforms as we've had pretty bad experiences with Amazon Cognito. We download sample projects to see how an auth platform works and tinker with it to determine if it can support our use-cases.
It's hard for me to advocate for us to use Ory when it's hard to hit the ground running with it.
In the Ory console, when navigating to the 'Custom Domains' sections, there is a confusing and delayed update to the UI that displays current custom domains. At first, the UI suggest we don't have any custom domains set up. After a slight delay, the UI updates and displays our custom domain. I would suggest to add a spinner to indicate any background request and then update the UI when the request is resolved.
See the screen capture on Imgur
In the Ory navigate to 'Custom Domains' and wait for your custom domain implementation to display.
No response
No response
Cloud Console
macOS
Ory Cloud
No response
Using Ory cloud and custom domain.
Application is running at domain.com and custom domain is ory.domain.com
When using webauthn, the following error occurs when trying to load the webauthn.js via javascript:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://ory.domain.com/api/kratos/public/.well-known/ory/webauthn.js. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 200.
The script is added to the html as:
<script async="" crossorigin="anonymous" integrity="sha512-E3ctShTQEYTkfWrjztRCbP77lN7L0jJC2IOd6j8vqUKslvqhX/Ho3QxlQJIeTI78krzAWUQlDXd9JQ0PZlKhzQ==" referrerpolicy="no-referrer" src="https://ory.domain.com/api/kratos/public/.well-known/ory/webauthn.js" type="text/javascript"></script>
From the documentation below:
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
It looks like the Ory cloud server should be adding the Access-Control-Allow-Origin: * header or there should be a way to add CORS allowed domains.
Try to load the webauthn.js script from a different domain.
No response
No response
0.0.1-alpha.76
Windows
Docker Compose
No response
Currently, it is not possible to understand why things fail in certain cases. A good example are custom SMTP servers. Figuring out what exactly the parameters are is no easy feat, as there are different security mechanisms (TLS, SMTPS, SMTP without any encryption, ...).
When you have access to the log, that is easy as you'll see error messages like:
{"audience":"application","error":{"message":"tls: first record does not look like a TLS handshake","stack_trace":"stack trace could not be recovered from error type tls.RecordHeaderError"},"file":"/go/pkg/mod/github.com/ory/[email protected]/courier/smtp.go:201","func":"github.com/ory/kratos/courier.(*courier).dispatchEmail","level":"error","message_from":"[email protected]","msg":"Unable to send email using SMTP connection.","service_name":"Ory Kratos","service_version":"master","smtp_server":"smtp.postmarkapp.com:587","smtp_ssl_enabled":true,"time":"2022-07-07T09:47:15Z"}
It should be possible to see logs related to your project in the console / API.
None
This user had significant problems figuring out what is going on and why emails are not being sent: https://ory-community.slack.com/archives/C02MR4DEEGH/p1657187128273789
I had to go into k8s and look up the logs for the courier to help him...
import "github.com/ory/client-go"
api := client.NewAPIClient(conf)
schemas, _, err := api.V0alpha2Api.ListIdentitySchemas(context.Background()).Execute()
if err != nil {
panic(err)
}
for _, schema := range schemas {
fmt.Printf("SchemaID: %s\n", schema.Id)
fmt.Printf("SchemaName: %s\n", schema.Name)
}Output
SchemaID: <really-long-id>
SchemaName:
SchemaID: preset://email
SchemaName:
SchemaID: <really-long-id>
SchemaName: api.V0alpha2Api.ListIdentitySchemasNo response
No response
latest
Ory Cloud
Ory Cloud
No response
At console.ory.sh, when I change my plan from "Startup" to "Developer" in "Usage & Billing", this occurs:
After refreshing the page, plan remains "Startup"
No response
No response
cloud
No response
No response
I'm aware of monthly bills, while I'm not using cloud version of kratos.
Configuring through a dashboard online is nice, but it would be great if one could keep all Ory Cloud project configuration in git and have it be updated automatically every time git changes.
Probably a GitHub Action or general CLI tool which could be run on every commit to the main branch which would then push new configuration in some standard way to Ory Cloud to be applied.
Keeping configuration manually in git and copy-pasting into web dashboard at every change.
Ory Cloud
No response
When the user needs to login to refresh a privileged session (e.g. from the settings page), it is redirected from the current page to the login page with the following return_to url:
http://ory.domain.com/self-service/settings?flow=FLOW_ID
After a successful login, the login page should redirect the user to the address at return_to (above).
Redirecting the user there ends up in the settings page. Calling GetSelfServiceSettingsFlow at that stage provides a flow with the error below and the user needs to repeat the last action:
Unable to decode body because HTTP Request Method was "GET" but only [POST PUT PATCH] are supported.
We assume this is a bug and that at this stage we should have a settings flow updated after completing the operation the user tried to perform. We also tried to compare the settings flow from the first call and after the login, but they are pretty much the same, so no clue on what should be done differently.
Please advise.
No response
No response
0.0.1-alpha.169
Windows
Docker Compose
No response
Report from amorevino developer:
Describe the bug
We have an SDK for Dart: https://pub.dev/packages/ory_client
This is created with Dart version 2.0. Dart support for null safety was added in 2.8 (https://dart.dev/null-safety).
This leads to errors when developing Flutter apps.
To Reproduce
https://pub.dev/packages/ory_client/score
Package is not null safe
Because:
package:ory_client/api.dart where package:ory_client/api.dart is opting out from null safety.
Expected behavior
Package is null safe.
Additional context
I do not have experience using the package, so let me know if this is a trivial error or can be worked around easily.
With the Ory cloud free plan, when clicking on 'Invoices & Active Subscriptions' the page opens a new tab displaying JSON due to a 406 code. With a paid plan, you are redirected to stripe (i assume this is the intended behaviour).
If you have a free Ory Cloud account, navigate to 'Usage & Billing' then click on 'Invoices & Active Subscriptions'. A new tab opens displaying an error 406 in JSON format.
No response
No response
Cloud Console
macOS
Ory Cloud
No response
Feature Overview
Allow developers to integrate user flows (login, signup, recovery) using your company domain name. This optional feature will enable a better user experience for users of your application. Currently, user flows are handled in Ory hosted domain that is provided per Ory Project : $YOUR_PROJECT_SLUG.projects.oryapis.com with BYOD users will be able to login to your application using your domain, for example, mydomain.com.
Additional context
Error report in Slack:
Hello, I am attempting to set up a custom domain, but am having issues. It appears we are both using Cloudflare and after creating the CNAME record I get an 1014 CNAME Cross-User Banned error. From my limited understanding this appears to be this is a security feature of Cloudflare, preventing me from creating records thats are CNAMEs for domains in another account. This can apparently be solved by reaching out to Cloudflare support and having them mark the your domain as “allowed to be the target of CNAMEs”. Is this something Ory would be willing to do or should I find another solution?
For a domain which is managed by Cloudflare DNS (e.g. mydomain.com:
Startup project set up a custom domain by clicking on Custom Domains in the navigationAdd One Nowauth.mydomain.com as domain and mydomain.com as Cookie Domainjovial-ganguly-h5ldtofefev2jm.projects.oryapis.com) shown in the description and open the Cloudflare UI and create the CNAME Record for auth.mydomain.com and use the copied URL as the target.No response
No response
n/a
Ory Cloud
Ory Cloud
No response
Feature Overview
Relying on user and password authentication only is not enough when building a secure system. It is good as a starting point in the beginning but for the production use case it is not secure enough.
Passwords are subjects of attacks like Brute Force or Credentials Stuffing but not limited to.
To address this security issue, our product must support additional authentication factors, configurable by the users.
We aim to provide MFA support compliant with U2F/FIDO2&TOTP.
Additional context
I'm not seeing redirects defined in the "Browser Redirects" tab in the console being passed down to the browser. I'm using the example next.js code and their login submit code block looks like the following...
const onSubmit = (values: SubmitSelfServiceLoginFlowBody) =>
router
.push(`/account/login?flow=${flow?.id}`, undefined, { shallow: true })
.then(() =>
ory
.submitSelfServiceLoginFlow(String(flow?.id), undefined, values)
.then((res) => {
console.log("FLOW", flow)
if (flow?.return_to) {
// THIS never gets hit
// as `return_to` is never found in the flow obj
window.location.href = flow?.return_to
return
}
router.push('/')
})
.then(() => {})
.catch(handleFlowError(router, 'login', setFlow))
.catch((err: AxiosError) => {
if (err.response?.status === 400) {
setFlow(err.response?.data)
return
}
return Promise.reject(err)
})
)Use above snippet to submit login and try and catch redirects.
Example Flow log output from the code snippet above...
{
"id": "<REDACTED>",
"type": "browser",
"expires_at": "2022-02-15T02:27:01.572505Z",
"issued_at": "2022-02-15T01:27:01.572505Z",
"request_url": "http://<REDACTED>.projects.oryapis.com/self-service/login/browser?",
"ui": {
"action": "/api/.ory/api/kratos/public/self-service/login?flow=<REDACTED>",
"method": "POST",
"nodes": [
{
"type": "input",
"group": "default",
"attributes": {
"name": "csrf_token",
"type": "hidden",
"value": "<REDACTED>",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "password_identifier",
"type": "text",
"value": "",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070004,
"text": "ID",
"type": "info"
}
}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "password",
"type": "password",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070001,
"text": "Password",
"type": "info"
}
}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "method",
"type": "submit",
"value": "password",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1010001,
"text": "Sign in",
"type": "info",
"context": {}
}
}
}
]
},
"created_at": "2022-02-15T01:27:01.578772Z",
"updated_at": "2022-02-15T01:27:01.578772Z",
"refresh": false,
"requested_aal": "aal1"
}No response
v0.8.3-alpha.1.pre.0.0.20220121173156-1ba5a1a31525
Ory Cloud
Ory Cloud
No response
Accessing the Kratos API endpoints using http instead of https result into http error 521.
E.g. when you try to access http://console.ory.sh this result into a 521 error page from Cloudflare.
No response
No response
current
No response
No response
No response
A colleague of mine created a (paid) Ory cloud project and activated custom domains. When he visits https://console.ory.sh/projects/<PROJECT_ID>/custom-domains he can see the domain, when I visit the very same URL it says
Your plan does not have access to the Custom Domains feature.
Consider upgrading to a paid plan.
See description
No response
No response
Ory cloud
No response
No response
No response
I’m having a problem after deploying my frontend (https://www.boilerplate.live) and backend (https://www.api.boilerplate.live): the frontend does not send cookies to the backend. It works fine locally, and I’m not sure it has anything to do with Ory, but was asked to create an issue here.
I had problems with CORS before, but managed to solve that by putting my backend on a subdomain, but then I got this issue 😕
Steps to reproduce the behaviour:
You can also visit https://boilerplate.live/ and try signing up. You will notice that it will register the user with Ory, but then does not send cookies to my backend.
No response
No response
v0.8.3-alpha.1.pre.0.0.20220121173156-1ba5a1a31525
macOS
Ory Cloud
Here are my DNS records, maybe they are useful. I'm currently not using ory.boilerplate.live since it was causing a different error
My backend can be found here: https://github.com/amosbastian/boilerplate/blob/master/apps/api/src/main.ts
My Ory API client here: https://github.com/amosbastian/boilerplate/blob/master/libs/shared/utility/ory/src/lib/ory-api-client/oryApiClient.ts
My Ory browser client here: https://github.com/amosbastian/boilerplate/blob/master/libs/site/utility/src/lib/ory-browser-client/oryBrowserClient.ts
For the frontend I am following the Next.js example, which can be found here https://github.com/amosbastian/boilerplate/tree/master/apps/site
I disabled MFA to allow my colleague to access the account during our trial. However, after doing so, we are prompted to enter a recovery code every time we connect to Ory. We currently used 3 of the codes, and would have to renew them regularly in the current working.
Is there any option to fully disable MFA / recovery codes ?
Steps to reproduce:
When I set a custom SMTP server, I am no longer able to make any changes in the UI, as clicking "save" fails with the following message:
Setting the SMTP Courier from address is only possible when supplying a custom SMTP Courier SMTP URL. To resolve this, visit: https://www.ory.sh/dr/1. Please check that the urls are in the correct format and try again.
The problem most likely happens because the UI is ignoring the custom set SMTP server. I think we might have done this out of security concerns (hide the SMTP server from the API) but obviously setting this value shouldn't break the UI.
No response
No response
master
No response
No response
No response
Originally posted by tsu84 July 10, 2022
Hi,
I am using the admin API to create the first admin identity through /admin/identities. To make the request the identity schema id is required. I've expected to find it through the UI since it's the place where you can edit and create new schemas. I've tried the value of the options but those weren't ids. Finally I found the /schemas endpoint where the ids are provided.
It would be nice to have the id in the identity schema page, maybe with a copy button, so that this value can be found easily.
Custom domains section says there's no access to Custom Domains feature, even though the plan is upgraded. Only admin has access to this feature.
No response
No response
cloud
Ory Cloud
Ory Cloud
No response
I am an Ory Cloud customer. I am very interested in migrating access and I ran into a challenge. Our language is go.
I am coming from a provider which would POST to a known callback URL with data I could decode and use to complete the workflow. Using Ory Proxy, Managed UI I am able to redirect as a GET to my desired route, but there is no cookie set. I think I should use the ToSession method, but without a cookie, it seems like not the right approach.
Broadly speaking,
A working sample of Signup/Login/Logout while using Go with Ory Cloud would be the desired solution. It is unclear how to authenticate a login request and after many attempts at translating the Node version, I still am unsure how to manage this process.
Sharing a solution not tied to a framework (fiber, gin, etc) would be ideal for our use case.
None, we paused the project until we could devote more time to review/research.
alpha-38
No response
I updated my schema, tested login with an existing account, that worked, but when I go to /ui/settings: error?id=0a0c448d-d821-4a70-a7f9-84fff9fe510e:
{
"code": 500,
"message": "expected a client to be set for github.com/ory/jsonschema/v3/httploader.HTTPClient but received nil",
"status": "Internal Server Error"
}
Originally posted by @till in #55 (reply in thread)
Feature Overview
Enable social identity providers in your Ory Project configuration to allow user authentication federation in your application.
Google, Facebook, Github + in general OIDC compliant providers will be supported.
This feature will allow your users to sign in/sign up either by using a standard username&password or by using well-known providers: "Sign in with ... " Google for example.
Additional context
Since early last week we are unable to select any of our custom identity schemas. The following error is shown in the Ory Console:
An error occurred: Error: Request failed with status code 400
Some of these schemes have several months and were working before. Please advise.
No response
No response
Web Ory Cloud Console
Ory Cloud
No response
No response
Unable to call the .NET Client Api function ListIdentitySchemasAsync(). The error below is returned.
Required property 'blob_name' not found in JSON. Path '[0]', line 1, position 867.
Seems to be a problem in the ClientIdentitySchema model definition, that requires several properties that are missing. Below is a sample of the received json:
[
{
"id": ...
"schema": ...
},
..
]
Use the .NET Client Api to call ListIdentitySchemasAsync().
No response
No response
0.0.1-alpha.169
Windows
Docker Compose
No response
We're using an oathkeeper (v0.38.19-beta.1-17-g74c2581 at the moment) with a check_session_url into our ory cloud kratos. Since the cloud update with the URL changes (I think, might not be related) we're having problems with websocket connections.
We're using a similar setup to this one: ory/oathkeeper#896 (comment), except with a bearer_token instead of cookie_session.
That used to work, and non-websocket requests still work, but for ws we're now getting this in the oathkeeper logs:
level=warning msg=Access request denied audience=application error=map[debug: message:Access credentials are not sufficient to access this resource reason:Get "https://CUSTOM_URL_POINTING_TO_ORY_CLOUD_PROJECT/sessions/whoami": context canceled status:Forbidden status_code:403] granted=false http_host=HOST http_method=GET http_url=https://HOST/path http_user_agent=... service_name=ORY Oathkeeper service_version=v0.38.19-beta.1-17-g74c2581, after some time (the connection just hangs there for a bit).
Any ideas for how to debug this further would be welcome :)
oathkeeper config something like:
authenticators:
bearer_token:
enabled: true
config:
check_session_url: https://ORY_CLOUD_PROJECT_URL/sessions/whoami
subject_from: '@this.identity.traits.username'
token_from:
header: Authorization
oathkeeper rule
- id: ory:foo
upstream:
preserve_host: false
url: http://foo:1234
match:
url: "<{https,wss}>://ws.endpoint.example.com/<**>"
methods:
- GET
authenticators:
- handler: bearer_token
authorizer:
handler: allow
mutators:
- handler: noop
and the client request is then something like
curl -v --include --no-buffer --http1.1 -H "Connection: Upgrade" -H"Upgrade: websocket" -H "Origin: http://example.com:80" -H "Sec-WebSocket-Key: SGVsbG8sIHdvcmxkIQ==" -H "Sec-WebSocket-Version: 13" -H 'Authorization: bearer SOME_TOKEN' 'https://ws.endpoint.example.com/'
(we're not really using curl, but this seems to display the same problem at least)
No response
No response
cloud
Ory Cloud
Ory Cloud
No response
Administrators need visibility into account activity on Ory to
We should write structured, machine-readable activity logs for
Metadata: These logs need to carry timestamp, identity, device and IP address information.
Access & Retention: Logs need to be separated by tenant, and accessible to admins only. We retain them for 14 days. Be aware that these logs are sensitive and carry PII.
Telemetry
Admins can see aggregate activity (at least signups, logins and recoveries, with associated success/failure rates) by day in an overview screen in the Console.
Auditing
Auditing the audits
No response
Originally posted by adrianrudnik June 12, 2022
I have set all available fields for the post-settings redirections, but I'm still unable to get back to my app if I hit the "back"-button at the bottom of the default settings UI. It always redirects back to /ui/welcome. Is there anything special I need to set, or is this a bug?
Logo not displaying correctly on invoices. See screenshot below, red container.
In the Ory console, navigate to 'Usage & Billing', select your Start-Up plan and click on 'Invoices & Active Subscriptions'. Download you latest invoice and open the PDF document.
No response
No response
Cloud Console
macOS
Ory Cloud
No response
Trying to submit a login flow for Aal2 using .NET client in SPA (browser mode). This requires passing both csrf and ory_session cookies. No clear way in the SDK docs to do this. The only options seems to use Configuration.DefaultHeaders["cookie"] (tested and working for Aal1 that requires only csrf cookie). Setting both cookies (concat cookies using '; ') using this strategy does not work. Also tried to rewrite the method SubmitSelfServiceLoginFlowWithHttpInfoAsync (from source) to add both cookies using the lines below:
if (sessionCookie != null)
localVarRequestOptions.HeaderParameters.Add("cookie", sessionCookie.ToString());
if (csrfCookie != null)
localVarRequestOptions.HeaderParameters.Add("cookie", csrfCookie.ToString());
but again it does not work if settings both cookies (only works for one).
Please advise.
Create a .NET SPA web application (e.g. Blazor server app). Add the Ory.Client Nuget. In the code, use the SDK to initialize a login flow for Aal2, fill the form data and call SubmitSelfServiceLoginFlowWithHttpInfoAsync.
No response
No response
Ory.Client 0.0.1-alpha.30
Windows
Binary
No response
I initiated payment with stripe, but decided to try free version first. Cancelled, and now stuck in infinite load no matter where I go.
No response
No response
alpha
Ory Cloud
Ory Cloud
No response
When user signs up for the console /registration for the first time he is being directed to /projects/lists before getting to the correct landing page /get.started
create a new sign-up account:
Step 3 need to be removed
User sign up flow
1. https://console.ory.sh/registration
2. https://console.ory.sh/get.startedNo response
Web Ory Cloud Console
macOS
No response
This issues a misinterpretation of analytics data
Hi all,
When adding wildcard subdomains via the API everything is OK, but via the UI the asterisks get replaced by %2A (the html entity for *). This will then not pass validation. Ory has full support for wildcard domains.
Screenshot:
No response
No response
Cloud
Ory Cloud
No response
No response
Originally posted by thecodeassassin July 5, 2022
Hi,
We start the login flow like so:
After the user registers they are actually redirected to the root domain (https://maxroll.gg). I cannot really figure out why this is happening since we've not set that domain up anywhere. (no default post registration url etc).
Feature Overview
New Subscription plan allowing users to use Ory Cloud for free, however, limited in usage (API Limits) and without certain features.
Additional context
Details of limitations will be provided shortly.
Link to discussion on Ory Slack: https://ory-community.slack.com/archives/C02MR4DEEGH/p1655990349961859
if I select “login after registration” combined with “require email validation” in Ory Console, I’m redirected to the page after registration (Vue + Node example) and it displays my session, but if I try to perform any login operations it asks to validate email first
maybe “login after registration” should be implicitly turned off if validation is required?
Default Ory Cloud setup, Vue + Node demo guide.
Authentication > Sign In After Registration in Ory ConsoleEmail Verification > Require Verified Address for Login in Ory Consoleapi/hello returns session). However, no interaction with Ory is possible before verification is completeNo response
No response
"@ory/client": "^0.0.1-alpha.189", Ory Cloud
Ory Cloud
Ory Cloud
No response
When removing a user from a project, the ui gets stuck at the loading spinner due to a 500 error.
Sign in to the console and navigate to the the project. Remove any user from the project.
No response
No response
Cloud Console
Ory Cloud
Ory Cloud
No response
Hi,
Using the .NET client SDK, the model classes ClientSubmitSelfServiceLoginFlowBody and ClientSubmitSelfServiceSettingsFlowBody are missing the constructors below:
public ClientSubmitSelfServiceLoginFlowBody(ClientSubmitSelfServiceLoginFlowWithLookupSecretMethodBody body)
public ClientSubmitSelfServiceLoginFlowBody(ClientSubmitSelfServiceLoginFlowWithWebAuthnMethodBodybody)
public ClientSubmitSelfServiceSettingsFlowBody(ClientSubmitSelfServiceSettingsFlowWithLookupMethodBody body)
public ClientSubmitSelfServiceSettingsFlowBody(ClientSubmitSelfServiceSettingsFlowWithWebAuthnMethodBody body)
required to submit the corresponding flow methods. Tried to manually set the ActualInstance property, but the setter performs type checking and fails.
Please advise.
ClientSubmitSelfServiceSettingsFlowBody body =
new ClientSubmitSelfServiceSettingsFlowBody(
new ClientSubmitSelfServiceSettingsFlowWithLookupMethodBody());
No response
No response
0.0.1-alpha.30
No response
No response
No response
We created a project in the Ory Cloud Console. This project is shared into my colleague's Ory Cloud account. My colleagues has proceeded to make some changes to the default identity schema, thus creating a custom identity schema. We believe, this has resulted in me not seeing the project's new custom identity schema in my Ory Cloud account. It currenlty loads an empty schema.
See UI screen capture on Imgur
See network screen capture on Imgur
No response
No response
Cloud Console
macOS
Ory Cloud
No response
when I run the Ory Proxy as described in
https://www.ory.sh/docs/start-building/server-side-web-app/#expressjs--nodejs
with this command
ory proxy --port 4000 http://localhost:8000/
I get the error
Error: unknown flag: --port
See above
ory proxy --port 4000 http://localhost:8000/
Error: unknown flag: --port
Usage:
ory proxy [command]
Available Commands:
api Proxy Ory's APIs.
local Develop an application locally and integrate it with Ory
production Run an application in production mode with Ory integration
Flags:
-h, --help help for proxy
Use "ory proxy [command] --help" for more information about a command.No response
cloud
macOS
Ory Cloud
No response
Feature Overview
Currently the project is single-seated meaning only one person can apply changes. Access to the project cannot be granted to other persons like developers or QA's, it limits developer experience, but also creates a bottleneck as there is only one person responsible for everything.
To address the problem, project owners will be able to invite other collaborators to the project and assign different roles with permissions. This feature will be available but not always available, depending on pricing plan used.
Additional context
Self-Service with UI in the Ory Cloud Console allowing to invite users as collaborators with confirmation of the invitation.
Roles and permissions will be pre-defined, available to select in the UI.
On the ory.sh landing page it says:
Migration to and from Ory Cloud is simple. No lock-in on vital systems.
I have not found an easy way to import existing configuration into Ory Kratos dashboard from my local Kratos instance. Ideally, I should be able to import config file, schemas, and users with a simple import flow.
Similarly, I have not find a way to export configuration, schemas, and users.
So I am not sure where does the "migration is simple" claim comes from?
See above.
No response
No response
Ory Cloud
Ory Cloud
Ory Cloud
No response
I'm trying to follow the set up guide for GitHub on Ory Cloud, but cannot seem to get authentication working. When GitHub redirects back to the callback, Ory consistently raises this error:
This is even though I believe I've configured the correct scopes on both the Ory side (user:email) and the GitHub side:
Follow the GitHub tutorial to create a social provider integration with a GitHub app.
No response
No response
Cloud
No response
Ory Cloud
No response
Instead of using self-service registration, I'd like to manage new users sign-ups using the admin API, like an organisation user management.
However, there is currently no option to disable self-service registration. If custom registration ui is not provided, Ory Cloud uses the managed ui and, therefore, the end-user is able to navigate directly to /ui/registration and sign up himself.
Ideally, Ory Cloud could have a menu at the sidebar where we could enable/disable every self-service flow, including registration.
As a workaround, I've considered providing a custom registration ui where I'd display an 404 page (no sign up submit button at least)
0.0.1-alpha-38
No response
Is your feature request related to a problem? Please describe.
Describe the solution you'd like
Currently, Social Sign In only works on oryapis.com domain as well as custom domains. However, it does not work on localhost and/or when using the Ory CLI.
Set up Social Sign In and use the Ory Proxy.
No response
No response
master
No response
No response
No response
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.