ory · vinckr · May 5, 2026 · May 5, 2026 · May 5, 2026
@@ -105,7 +105,7 @@ including:
 ## Next steps
 
 See
-[Ory Network OAuth2 quickstart guide](@site/docs/network/hydra/quickstarts/ory-network-oauth2.mdx)
+[Ory Network OAuth2 quickstart guide](../../../../docs/network/hydra/quickstarts/ory-network-oauth2)
 to learn how to set up your own OAuth2 and OpenID Connect provider in just a few
 minutes. The guide walks you through the process of setting up Ory OAuth2 and
 OpenID Connect and configuring a sample application to use the service.
@@ -17,7 +17,7 @@ the following steps:
 ## Prerequisites
 
 Before you start,
-[install the Ory CLI](@site/docs/guides/cli/01_installation.mdx).
+[install the Ory CLI](../../../../docs/guides/cli/installation).
 
 ## Client Credentials Grant
 

@@ -11,7 +11,7 @@ latest [Docker](https://www.docker.com) and
 well as [`jq`](https://stedolan.github.io/jq/download/).
 
 You do not want to self-host? Try
-[out common OAuth2 grants on the fully managed version of Ory Hydra](@site/docs/getting-started/ory-network-oauth2.mdx).
+[out common OAuth2 grants on the fully managed version of Ory Hydra](../../../../docs/getting-started/ory-network-oauth2).
 
 ```mdx-code-block
 import CodeFromRemote from "@theme/CodeFromRemote"
@@ -136,7 +136,7 @@ docker compose -f quickstart.yml \
 
 
 If you want to test Hardware Security Module add `-f quickstart-hsm.yml`. For more information head over to
-[HSM support](@site/docs/hydra/self-hosted/hsm-support.md).
+[HSM support](../../../../docs/hydra/self-hosted/hsm-support).
 
 ```sh
 docker compose -f quickstart.yml \
@@ -154,7 +154,7 @@ Let's confirm that everything is working by creating an OAuth 2.0 Client.
 The OAuth 2.0 client uses port `4444` and `4445`. The former is Ory Hydra's
 public endpoint, the latter its administrative endpoint. For more information
 head over to
-[Exposing Administrative and Public API Endpoints](@site/docs/hydra/self-hosted/production.md).
+[Exposing Administrative and Public API Endpoints](../../../../docs/hydra/self-hosted/production).
 
 Let's create the OAuth 2.0 Client:
 
@@ -280,5 +280,5 @@ The configuration gets loaded in docker compose as specified in the
 ```
 
 Have a look at the
-[reference configuration](@site/docs/hydra/reference/configuration.mdx) for
+[reference configuration](../../../../docs/hydra/reference/configuration) for
 further information on all possible configuration options.
@@ -29,7 +29,7 @@ With Ory Permissions, you can:
 - Unify authorization logic in one service that's the single source of truth for
   access rights across all of your applications.
 - Be tech-stack agnostic and use Ory Network
-  [SDKs](@site/docs/keto/sdk/01_overview.md) available for all major programming
+  [SDKs](../../../../docs/keto/sdk/overview) available for all major programming
   languages.
 - Issue fine-grained permissions, for example
   `User:x is in readers of Document:y`.
@@ -79,14 +79,14 @@ class Document implements Namespace {
 ## Next steps
 
 - Complete the Ory Permissions
-  [quickstart](@site/docs/network/keto/quickstarts/overview.mdx) to see the
+  [quickstart](../../../../docs/network/keto/quickstarts/overview) to see the
   system in action.
 - Learn about the foundational concepts behind Ory Permissions:
-  [relationships](@site/docs/keto/concepts/01_relation-tuples.mdx),
-  [namespaces](@site/docs/keto/concepts/05_namespaces.mdx),
-  [objects](@site/docs/keto/concepts/10_objects.mdx), and
-  [subjects](@site/docs/keto/concepts/15_subjects.mdx).
+  [relationships](../../../../docs/keto/concepts/relation-tuples),
+  [namespaces](../../../../docs/keto/concepts/namespaces),
+  [objects](../../../../docs/keto/concepts/objects), and
+  [subjects](../../../../docs/keto/concepts/subjects).
 - Learn
-  [what is a permission model and how to create one](@site/docs/keto/modeling/create-permission-model.mdx).
+  [what is a permission model and how to create one](../../../../docs/keto/modeling/create-permission-model).
 - Read the Ory Permission Language
-  [specification](@site/docs/keto/reference/ory-permission-language.mdx).
+  [specification](../../../../docs/keto/reference/ory-permission-language).
@@ -6,7 +6,7 @@ Ory Keto to keep track of ownership and granted access on a per file level.
 :::note
 
 This example assumes there is a
-[namespace](@site/docs/keto/concepts/05_namespaces.mdx) `files` with the
+[namespace](../../../../docs/keto/concepts/namespaces) `files` with the
 relations `owner` and `access` defined, where each `owner` of an object also has
 `access` to that object. All relationships are stored in that namespace.
 
@@ -15,9 +15,8 @@ relations `owner` and `access` defined, where each `owner` of an object also has
 Now, the user identified by its unique username `demeter` wants to upload a file
 containing the most fertile grounds. The file gets assigned the UUID
 `ec788a82-a12e-45a4-b906-3e69f78c94e4`. The application adds the following
-[relationship](@site/docs/keto/concepts/01_relation-tuples.mdx) to Ory Keto
-through the
-[write-API](@site/docs/keto/concepts/25_api-overview.mdx#write-apis):
+[relationship](../../../../docs/keto/concepts/relation-tuples) to Ory Keto
+through the [write-API](../../../../docs/keto/concepts/api-overview#write-apis):
 
 ```keto-relation-tuples
 ec788a82-a12e-45a4-b906-3e69f78c94e4#owner@demeter
@@ -27,24 +26,24 @@ To prepare for an important meeting with the user `athena`, `demeter` wants to
 share the file with fertile grounds with `athena` so that they can both read it.
 Therefore, he opens the "Olymp Library" and is presented with a list of all
 files he owns. The application will internally request all
-[objects](@site/docs/keto/concepts/10_objects.mdx) (file IDs) with the owner
+[objects](../../../../docs/keto/concepts/objects) (file IDs) with the owner
 `demeter` by using the
-[list-API](@site/docs/keto/concepts/25_api-overview.mdx#list-relationships). The
+[list-API](../../../../docs/keto/concepts/api-overview#list-relationships). The
 response will contain the object `ec788a82-a12e-45a4-b906-3e69f78c94e4`, which
 the application maps to the file in question.
 
 The user `demeter` will then ask the application to share the file with
 `athena`. The application will translate that request into a
-[write-API request](@site/docs/keto/concepts/25_api-overview.mdx#write-apis)
+[write-API request](../../../../docs/keto/concepts/api-overview#write-apis)
 adding the following relationship to Ory Keto:
 
 ```keto-relation-tuples
 ec788a82-a12e-45a4-b906-3e69f78c94e4#access@athena
 ```
 
 To confirm the successful operation, the application uses Ory Keto's
-[expand-API](@site/docs/keto/concepts/25_api-overview.mdx#expand-subject-sets)
-to compile a list of everyone who can access the file:
+[expand-API](../../../../docs/keto/concepts/api-overview#expand-subject-sets) to
+compile a list of everyone who can access the file:
 
 ```keto-relation-tuples
 // The following subject set is expanded by Keto
@@ -64,7 +63,7 @@ The "Olymp Library" can then display this information to `demeter`.
 
 When `athena` wants to get the file containing fertile grounds, the application
 uses the
-[check-API](@site/docs/keto/concepts/25_api-overview.mdx#check-relationships) to
+[check-API](../../../../docs/keto/concepts/api-overview#check-relationships) to
 verify that `athena` has access to the file before it returns the file. This
 will allow `demeter` to revoke `athena`'s access at any point by deleting the
 corresponding relationship.

@@ -16,15 +16,15 @@ Before you start, learn about the basic concepts used in Ory Permissions.
 ### Relations and relationships
 
 The data model used by Ory Permissions are so-called
-[relationships](@site/docs/keto/concepts/01_relation-tuples.mdx) that encode
-relations between [subjects](@site/docs/keto/concepts/15_subjects.mdx) and
-[objects](@site/docs/keto/concepts/10_objects.mdx).
+[relationships](../../../../docs/keto/concepts/relation-tuples) that encode
+relations between [subjects](../../../../docs/keto/concepts/subjects) and
+[objects](../../../../docs/keto/concepts/objects).
 
 :::tip
 
 Read the dedicated documents to learn more about
-[subjects](@site/docs/keto/concepts/15_subjects.mdx) and
-[objects](@site/docs/keto/concepts/10_objects.mdx).
+[subjects](../../../../docs/keto/concepts/subjects) and
+[objects](../../../../docs/keto/concepts/objects).
 
 :::
 
@@ -78,7 +78,7 @@ This example setup demonstrates the basics of relationship management and usage
 of the Check API.
 
 This guide explains how to configure namespaces and relationship rules using the
-[Ory Permission Language](@site/docs/keto/reference/ory-permission-language.mdx)
+[Ory Permission Language](../../../../docs/keto/reference/ory-permission-language)
 (OPL). You can then run fine-grained checks against Ory Permissions, which are
 answered based on a combination of OPL and the concrete high-level relationships
 stored.
@@ -119,7 +119,7 @@ The editor offers autocompletion for the Ory Permission Language.
 #### Connecting to Ory Network via CLI
 
 Next, connect to the Ory Network using the Ory CLI. If you haven't done so
-already, [install the Ory CLI](@site/docs/guides/cli/01_installation.mdx).
+already, [install the Ory CLI](../../../../docs/guides/cli/installation).
 
 Follow these steps:
 
@@ -217,6 +217,6 @@ Allowed
 ## Next steps
 
 - Learn
-  [what a permission model is and how to create one](@site/docs/keto/modeling/create-permission-model.mdx).
+  [what a permission model is and how to create one](../../../../docs/keto/modeling/create-permission-model).
 - Read the Ory Permission Language
-  [specification](@site/docs/keto/reference/ory-permission-language.mdx).
+  [specification](../../../../docs/keto/reference/ory-permission-language).
@@ -20,7 +20,7 @@ refer to the video sharing service backend as the Keto client.
 
 ## Starting the example
 
-First, [install Keto](@site/docs/keto/install.mdx).
+First, [install Keto](../../../../docs/keto/install).
 
 Now you can start the example using either `docker-compose` or a bash script.
 The bash script requires you to have the `keto` binary in your `$PATH`.
@@ -97,8 +97,8 @@ see this in action.
 Now `cat lady` wants to change some view permissions of `/cats/1.mp4`. For this,
 the video service application has to show all users that are allowed to view the
 video. It uses Keto's
-[expand-API](@site/docs/keto/concepts/25_api-overview.mdx#expand-subject-sets)
-to get these data:
+[expand-API](../../../../docs/keto/concepts/api-overview#expand-subject-sets) to
+get these data:
 
 ```shell
 # Who is allowed to "view" the object "videos":"/cats/2.mp4"?

@@ -20,7 +20,7 @@ refer to the video sharing service backend as the Keto client.
 
 ## Starting the example
 
-First, [install Keto](@site/docs/keto/install.mdx).
+First, [install Keto](../../../../../docs/keto/install).
 
 Now you can start the example using either `docker-compose` or a bash script.
 The bash script requires you to have the `keto` binary in your `$PATH`.
@@ -97,7 +97,7 @@ see this in action.
 Now `cat lady` wants to change some view permissions of `/cats/1.mp4`. For this,
 the video service application has to show all users that are allowed to view the
 video. It uses Keto's
-[expand-API](@site/docs/keto/concepts/25_api-overview.mdx#expand-subject-sets)
+[expand-API](../../../../../docs/keto/concepts/api-overview#expand-subject-sets)
 to get these data:
 
 ```shell

@@ -18,7 +18,7 @@ at the start of the session. Alternatively, you could allow the user to start
 the session by logging in with the first factor and only require the second
 factor at the point where the user is about to perform a security-sensitive
 operation. Read more about dynamic MFA in the
-[step-up authentication](@site/docs/kratos/mfa/05_step-up-authentication.mdx)
+[step-up authentication](../../../../docs/kratos/mfa/step-up-authentication)
 document.
 
 ## Available methods
@@ -30,7 +30,7 @@ Ory offers multiple second-factor authentication methods:
 Time-based one time passwords (TOTP) are a flexible 2FA authentication method
 based on a shared secret, and can be used both with browser-based apps and
 native apps. Read
-[Time-based one-time passwords (TOTP)](@site/docs/kratos/mfa/15_totp.mdx) to
+[Time-based one-time passwords (TOTP)](../../../../docs/kratos/mfa/totp) to
 learn more.
 
 ### WebAuthn
@@ -39,7 +39,7 @@ This method uses the
 [Web Authentication API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API),
 also known as WebAuthn, which allows servers to register and authenticate users
 using public-key cryptography. Read
-[WebAuthn and FIDO2 (YubiKey)](@site/docs/kratos/mfa/20_webauthn-fido-yubikey.mdx)
+[WebAuthn and FIDO2 (YubiKey)](../../../../docs/kratos/mfa/webauthn-fido-yubikey)
 to learn more.
 
 ### Lookup Secrets
@@ -48,14 +48,15 @@ Lookup Secrets, also known as Backup Codes or Recovery Codes, are a 2FA
 fail-safe mechanism, rather than a standalone two-factor authentication method.
 They can be used to complete the second factor when users lose access to their
 selected 2FA method. Read
-[Lookup Secrets (Recovery Codes)](@site/docs/kratos/mfa/25_lookup-secrets.mdx)
-to learn more.
+[Lookup Secrets (Recovery Codes)](../../../../docs/kratos/mfa/lookup-secrets) to
+learn more.
 
 ### SMS
 
 SMS for MFA sends a one-time password to the user's registered mobile phone
 number via text message. Read the
-[Code via SMS](@site/docs/kratos/mfa/30_sms.mdx) documentation to learn more.
+[Code via SMS](../../../../docs/kratos/mfa/mfa-via-sms) documentation to learn
+more.
 
 ## Terminology
 
@@ -145,7 +146,7 @@ Authentication methods are classified into factors:
 :::info
 
 When you enable
-[passwordless authentication with WebAuthn or Passkeys](@site/docs/kratos/passwordless/05_passkeys.mdx),
+[passwordless authentication with WebAuthn or Passkeys](../../../../docs/kratos/passwordless/passkeys),
 it isn't considered as a second authentication factor.
 
 :::

@@ -17,7 +17,7 @@ at one time. For simple single-instance Ory Kratos deployments, the courier can
 simply be run as a background worker, but for multi-instance Ory Kratos
 deployments, it needs to be run a distinct singleton foreground worker. To learn
 more about setup and configuration, read the
-[Mail courier in self-hosted Ory Kratos](../../kratos/self-hosted/mail-courier-selfhosted)
+[Mail courier in self-hosted Ory Kratos](../../../../docs/kratos/self-hosted/mail-courier-selfhosted)
 document.
 
 Ory Kratos doesn't have any special requirements when it comes to high

@@ -1,7 +1,7 @@
 Ory Kratos Identities is an API-first identity and user management system built
 on top of the widely deployed open-source
 [Ory Kratos](https://github.com/ory/kratos) following
-[cloud architecture best practices](@site/docs/oss/software-architecture-philosophy.mdx).
+[cloud architecture best practices](../../../../docs/oss/software-architecture-philosophy).
 It implements mechanisms that allow handling core use cases that the majority of
 modern software applications have to deal with:
 
@@ -24,8 +24,8 @@ modern software applications have to deal with:
 
 Ory Identities calls user accounts "identities". The terms "user accounts",
 "users", and "identities" are used interchangeably in the Ory documentation.
-Read [more here](@site/docs/network/kratos/quickstarts/01_overview.mdx) to learn
-more about identities in Ory.
+Read [more here](../../../../docs/network/kratos/quickstarts/identity-model) to
+learn more about identities in Ory.
 
 :::
 
@@ -40,7 +40,7 @@ Kubernetes the most:
   Whether you want users to activate their accounts after registration, or have
   a multi-step (progressive) registration process - it's all possible!
 - One
-  [identity schema](@site/docs/kratos/manage-identities/05_identity-schema.mdx)
+  [identity schema](../../../../docs/kratos/manage-identities/identity-schema)
   doesn't fit all - you may have customers that need a billing address, have
   multiple email addresses, or internal support staff that's assigned to a cost
   center. You can accommodate the different data models using
@@ -72,51 +72,51 @@ other applications.
 
 Enhance browser security with anti-CSRF cookies, protect against common attack
 vectors such as XSS and CSRF, and maintain that session states securely.
-[Read more about it here](@site/docs/security-model.mdx)
+[Read more about it here](../../../../docs/security-model)
 
 ### Native and browser APIs
 
 Integrate seamlessly with mobile or native apps and web browsers using robust
-APIs. Read more about it [here](@site/docs/identities/native-browser.mdx).
+APIs. Read more about it [here](../../../../docs/identities/native-browser).
 
 ### Self-service flows
 
 Registration, login, logout, multi-factor authentication, settings,
 verification, and recovery. Read more about it
-[here](@site/docs/kratos/self-service.mdx).
+[here](../../../../docs/kratos/self-service).
 
 ### Authentication methods
 
 Passwords, passwordless code, Passkeys, social sign-in, multi-factor
 authentication. Read more about it
-[here](@site/docs/kratos/concepts/credentials.mdx).
+[here](../../../../docs/kratos/concepts/credentials).
 
 ### Identity schema
 
 Customize and extend user data models to fit application-specific needs. Read
-more about it [here](@site/docs/kratos/manage-identities/01_overview.mdx).
+more about it [here](../../../../docs/kratos/manage-identities/overview).
 
 ### Identity management
 
 Manage user identities with CRUD (Create, Read, Update, Delete) operations. Read
-more about it [here](@site/docs/kratos/manage-identities/01_overview.mdx).
+more about it [here](../../../../docs/kratos/manage-identities/overview).
 
 ### Session management
 
 Control user sessions, including lifespan, refresh, and revocation. Read more
-about it [here](@site/docs/kratos/session-management/01_overview.mdx).
+about it [here](../../../../docs/kratos/session-management/overview).
 
 ### User interface
 
 Build custom user interfaces for authentication and profile management using Ory
 SDKs and REST APIs to match your applications design. Read more about it
-[here](@site/docs/account-experience/index.mdx).
+[here](../../../../docs/account-experience).
 
 ### Send emails & SMS
 
 Email and SMS notifications for verification, recovery, and multi-factor
 authentication. Customize SMPT/HTTP and SMS server and templates. Read more
-about it [here](@site/docs/kratos/emails-sms/05_custom-email-templates.mdx).
+about it [here](../../../../docs/kratos/emails-sms/custom-email-templates).
 
 ## Benefits
 
@@ -169,7 +169,7 @@ data.
 ## Next steps
 
 Read more about the Ory Identities
-[security model](@site/docs/security-model.mdx) and try out one of the
-[Ory Network Identities quickstart guides](@site/docs/getting-started/overview.mdx)
+[security model](../../../../docs/security-model) and try out one of the
+[Ory Network Identities quickstart guides](../../../../docs/getting-started/overview)
 for your framework or programming language to learn how to add login and
 registration to your app in minutes.