id | title |
---|---|
milestones |
Milestones and Roadmap |
This milestone does not have a description.
New feature or request.
- Selfservice account deletion (kratos#596)
- Implement Hydra integration (kratos#273)
- Self-service GDPR identity export (kratos#658)
- Admin/Selfservice session management (kratos#655)
This milestone does not have a description.
Something is not working.
- Sending JSON to complete oidc/password strategy flows causes CSRF issues (kratos#378)
- Unmable to use Auth0 as a generic OIDC provider (kratos#609)
- Password reset emails sent twice by each of the two kratos pods in my cluster (kratos#652)
New feature or request.
- Implement Security Questions MFA (kratos#469)
- Feature request: adjustable thresholds on how many times a password has been in a breach according to haveibeenpwned (kratos#450)
- Do not send credentials to hooks (kratos#77) - @hackerman
- Implement immutable keyword in JSON Schema for Identity Traits (kratos#117)
- Add filters to admin api (kratos#249)
- Feature Request: Webhooks (kratos#271)
- Support email verification paswordless login (kratos#286)
- Support remote argon2 execution (kratos#357) - @hackerman
- Implement identity state and administrative deactivation, deletion of identities (kratos#598) - @hackerman
- SMTP Error spams the server logs (kratos#402)
- Gracefully handle CSRF errors (kratos#91) - @hackerman
- How to sign in with Twitter (kratos#517)
- Add ability to import user credentials (kratos#605) - @hackerman
- Throttling repeated login requests (kratos#654)
- Require identity deactivation before administrative deletion (kratos#657)
We are looking for help on this one.
- Document that identity information (traits, etc) are available to token holders and backend systems (kratos#43) - @hackerman
- Feature Request: Webhooks (kratos#271)
Affects documentation.
- Document that identity information (traits, etc) are available to token holders and backend systems (kratos#43) - @hackerman
- Config JSON Schema needs example values (kratos#179) - @hackerman
- Elaborate on security practices against DoS and Brute Force (kratos#134)
A request for comments to discuss and share ideas.
- Introduce prevent extension in Identity JSON schema (kratos#47)
This release focuses on Admin API capabilities
Something is not working.
- Logout does not use new cookie domain setting (kratos#645)
- Refresh Sessions Without Having to Log In Again (kratos#615) - @hackerman
- Email field type changes on second request for request context during registration flow (kratos#670)
- Generate a new UUID/token after every interaction (kratos#236) - @hackerman
- UNIQUE constraint failure when updating identities via Admin API (kratos#325) - @hackerman
- Can not update an identity using PUT /identities/{id} (kratos#435)
- Verification email is sent after password recovery (kratos#578) - @hackerman
- Do not return expired sessions in
/sessions/whoami
(kratos#611) - @hackerman
New feature or request.
- Design of the client cli (kratos#663) - @Patrik
- Implement React SPA sample app (kratos#668) - @hackerman
- Implement React Native sample application consuming API (kratos#667) - @hackerman
- Implement JSON capabilities in ErrorHandler (kratos#61) - @hackerman
- Allow attaching credentials to identities in CRUD create (kratos#200)
- Move away from UUID-based challenges and responses (kratos#241) - @hackerman
- Add tests to prevent duplicate migration files (kratos#282) - @Patrik
- Session cookie (ory_kratos_session) expired time should be configurable (kratos#326) - @hackerman
- Can not update an identity using PUT /identities/{id} (kratos#435)
- Make session cookie 'domain' property configurable (kratos#516)
- Remove one of in-memory/on-disk SQLite e2e runners and replace with faster test (kratos#580) - @Andreas Bucksteeg
- Password similarity policy is too strict (kratos#581) - @Patrik
- Implement a test-error for implementing the Error UI (kratos#610)
- Rename
request_lifespan
tolifespan
(kratos#666) - @hackerman
- feat: implement API-based self-service flows (kratos#624) - @hackerman
- fix: resolve identity admin api issues (kratos#586) - @hackerman
We are looking for help on this one.
- Design of the client cli (kratos#663) - @Patrik
- Email field type changes on second request for request context during registration flow (kratos#670)
Affects documentation.
- Remove reverse proxy from node example and rely on port and the domain parameter (kratos#661) - @hackerman
- Document multi-tenant set up (kratos#370)
A request for comments to discuss and share ideas.
- Rename login/registration/recovery/... request to flow (kratos#635) - @hackerman
Blocks milestones or other issues or pulls.
- Remove reverse proxy from node example and rely on port and the domain parameter (kratos#661) - @hackerman
- Rename
request_lifespan
tolifespan
(kratos#666) - @hackerman
- feat: implement API-based self-service flows (kratos#624) - @hackerman
Changes behavior in a breaking manner.
- Rename
request_lifespan
tolifespan
(kratos#666) - @hackerman
- feat: implement API-based self-service flows (kratos#624) - @hackerman