From 7a1ac3dc05eff9c855c43009336fb3948794d98d Mon Sep 17 00:00:00 2001 From: zepatrik Date: Fri, 25 Sep 2020 16:56:33 +0200 Subject: [PATCH] chore: format --- cmd/identities/definitions_test.go | 3 +- cmd/identities/get_test.go | 3 +- cmd/identities/import_test.go | 16 +- cmd/identities/list_test.go | 10 +- cmd/identities/validate.go | 6 +- cmd/identities/validate_test.go | 28 +- docs/docs/cli/kratos-identities-delete.md | 2 +- docs/docs/cli/kratos-identities-get.md | 2 +- docs/docs/cli/kratos-identities-import.md | 9 +- docs/docs/cli/kratos-identities.md | 4 +- docs/docs/contributing.md | 50 +- docs/docs/milestones.md | 226 +- docs/docs/reference/api.mdx | 2268 ++++++++++----------- docs/docs/reference/configuration.md | 146 +- docs/sidebar.json | 18 + 15 files changed, 1436 insertions(+), 1355 deletions(-) diff --git a/cmd/identities/definitions_test.go b/cmd/identities/definitions_test.go index d7b8bb9912c..050d11f4749 100644 --- a/cmd/identities/definitions_test.go +++ b/cmd/identities/definitions_test.go @@ -4,10 +4,11 @@ import ( "bytes" "context" "errors" - "github.com/ory/kratos/identity" "io" "testing" + "github.com/ory/kratos/identity" + "github.com/spf13/cobra" "github.com/stretchr/testify/require" diff --git a/cmd/identities/get_test.go b/cmd/identities/get_test.go index e852c28cbc2..dda4195c837 100644 --- a/cmd/identities/get_test.go +++ b/cmd/identities/get_test.go @@ -4,9 +4,10 @@ import ( "context" "encoding/json" "errors" + "testing" + "github.com/ory/kratos/internal/clihelpers" "github.com/ory/kratos/x" - "testing" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/cmd/identities/import_test.go b/cmd/identities/import_test.go index 6d3c03ac98a..d9acbe14bc8 100644 --- a/cmd/identities/import_test.go +++ b/cmd/identities/import_test.go @@ -5,16 +5,18 @@ import ( "context" "encoding/json" "errors" + "io/ioutil" + "testing" + "github.com/gofrs/uuid" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/tidwall/gjson" + "github.com/ory/kratos/driver/configuration" "github.com/ory/kratos/internal/clihelpers" "github.com/ory/kratos/internal/httpclient/models" "github.com/ory/x/pointerx" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "github.com/tidwall/gjson" - "io/ioutil" - "testing" ) func TestImportCmd(t *testing.T) { @@ -23,7 +25,7 @@ func TestImportCmd(t *testing.T) { t.Run("case=imports a new identity from file", func(t *testing.T) { i := models.CreateIdentity{ SchemaID: pointerx.String(configuration.DefaultIdentityTraitsSchemaID), - Traits: map[string]interface{}{}, + Traits: map[string]interface{}{}, } ij, err := json.Marshal(i) require.NoError(t, err) @@ -44,7 +46,7 @@ func TestImportCmd(t *testing.T) { t.Run("case=imports a new identity from stdIn", func(t *testing.T) { i := models.CreateIdentity{ SchemaID: pointerx.String(configuration.DefaultIdentityTraitsSchemaID), - Traits: map[string]interface{}{}, + Traits: map[string]interface{}{}, } ij, err := json.Marshal(i) require.NoError(t, err) diff --git a/cmd/identities/list_test.go b/cmd/identities/list_test.go index 83513b16381..f71d84bc991 100644 --- a/cmd/identities/list_test.go +++ b/cmd/identities/list_test.go @@ -2,12 +2,14 @@ package identities import ( "context" - "github.com/ory/kratos/identity" - "github.com/ory/kratos/internal/clihelpers" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" "strings" "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + + "github.com/ory/kratos/identity" + "github.com/ory/kratos/internal/clihelpers" ) func TestListCmd(t *testing.T) { diff --git a/cmd/identities/validate.go b/cmd/identities/validate.go index 1d31d1bbf33..543f1f8c4b7 100644 --- a/cmd/identities/validate.go +++ b/cmd/identities/validate.go @@ -5,12 +5,14 @@ import ( "context" "encoding/json" "fmt" + "io/ioutil" + "github.com/markbates/pkger" - "github.com/ory/kratos/internal/clihelpers" "github.com/pkg/errors" "github.com/spf13/cobra" "github.com/tidwall/gjson" - "io/ioutil" + + "github.com/ory/kratos/internal/clihelpers" "github.com/ory/jsonschema/v3" "github.com/ory/kratos/cmd/cliclient" diff --git a/cmd/identities/validate_test.go b/cmd/identities/validate_test.go index 3d337d87b4c..20ec3f18be7 100644 --- a/cmd/identities/validate_test.go +++ b/cmd/identities/validate_test.go @@ -3,10 +3,12 @@ package identities import ( "bytes" "fmt" - "github.com/ory/kratos/internal/httpclient/client/common" + "testing" + "github.com/spf13/cobra" "github.com/stretchr/testify/assert" - "testing" + + "github.com/ory/kratos/internal/httpclient/client/common" ) func TestValidateIdentity(t *testing.T) { @@ -23,28 +25,28 @@ func TestValidateIdentity(t *testing.T) { } } - for i, tc := range []struct{ - description string - payload string + for i, tc := range []struct { + description string + payload string expectedRequiredError string - identitySchema map[string]interface{} + identitySchema map[string]interface{} }{ { - description: "requires schema_id from swagger schema", - payload: "{}", + description: "requires schema_id from swagger schema", + payload: "{}", expectedRequiredError: "schema_id", }, { - description: "requires traits from swagger schema", - payload: `{"schema_id": "case2"}`, + description: "requires traits from swagger schema", + payload: `{"schema_id": "case2"}`, expectedRequiredError: "traits", }, { - description: "requires custom trait key", - payload: `{"schema_id": "case3", "traits": {}}`, + description: "requires custom trait key", + payload: `{"schema_id": "case3", "traits": {}}`, expectedRequiredError: "random-property", identitySchema: map[string]interface{}{ - "type": "object", + "type": "object", "required": []string{"random-property"}, "properties": map[string]interface{}{ "random-property": map[string]interface{}{ diff --git a/docs/docs/cli/kratos-identities-delete.md b/docs/docs/cli/kratos-identities-delete.md index 95e6ba76a8a..ed896410110 100644 --- a/docs/docs/cli/kratos-identities-delete.md +++ b/docs/docs/cli/kratos-identities-delete.md @@ -24,7 +24,7 @@ with jq. Example: delete the identity with the recovery email address kratos identities delete \$(kratos identities list --format json | jq -r 'map(select(.recovery_addresses[].value == "foo@bar.com")) | .[].id') -I have to admit, this is not easy if you don't speak jq fluently. What about +We have to admit, this is not easy if you don't speak jq fluently. What about opening an issue and telling us what predefined selectors you want to have? https://github.com/ory/kratos/issues/new/choose diff --git a/docs/docs/cli/kratos-identities-get.md b/docs/docs/cli/kratos-identities-get.md index 8ca60017c1e..2952e05c265 100644 --- a/docs/docs/cli/kratos-identities-get.md +++ b/docs/docs/cli/kratos-identities-get.md @@ -24,7 +24,7 @@ domain "ory.sh": kratos identities get \$(kratos identities list --format json | jq -r 'map(select(.recovery_addresses[].value | endswith("@ory.sh"))) | .[].id') -I have to admit, this is not easy if you don't speak jq fluently. What about +We have to admit, this is not easy if you don't speak jq fluently. What about opening an issue and telling us what predefined selectors you want to have? https://github.com/ory/kratos/issues/new/choose diff --git a/docs/docs/cli/kratos-identities-import.md b/docs/docs/cli/kratos-identities-import.md index 5d737e4bdfb..264b6f01441 100644 --- a/docs/docs/cli/kratos-identities-import.md +++ b/docs/docs/cli/kratos-identities-import.md @@ -9,13 +9,16 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## kratos identities import import identities from files or STD_IN ### Synopsis -Import identities from files or STD_IN. Files are expected to each contain a single identity. The validity of files can be tested beforehand using `... identities validate`. Importing credentials is not yet supported. +Import identities from files or STD_IN. Files are expected to each contain a +single identity. The validity of files can be tested beforehand using +`... identities validate`. Importing credentials is not yet supported. ``` kratos identities import [flags] @@ -37,5 +40,5 @@ kratos identities import [flags] ### SEE ALSO -* [kratos identities](kratos-identities) - Tools to interact with remote identities - +- [kratos identities](kratos-identities) - Tools to interact with remote + identities diff --git a/docs/docs/cli/kratos-identities.md b/docs/docs/cli/kratos-identities.md index 16330c1aeb9..9f91852eaab 100644 --- a/docs/docs/cli/kratos-identities.md +++ b/docs/docs/cli/kratos-identities.md @@ -33,10 +33,10 @@ Tools to interact with remote identities - [kratos identities delete](kratos-identities-delete) - Delete identities by ID - [kratos identities get](kratos-identities-get) - Get one or more identities by ID +- [kratos identities import](kratos-identities-import) - import identities from + files or STD_IN - [kratos identities list](kratos-identities-list) - List identities - [kratos identities patch](kratos-identities-patch) - Patch identities by ID (not yet implemented) -- [kratos identities put](kratos-identities-put) - Put identities from files or - STD_IN - [kratos identities validate](kratos-identities-validate) - Validate local identity files diff --git a/docs/docs/contributing.md b/docs/docs/contributing.md index 33f4d64a416..05704e529aa 100644 --- a/docs/docs/contributing.md +++ b/docs/docs/contributing.md @@ -13,13 +13,11 @@ https://github.com/ory/meta/blob/master/templates/repository/CONTRIBUTING.md --> - # Contributing to ORY {{Project}} - - [Introduction](#introduction) - [Contributing Code](#contributing-code) - [Disclosing vulnerabilities](#disclosing-vulnerabilities) @@ -88,7 +86,8 @@ Please follow these guidelines when formatting source code: Please provide documentation when changing, removing, or adding features. Documentation resides in the project's `docs` folder. -In cases where a project does not have a `docs` folder check the README for instructions. +In cases where a project does not have a `docs` folder check the README for +instructions. The commands listed below work exclusively for projects with a `docs` folder @@ -110,8 +109,8 @@ To start a local development server with hot reloading, run: $ npm start ``` -This command opens up a browser window. Please note that changes to the sidebar are not hot-reloaded -and require a restart of the command. +This command opens up a browser window. Please note that changes to the sidebar +are not hot-reloaded and require a restart of the command. #### Build @@ -148,27 +147,32 @@ please include a note in your commit message explaining why. ## How We Organize Our Work -All repositories in the [ORY organization](https://github.com/ory) have their issues and pull requests -monitored in the [ORY Monitoring Board](https://github.com/orgs/ory/projects/9). This allows -for a transparent backlog of unanswered issues and pull requests across the ecosystem from those -who are allowed to merge pull requests to the main branch. +All repositories in the [ORY organization](https://github.com/ory) have their +issues and pull requests monitored in the +[ORY Monitoring Board](https://github.com/orgs/ory/projects/9). This allows for +a transparent backlog of unanswered issues and pull requests across the +ecosystem from those who are allowed to merge pull requests to the main branch. The process is as follows: -1. *Cards* represent open issues and pull requests and are automatically assigned to the **Triage** column if -the author is not one of the maintainers and no maintainer has answered yet. -2. A maintainer assigns the issue or pull request to someone or adds the label *help wanted* -which moves the card to **Requires Action**. -3. If a maintainer leaves a comment or review, the card moves to **Pending Reply**, implying that -the original author needs to do something (e.g. implement a change, explain something in more detail, ...). -4. If a non-maintainer pushes changes to the pull request or leaves a comment, the card moves -back to **Requires Action**. -5. If a card stays inactive for 60 days or more days, we assume that public interest in the issue -or change has waned, **archiving** the card. -6. If the issue is closed or the pull request merged or closed, the card is **archived** as well. - -We try our best to answer all issues and review all pull requests and hope that this transparent way -of keeping a backlog helps you better understand how heavy the workload is. +1. _Cards_ represent open issues and pull requests and are automatically + assigned to the **Triage** column if the author is not one of the maintainers + and no maintainer has answered yet. +2. A maintainer assigns the issue or pull request to someone or adds the label + _help wanted_ which moves the card to **Requires Action**. +3. If a maintainer leaves a comment or review, the card moves to **Pending + Reply**, implying that the original author needs to do something (e.g. + implement a change, explain something in more detail, ...). +4. If a non-maintainer pushes changes to the pull request or leaves a comment, + the card moves back to **Requires Action**. +5. If a card stays inactive for 60 days or more days, we assume that public + interest in the issue or change has waned, **archiving** the card. +6. If the issue is closed or the pull request merged or closed, the card is + **archived** as well. + +We try our best to answer all issues and review all pull requests and hope that +this transparent way of keeping a backlog helps you better understand how heavy +the workload is. ## Communication diff --git a/docs/docs/milestones.md b/docs/docs/milestones.md index ceb7627b00e..be0d30d6c6a 100644 --- a/docs/docs/milestones.md +++ b/docs/docs/milestones.md @@ -13,7 +13,8 @@ Something is not working. #### Issues -- [ ] Do not create system errors on duplicate credentials when linking oidc providers ([kratos#694](https://github.com/ory/kratos/issues/694)) +- [ ] Do not create system errors on duplicate credentials when linking oidc + providers ([kratos#694](https://github.com/ory/kratos/issues/694)) ### [Feat](https://github.com/ory/kratos/labels/feat) @@ -21,10 +22,14 @@ New feature or request. #### Issues -- [ ] Selfservice account deletion ([kratos#596](https://github.com/ory/kratos/issues/596)) -- [ ] Implement Hydra integration ([kratos#273](https://github.com/ory/kratos/issues/273)) -- [ ] Self-service GDPR identity export ([kratos#658](https://github.com/ory/kratos/issues/658)) -- [ ] Admin/Selfservice session management ([kratos#655](https://github.com/ory/kratos/issues/655)) +- [ ] Selfservice account deletion + ([kratos#596](https://github.com/ory/kratos/issues/596)) +- [ ] Implement Hydra integration + ([kratos#273](https://github.com/ory/kratos/issues/273)) +- [ ] Self-service GDPR identity export + ([kratos#658](https://github.com/ory/kratos/issues/658)) +- [ ] Admin/Selfservice session management + ([kratos#655](https://github.com/ory/kratos/issues/655)) ## [v0.6.0-alpha.1](https://github.com/ory/kratos/milestone/8) @@ -36,9 +41,12 @@ Something is not working. #### Issues -- [ ] Sending JSON to complete oidc/password strategy flows causes CSRF issues ([kratos#378](https://github.com/ory/kratos/issues/378)) -- [ ] Unmable to use Auth0 as a generic OIDC provider ([kratos#609](https://github.com/ory/kratos/issues/609)) -- [ ] Password reset emails sent twice by each of the two kratos pods in my cluster ([kratos#652](https://github.com/ory/kratos/issues/652)) +- [ ] Sending JSON to complete oidc/password strategy flows causes CSRF issues + ([kratos#378](https://github.com/ory/kratos/issues/378)) +- [ ] Unmable to use Auth0 as a generic OIDC provider + ([kratos#609](https://github.com/ory/kratos/issues/609)) +- [ ] Password reset emails sent twice by each of the two kratos pods in my + cluster ([kratos#652](https://github.com/ory/kratos/issues/652)) ### [Feat](https://github.com/ory/kratos/labels/feat) @@ -46,21 +54,42 @@ New feature or request. #### Issues -- [ ] Implement Security Questions MFA ([kratos#469](https://github.com/ory/kratos/issues/469)) -- [ ] Feature request: adjustable thresholds on how many times a password has been in a breach according to haveibeenpwned ([kratos#450](https://github.com/ory/kratos/issues/450)) -- [ ] Do not send credentials to hooks ([kratos#77](https://github.com/ory/kratos/issues/77)) - [@hackerman](https://github.com/aeneasr) -- [ ] Implement immutable keyword in JSON Schema for Identity Traits ([kratos#117](https://github.com/ory/kratos/issues/117)) -- [ ] Add filters to admin api ([kratos#249](https://github.com/ory/kratos/issues/249)) -- [ ] Feature Request: Webhooks ([kratos#271](https://github.com/ory/kratos/issues/271)) -- [ ] Support email verification paswordless login ([kratos#286](https://github.com/ory/kratos/issues/286)) -- [ ] Support remote argon2 execution ([kratos#357](https://github.com/ory/kratos/issues/357)) - [@hackerman](https://github.com/aeneasr) -- [ ] Implement identity state and administrative deactivation, deletion of identities ([kratos#598](https://github.com/ory/kratos/issues/598)) - [@hackerman](https://github.com/aeneasr) -- [ ] SMTP Error spams the server logs ([kratos#402](https://github.com/ory/kratos/issues/402)) -- [ ] Gracefully handle CSRF errors ([kratos#91](https://github.com/ory/kratos/issues/91)) - [@hackerman](https://github.com/aeneasr) -- [ ] How to sign in with Twitter ([kratos#517](https://github.com/ory/kratos/issues/517)) -- [ ] Add ability to import user credentials ([kratos#605](https://github.com/ory/kratos/issues/605)) - [@hackerman](https://github.com/aeneasr) -- [ ] Throttling repeated login requests ([kratos#654](https://github.com/ory/kratos/issues/654)) -- [ ] Require identity deactivation before administrative deletion ([kratos#657](https://github.com/ory/kratos/issues/657)) +- [ ] Implement Security Questions MFA + ([kratos#469](https://github.com/ory/kratos/issues/469)) +- [ ] Feature request: adjustable thresholds on how many times a password has + been in a breach according to haveibeenpwned + ([kratos#450](https://github.com/ory/kratos/issues/450)) +- [ ] Do not send credentials to hooks + ([kratos#77](https://github.com/ory/kratos/issues/77)) - + [@hackerman](https://github.com/aeneasr) +- [ ] Implement immutable keyword in JSON Schema for Identity Traits + ([kratos#117](https://github.com/ory/kratos/issues/117)) +- [ ] Add filters to admin api + ([kratos#249](https://github.com/ory/kratos/issues/249)) +- [ ] Feature Request: Webhooks + ([kratos#271](https://github.com/ory/kratos/issues/271)) +- [ ] Support email verification paswordless login + ([kratos#286](https://github.com/ory/kratos/issues/286)) +- [ ] Support remote argon2 execution + ([kratos#357](https://github.com/ory/kratos/issues/357)) - + [@hackerman](https://github.com/aeneasr) +- [ ] Implement identity state and administrative deactivation, deletion of + identities ([kratos#598](https://github.com/ory/kratos/issues/598)) - + [@hackerman](https://github.com/aeneasr) +- [ ] SMTP Error spams the server logs + ([kratos#402](https://github.com/ory/kratos/issues/402)) +- [ ] Gracefully handle CSRF errors + ([kratos#91](https://github.com/ory/kratos/issues/91)) - + [@hackerman](https://github.com/aeneasr) +- [ ] How to sign in with Twitter + ([kratos#517](https://github.com/ory/kratos/issues/517)) +- [ ] Add ability to import user credentials + ([kratos#605](https://github.com/ory/kratos/issues/605)) - + [@hackerman](https://github.com/aeneasr) +- [ ] Throttling repeated login requests + ([kratos#654](https://github.com/ory/kratos/issues/654)) +- [ ] Require identity deactivation before administrative deletion + ([kratos#657](https://github.com/ory/kratos/issues/657)) ### [Docs](https://github.com/ory/kratos/labels/docs) @@ -68,9 +97,15 @@ Affects documentation. #### Issues -- [ ] Document that identity information (traits, etc) are available to token holders and backend systems ([kratos#43](https://github.com/ory/kratos/issues/43)) - [@hackerman](https://github.com/aeneasr) -- [ ] Config JSON Schema needs example values ([kratos#179](https://github.com/ory/kratos/issues/179)) - [@hackerman](https://github.com/aeneasr) -- [ ] Elaborate on security practices against DoS and Brute Force ([kratos#134](https://github.com/ory/kratos/issues/134)) +- [ ] Document that identity information (traits, etc) are available to token + holders and backend systems + ([kratos#43](https://github.com/ory/kratos/issues/43)) - + [@hackerman](https://github.com/aeneasr) +- [ ] Config JSON Schema needs example values + ([kratos#179](https://github.com/ory/kratos/issues/179)) - + [@hackerman](https://github.com/aeneasr) +- [ ] Elaborate on security practices against DoS and Brute Force + ([kratos#134](https://github.com/ory/kratos/issues/134)) ### [Rfc](https://github.com/ory/kratos/labels/rfc) @@ -78,7 +113,8 @@ A request for comments to discuss and share ideas. #### Issues -- [ ] Introduce prevent extension in Identity JSON schema ([kratos#47](https://github.com/ory/kratos/issues/47)) +- [ ] Introduce prevent extension in Identity JSON schema + ([kratos#47](https://github.com/ory/kratos/issues/47)) ## [v0.5.0-alpha.1](https://github.com/ory/kratos/milestone/5) @@ -90,21 +126,42 @@ Something is not working. #### Issues -- [ ] Refresh Sessions Without Having to Log In Again ([kratos#615](https://github.com/ory/kratos/issues/615)) - [@hackerman](https://github.com/aeneasr) -- [ ] Fetching a settings request after error is missing identity data ([kratos#689](https://github.com/ory/kratos/issues/689)) - [@hackerman](https://github.com/aeneasr) -- [x] Generate a new UUID/token after every interaction ([kratos#236](https://github.com/ory/kratos/issues/236)) - [@hackerman](https://github.com/aeneasr) -- [x] UNIQUE constraint failure when updating identities via Admin API ([kratos#325](https://github.com/ory/kratos/issues/325)) - [@hackerman](https://github.com/aeneasr) -- [x] Can not update an identity using PUT /identities/{id} ([kratos#435](https://github.com/ory/kratos/issues/435)) -- [x] Verification email is sent after password recovery ([kratos#578](https://github.com/ory/kratos/issues/578)) - [@hackerman](https://github.com/aeneasr) -- [x] Do not return expired sessions in `/sessions/whoami` ([kratos#611](https://github.com/ory/kratos/issues/611)) - [@hackerman](https://github.com/aeneasr) -- [x] Logout does not use new cookie domain setting ([kratos#645](https://github.com/ory/kratos/issues/645)) -- [x] Email field type changes on second request for request context during registration flow ([kratos#670](https://github.com/ory/kratos/issues/670)) -- [x] Segmentation fault when running kratos ([kratos#685](https://github.com/ory/kratos/issues/685)) - [@Patrik](https://github.com/zepatrik) -- [x] Endpoint whoami returns valid session after user logout ([kratos#686](https://github.com/ory/kratos/issues/686)) - [@hackerman](https://github.com/aeneasr) +- [ ] Refresh Sessions Without Having to Log In Again + ([kratos#615](https://github.com/ory/kratos/issues/615)) - + [@hackerman](https://github.com/aeneasr) +- [ ] Fetching a settings request after error is missing identity data + ([kratos#689](https://github.com/ory/kratos/issues/689)) - + [@hackerman](https://github.com/aeneasr) +- [x] Generate a new UUID/token after every interaction + ([kratos#236](https://github.com/ory/kratos/issues/236)) - + [@hackerman](https://github.com/aeneasr) +- [x] UNIQUE constraint failure when updating identities via Admin API + ([kratos#325](https://github.com/ory/kratos/issues/325)) - + [@hackerman](https://github.com/aeneasr) +- [x] Can not update an identity using PUT /identities/{id} + ([kratos#435](https://github.com/ory/kratos/issues/435)) +- [x] Verification email is sent after password recovery + ([kratos#578](https://github.com/ory/kratos/issues/578)) - + [@hackerman](https://github.com/aeneasr) +- [x] Do not return expired sessions in `/sessions/whoami` + ([kratos#611](https://github.com/ory/kratos/issues/611)) - + [@hackerman](https://github.com/aeneasr) +- [x] Logout does not use new cookie domain setting + ([kratos#645](https://github.com/ory/kratos/issues/645)) +- [x] Email field type changes on second request for request context during + registration flow ([kratos#670](https://github.com/ory/kratos/issues/670)) +- [x] Segmentation fault when running kratos + ([kratos#685](https://github.com/ory/kratos/issues/685)) - + [@Patrik](https://github.com/zepatrik) +- [x] Endpoint whoami returns valid session after user logout + ([kratos#686](https://github.com/ory/kratos/issues/686)) - + [@hackerman](https://github.com/aeneasr) #### Pull Requests -- [ ] fix: escape jsx characters in api documentation ([kratos#703](https://github.com/ory/kratos/pull/703)) - [@hackerman](https://github.com/aeneasr) +- [ ] fix: escape jsx characters in api documentation + ([kratos#703](https://github.com/ory/kratos/pull/703)) - + [@hackerman](https://github.com/aeneasr) ### [Feat](https://github.com/ory/kratos/labels/feat) @@ -112,26 +169,56 @@ New feature or request. #### Issues -- [ ] Design of the client cli ([kratos#663](https://github.com/ory/kratos/issues/663)) - [@Patrik](https://github.com/zepatrik) -- [ ] Implement React SPA sample app ([kratos#668](https://github.com/ory/kratos/issues/668)) - [@hackerman](https://github.com/aeneasr) -- [ ] Implement React Native sample application consuming API ([kratos#667](https://github.com/ory/kratos/issues/667)) - [@hackerman](https://github.com/aeneasr) -- [ ] Rename strategy to method in internal APIs and Documentation ([kratos#683](https://github.com/ory/kratos/issues/683)) - [@hackerman](https://github.com/aeneasr) -- [x] Implement JSON capabilities in ErrorHandler ([kratos#61](https://github.com/ory/kratos/issues/61)) - [@hackerman](https://github.com/aeneasr) -- [x] Allow attaching credentials to identities in CRUD create ([kratos#200](https://github.com/ory/kratos/issues/200)) -- [x] Move away from UUID-based challenges and responses ([kratos#241](https://github.com/ory/kratos/issues/241)) - [@hackerman](https://github.com/aeneasr) -- [x] Add tests to prevent duplicate migration files ([kratos#282](https://github.com/ory/kratos/issues/282)) - [@Patrik](https://github.com/zepatrik) -- [x] Session cookie (ory_kratos_session) expired time should be configurable ([kratos#326](https://github.com/ory/kratos/issues/326)) - [@hackerman](https://github.com/aeneasr) -- [x] Can not update an identity using PUT /identities/{id} ([kratos#435](https://github.com/ory/kratos/issues/435)) -- [x] Make session cookie 'domain' property configurable ([kratos#516](https://github.com/ory/kratos/issues/516)) -- [x] Remove one of in-memory/on-disk SQLite e2e runners and replace with faster test ([kratos#580](https://github.com/ory/kratos/issues/580)) - [@Andreas Bucksteeg](https://github.com/tricky42) -- [x] Password similarity policy is too strict ([kratos#581](https://github.com/ory/kratos/issues/581)) - [@Patrik](https://github.com/zepatrik) -- [x] Implement a test-error for implementing the Error UI ([kratos#610](https://github.com/ory/kratos/issues/610)) -- [x] Rename `request_lifespan` to `lifespan` ([kratos#666](https://github.com/ory/kratos/issues/666)) - [@hackerman](https://github.com/aeneasr) +- [ ] Design of the client cli + ([kratos#663](https://github.com/ory/kratos/issues/663)) - + [@Patrik](https://github.com/zepatrik) +- [ ] Implement React SPA sample app + ([kratos#668](https://github.com/ory/kratos/issues/668)) - + [@hackerman](https://github.com/aeneasr) +- [ ] Implement React Native sample application consuming API + ([kratos#667](https://github.com/ory/kratos/issues/667)) - + [@hackerman](https://github.com/aeneasr) +- [ ] Rename strategy to method in internal APIs and Documentation + ([kratos#683](https://github.com/ory/kratos/issues/683)) - + [@hackerman](https://github.com/aeneasr) +- [x] Implement JSON capabilities in ErrorHandler + ([kratos#61](https://github.com/ory/kratos/issues/61)) - + [@hackerman](https://github.com/aeneasr) +- [x] Allow attaching credentials to identities in CRUD create + ([kratos#200](https://github.com/ory/kratos/issues/200)) +- [x] Move away from UUID-based challenges and responses + ([kratos#241](https://github.com/ory/kratos/issues/241)) - + [@hackerman](https://github.com/aeneasr) +- [x] Add tests to prevent duplicate migration files + ([kratos#282](https://github.com/ory/kratos/issues/282)) - + [@Patrik](https://github.com/zepatrik) +- [x] Session cookie (ory_kratos_session) expired time should be configurable + ([kratos#326](https://github.com/ory/kratos/issues/326)) - + [@hackerman](https://github.com/aeneasr) +- [x] Can not update an identity using PUT /identities/{id} + ([kratos#435](https://github.com/ory/kratos/issues/435)) +- [x] Make session cookie 'domain' property configurable + ([kratos#516](https://github.com/ory/kratos/issues/516)) +- [x] Remove one of in-memory/on-disk SQLite e2e runners and replace with faster + test ([kratos#580](https://github.com/ory/kratos/issues/580)) - + [@Andreas Bucksteeg](https://github.com/tricky42) +- [x] Password similarity policy is too strict + ([kratos#581](https://github.com/ory/kratos/issues/581)) - + [@Patrik](https://github.com/zepatrik) +- [x] Implement a test-error for implementing the Error UI + ([kratos#610](https://github.com/ory/kratos/issues/610)) +- [x] Rename `request_lifespan` to `lifespan` + ([kratos#666](https://github.com/ory/kratos/issues/666)) - + [@hackerman](https://github.com/aeneasr) #### Pull Requests -- [x] fix: resolve identity admin api issues ([kratos#586](https://github.com/ory/kratos/pull/586)) - [@hackerman](https://github.com/aeneasr) -- [x] feat: implement API-based self-service flows ([kratos#624](https://github.com/ory/kratos/pull/624)) - [@hackerman](https://github.com/aeneasr) +- [x] fix: resolve identity admin api issues + ([kratos#586](https://github.com/ory/kratos/pull/586)) - + [@hackerman](https://github.com/aeneasr) +- [x] feat: implement API-based self-service flows + ([kratos#624](https://github.com/ory/kratos/pull/624)) - + [@hackerman](https://github.com/aeneasr) ### [Docs](https://github.com/ory/kratos/labels/docs) @@ -139,8 +226,11 @@ Affects documentation. #### Issues -- [x] Document multi-tenant set up ([kratos#370](https://github.com/ory/kratos/issues/370)) -- [x] Remove reverse proxy from node example and rely on port and the domain parameter ([kratos#661](https://github.com/ory/kratos/issues/661)) - [@hackerman](https://github.com/aeneasr) +- [x] Document multi-tenant set up + ([kratos#370](https://github.com/ory/kratos/issues/370)) +- [x] Remove reverse proxy from node example and rely on port and the domain + parameter ([kratos#661](https://github.com/ory/kratos/issues/661)) - + [@hackerman](https://github.com/aeneasr) ### [Rfc](https://github.com/ory/kratos/labels/rfc) @@ -148,7 +238,9 @@ A request for comments to discuss and share ideas. #### Issues -- [x] Rename login/registration/recovery/... request to flow ([kratos#635](https://github.com/ory/kratos/issues/635)) - [@hackerman](https://github.com/aeneasr) +- [x] Rename login/registration/recovery/... request to flow + ([kratos#635](https://github.com/ory/kratos/issues/635)) - + [@hackerman](https://github.com/aeneasr) ### [Blocking](https://github.com/ory/kratos/labels/blocking) @@ -156,10 +248,18 @@ Blocks milestones or other issues or pulls. #### Issues -- [x] Remove reverse proxy from node example and rely on port and the domain parameter ([kratos#661](https://github.com/ory/kratos/issues/661)) - [@hackerman](https://github.com/aeneasr) -- [x] Rename `request_lifespan` to `lifespan` ([kratos#666](https://github.com/ory/kratos/issues/666)) - [@hackerman](https://github.com/aeneasr) +- [x] Remove reverse proxy from node example and rely on port and the domain + parameter ([kratos#661](https://github.com/ory/kratos/issues/661)) - + [@hackerman](https://github.com/aeneasr) +- [x] Rename `request_lifespan` to `lifespan` + ([kratos#666](https://github.com/ory/kratos/issues/666)) - + [@hackerman](https://github.com/aeneasr) #### Pull Requests -- [ ] fix: escape jsx characters in api documentation ([kratos#703](https://github.com/ory/kratos/pull/703)) - [@hackerman](https://github.com/aeneasr) -- [x] feat: implement API-based self-service flows ([kratos#624](https://github.com/ory/kratos/pull/624)) - [@hackerman](https://github.com/aeneasr) +- [ ] fix: escape jsx characters in api documentation + ([kratos#703](https://github.com/ory/kratos/pull/703)) - + [@hackerman](https://github.com/aeneasr) +- [x] feat: implement API-based self-service flows + ([kratos#624](https://github.com/ory/kratos/pull/624)) - + [@hackerman](https://github.com/aeneasr) diff --git a/docs/docs/reference/api.mdx b/docs/docs/reference/api.mdx index 33708fead91..f8a935b4fca 100644 --- a/docs/docs/reference/api.mdx +++ b/docs/docs/reference/api.mdx @@ -3,8 +3,6 @@ title: REST API id: api --- - - Welcome to the ORY Kratos HTTP API documentation! import Tabs from '@theme/Tabs' @@ -12,21 +10,24 @@ import TabItem from '@theme/TabItem' :::info -You are viewing REST API documentation. This documentation is auto-generated from a swagger specification which -itself is generated from annotations in the source code of the project. It is possible that this documentation includes -bugs and that code samples are incomplete or wrong. +You are viewing REST API documentation. This documentation is auto-generated +from a swagger specification which itself is generated from annotations in the +source code of the project. It is possible that this documentation includes bugs +and that code samples are incomplete or wrong. If you find issues in the respective documentation, please do not edit the -Markdown files directly (as they are generated) but raise an issue on the project's GitHub presence instead. This documentation -will improve over time with your help! If you have ideas how to improve this part of the documentation, feel free to -share them in a [GitHub issue](https://github.com/ory/docs/issues/new) any time. +Markdown files directly (as they are generated) but raise an issue on the +project's GitHub presence instead. This documentation will improve over time +with your help! If you have ideas how to improve this part of the documentation, +feel free to share them in a +[GitHub issue](https://github.com/ory/docs/issues/new) any time. ::: ## Authentication -* API Key (sessionToken) - - Parameter Name: **Authorization**, in: header. +- API Key (sessionToken) + - Parameter Name: **Authorization**, in: header. @@ -42,14 +43,15 @@ Accept: application/json ``` -This endpoint returns a 200 status code when the HTTP server is up running. -This status does currently not include checks whether the database connection is working. +This endpoint returns a 200 status code when the HTTP server is up running. This +status does currently not include checks whether the database connection is +working. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. -Be aware that if you are running multiple nodes of this service, the health status will never -refer to the cluster state, only to a single instance. +Be aware that if you are running multiple nodes of this service, the health +status will never refer to the cluster state, only to a single instance. #### Responses @@ -57,10 +59,10 @@ refer to the cluster state, only to a single instance. ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|healthStatus|[healthStatus](#schemahealthstatus)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | healthStatus | [healthStatus](#schemahealthstatus) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -72,9 +74,7 @@ refer to the cluster state, only to a single instance. } ``` - + #### Code samples @@ -100,7 +100,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -120,20 +120,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/health/alive', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -210,14 +210,14 @@ Accept: application/json ``` -This endpoint returns a 200 status code when the HTTP server is up running and the environment dependencies (e.g. -the database) are responsive as well. +This endpoint returns a 200 status code when the HTTP server is up running and +the environment dependencies (e.g. the database) are responsive as well. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. -Be aware that if you are running multiple nodes of this service, the health status will never -refer to the cluster state, only to a single instance. +Be aware that if you are running multiple nodes of this service, the health +status will never refer to the cluster state, only to a single instance. #### Responses @@ -225,10 +225,10 @@ refer to the cluster state, only to a single instance. ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|healthStatus|[healthStatus](#schemahealthstatus)| -|503|[Service Unavailable](https://tools.ietf.org/html/rfc7231#section-6.6.4)|healthNotReadyStatus|[healthNotReadyStatus](#schemahealthnotreadystatus)| +| Status | Meaning | Description | Schema | +| ------ | ------------------------------------------------------------------------ | -------------------- | --------------------------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | healthStatus | [healthStatus](#schemahealthstatus) | +| 503 | [Service Unavailable](https://tools.ietf.org/html/rfc7231#section-6.6.4) | healthNotReadyStatus | [healthNotReadyStatus](#schemahealthnotreadystatus) | ##### Examples @@ -240,9 +240,7 @@ refer to the cluster state, only to a single instance. } ``` - + #### Code samples @@ -268,7 +266,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -288,20 +286,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/health/ready', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -384,16 +382,17 @@ Accept: application/json Lists all identities. Does not support search at the moment. -Learn how identities work in [ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). +Learn how identities work in +[ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|per_page|query|integer(int64)|false|Items per Page| -|page|query|integer(int64)|false|Pagination Page| +| Parameter | In | Type | Required | Description | +| --------- | ----- | -------------- | -------- | --------------- | +| per_page | query | integer(int64) | false | Items per Page | +| page | query | integer(int64) | false | Pagination Page | ##### Detailed descriptions @@ -407,10 +406,10 @@ This is the number of items per page. ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|A list of identities.|Inline| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | --------------------- | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | A list of identities. | Inline | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | @@ -418,24 +417,24 @@ This is the number of items per page. Status Code **200** -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|*anonymous*|[[Identity](#schemaidentity)]|false|none|none| -|» id|[UUID](#schemauuid)(uuid4)|true|none|none| -|» recovery_addresses|[[RecoveryAddress](#schemarecoveryaddress)]|false|none|RecoveryAddresses contains all the addresses that can be used to recover an identity.| -|»» id|[UUID](#schemauuid)(uuid4)|true|none|none| -|»» value|string|true|none|none| -|»» via|[RecoveryAddressType](#schemarecoveryaddresstype)|true|none|none| -|» schema_id|string|true|none|SchemaID is the ID of the JSON Schema to be used for validating the identity's traits.| -|» schema_url|string|false|none|SchemaURL is the URL of the endpoint where the identity's traits schema can be fetched from.

format: url| -|» traits|[Traits](#schematraits)|true|none|none| -|» verifiable_addresses|[[VerifiableAddress](#schemaverifiableaddress)]|false|none|VerifiableAddresses contains all the addresses that can be verified by the user.| -|»» id|[UUID](#schemauuid)(uuid4)|true|none|none| -|»» status|[VerifiableAddressStatus](#schemaverifiableaddressstatus)|true|none|none| -|»» value|string|true|none|none| -|»» verified|boolean|true|none|none| -|»» verified_at|[NullTime](#schemanulltime)(date-time)|false|none|none| -|»» via|[VerifiableAddressType](#schemaverifiableaddresstype)|true|none|none| +| Name | Type | Required | Restrictions | Description | +| ---------------------- | --------------------------------------------------------- | -------- | ------------ | --------------------------------------------------------------------------------------------------------------- | +| _anonymous_ | [[Identity](#schemaidentity)] | false | none | none | +| » id | [UUID](#schemauuid)(uuid4) | true | none | none | +| » recovery_addresses | [[RecoveryAddress](#schemarecoveryaddress)] | false | none | RecoveryAddresses contains all the addresses that can be used to recover an identity. | +| »» id | [UUID](#schemauuid)(uuid4) | true | none | none | +| »» value | string | true | none | none | +| »» via | [RecoveryAddressType](#schemarecoveryaddresstype) | true | none | none | +| » schema_id | string | true | none | SchemaID is the ID of the JSON Schema to be used for validating the identity's traits. | +| » schema_url | string | false | none | SchemaURL is the URL of the endpoint where the identity's traits schema can be fetched from.

format: url | +| » traits | [Traits](#schematraits) | true | none | none | +| » verifiable_addresses | [[VerifiableAddress](#schemaverifiableaddress)] | false | none | VerifiableAddresses contains all the addresses that can be verified by the user. | +| »» id | [UUID](#schemauuid)(uuid4) | true | none | none | +| »» status | [VerifiableAddressStatus](#schemaverifiableaddressstatus) | true | none | none | +| »» value | string | true | none | none | +| »» verified | boolean | true | none | none | +| »» verified_at | [NullTime](#schemanulltime)(date-time) | false | none | none | +| »» via | [VerifiableAddressType](#schemaverifiableaddresstype) | true | none | none | ##### Examples @@ -469,9 +468,7 @@ Status Code **200** ] ``` - + #### Code samples @@ -497,7 +494,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -517,20 +514,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/identities', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -608,10 +605,12 @@ Accept: application/json ``` -This endpoint creates an identity. It is NOT possible to set an identity's credentials (password, ...) -using this method! A way to achieve that will be introduced in the future. +This endpoint creates an identity. It is NOT possible to set an identity's +credentials (password, ...) using this method! A way to achieve that will be +introduced in the future. -Learn how identities work in [ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). +Learn how identities work in +[ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). #### Request body @@ -626,9 +625,9 @@ Learn how identities work in [ORY Kratos' User And Identity Model Documentation] #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|body|body|[CreateIdentity](#schemacreateidentity)|false|none| +| Parameter | In | Type | Required | Description | +| --------- | ---- | --------------------------------------- | -------- | ----------- | +| body | body | [CreateIdentity](#schemacreateidentity) | false | none | #### Responses @@ -636,11 +635,11 @@ Learn how identities work in [ORY Kratos' User And Identity Model Documentation] ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|201|[Created](https://tools.ietf.org/html/rfc7231#section-6.3.2)|A single identity.|[Identity](#schemaidentity)| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------------ | ----------------------------------- | +| 201 | [Created](https://tools.ietf.org/html/rfc7231#section-6.3.2) | A single identity. | [Identity](#schemaidentity) | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -672,9 +671,7 @@ Learn how identities work in [ORY Kratos' User And Identity Model Documentation] } ``` - + #### Code samples @@ -700,7 +697,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Content-Type": []string{"application/json"}, "Accept": []string{"application/json"}, } @@ -817,15 +814,16 @@ Accept: application/json ``` -Learn how identities work in [ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). +Learn how identities work in +[ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|id|path|string|true|ID must be set to the ID of identity you want to get| +| Parameter | In | Type | Required | Description | +| --------- | ---- | ------ | -------- | ---------------------------------------------------- | +| id | path | string | true | ID must be set to the ID of identity you want to get | #### Responses @@ -833,11 +831,11 @@ Learn how identities work in [ORY Kratos' User And Identity Model Documentation] ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|A single identity.|[Identity](#schemaidentity)| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | A single identity. | [Identity](#schemaidentity) | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -869,9 +867,7 @@ Learn how identities work in [ORY Kratos' User And Identity Model Documentation] } ``` - + #### Code samples @@ -897,7 +893,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -917,20 +913,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/identities/{id}', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -1008,12 +1004,15 @@ Accept: application/json ``` -This endpoint updates an identity. It is NOT possible to set an identity's credentials (password, ...) -using this method! A way to achieve that will be introduced in the future. +This endpoint updates an identity. It is NOT possible to set an identity's +credentials (password, ...) using this method! A way to achieve that will be +introduced in the future. -The full identity payload (except credentials) is expected. This endpoint does not support patching. +The full identity payload (except credentials) is expected. This endpoint does +not support patching. -Learn how identities work in [ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). +Learn how identities work in +[ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). #### Request body @@ -1028,10 +1027,10 @@ Learn how identities work in [ORY Kratos' User And Identity Model Documentation] #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|id|path|string|true|ID must be set to the ID of identity you want to update| -|body|body|[UpdateIdentity](#schemaupdateidentity)|false|none| +| Parameter | In | Type | Required | Description | +| --------- | ---- | --------------------------------------- | -------- | ------------------------------------------------------- | +| id | path | string | true | ID must be set to the ID of identity you want to update | +| body | body | [UpdateIdentity](#schemaupdateidentity) | false | none | #### Responses @@ -1039,12 +1038,12 @@ Learn how identities work in [ORY Kratos' User And Identity Model Documentation] ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|A single identity.|[Identity](#schemaidentity)| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)| -|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | A single identity. | [Identity](#schemaidentity) | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) | +| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -1076,9 +1075,7 @@ Learn how identities work in [ORY Kratos' User And Identity Model Documentation] } ``` - + #### Code samples @@ -1104,7 +1101,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Content-Type": []string{"application/json"}, "Accept": []string{"application/json"}, } @@ -1221,19 +1218,21 @@ Accept: application/json ``` -Calling this endpoint irrecoverably and permanently deletes the identity given its ID. This action can not be undone. -This endpoint returns 204 when the identity was deleted or when the identity was not found, in which case it is +Calling this endpoint irrecoverably and permanently deletes the identity given +its ID. This action can not be undone. This endpoint returns 204 when the +identity was deleted or when the identity was not found, in which case it is assumed that is has been deleted already. -Learn how identities work in [ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). +Learn how identities work in +[ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|id|path|string|true|ID is the identity's ID.| +| Parameter | In | Type | Required | Description | +| --------- | ---- | ------ | -------- | ------------------------ | +| id | path | string | true | ID is the identity's ID. | #### Responses @@ -1241,11 +1240,11 @@ Learn how identities work in [ORY Kratos' User And Identity Model Documentation] ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|204|[No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| 204 | [No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -1265,9 +1264,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -1293,7 +1290,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -1313,20 +1310,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/identities/{id}', { method: 'DELETE', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -1396,6 +1393,7 @@ p JSON.parse(result) ### Get snapshot metrics from the Hydra service. If you're using k8s, you can then add annotations to + your deployment like so: ``` @@ -1412,19 +1410,19 @@ prometheus.io/path: "/metrics/prometheus" #### Responses - + ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| +| Status | Meaning | Description | Schema | +| -------------- | ------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ------ | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | - + #### Code samples @@ -1467,15 +1465,15 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') fetch('/metrics/prometheus', { method: 'GET' }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -1544,8 +1542,8 @@ Accept: application/json ``` -This endpoint creates a recovery link which should be given to the user in order for them to recover -(or activate) their account. +This endpoint creates a recovery link which should be given to the user in order +for them to recover (or activate) their account. #### Request body @@ -1560,9 +1558,9 @@ This endpoint creates a recovery link which should be given to the user in order #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|body|body|[CreateRecoveryLink](#schemacreaterecoverylink)|false|none| +| Parameter | In | Type | Required | Description | +| --------- | ---- | ----------------------------------------------- | -------- | ----------- | +| body | body | [CreateRecoveryLink](#schemacreaterecoverylink) | false | none | #### Responses @@ -1570,12 +1568,12 @@ This endpoint creates a recovery link which should be given to the user in order ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|recoveryLink|[recoveryLink](#schemarecoverylink)| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)| -|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | recoveryLink | [recoveryLink](#schemarecoverylink) | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) | +| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -1588,9 +1586,7 @@ This endpoint creates a recovery link which should be given to the user in order } ``` - + #### Code samples @@ -1616,7 +1612,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Content-Type": []string{"application/json"}, "Accept": []string{"application/json"}, } @@ -1743,9 +1739,9 @@ Get a Traits Schema Definition #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|id|path|string|true|ID must be set to the ID of schema you want to get| +| Parameter | In | Type | Required | Description | +| --------- | ---- | ------ | -------- | -------------------------------------------------- | +| id | path | string | true | ID must be set to the ID of schema you want to get | #### Responses @@ -1753,11 +1749,11 @@ Get a Traits Schema Definition ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|The raw identity traits schema|Inline| -|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------------------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | The raw identity traits schema | Inline | +| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | @@ -1771,9 +1767,7 @@ Get a Traits Schema Definition {} ``` - + #### Code samples @@ -1799,7 +1793,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -1819,20 +1813,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/schemas/{id}', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -1909,24 +1903,27 @@ Accept: application/json ``` -This endpoint returns the error associated with a user-facing self service errors. +This endpoint returns the error associated with a user-facing self service +errors. -When accessing this endpoint through ORY Kratos' Public API, ensure that cookies are set as they are required for CSRF to work. To prevent -token scanning attacks, the public endpoint does not return 404 status codes. +When accessing this endpoint through ORY Kratos' Public API, ensure that cookies +are set as they are required for CSRF to work. To prevent token scanning +attacks, the public endpoint does not return 404 status codes. This endpoint supports stub values to help you implement the error UI: `?error=stub:500` - returns a stub 500 (Internal Server Error) error. -More information can be found at [ORY Kratos User User Facing Error Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-facing-errors). +More information can be found at +[ORY Kratos User User Facing Error Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-facing-errors). #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|error|query|string|true|Error is the container's ID| +| Parameter | In | Type | Required | Description | +| --------- | ----- | ------ | -------- | --------------------------- | +| error | query | string | true | Error is the container's ID | #### Responses @@ -1934,12 +1931,12 @@ More information can be found at [ORY Kratos User User Facing Error Documentatio ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|User-facing error response|[errorContainer](#schemaerrorcontainer)| -|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)| -|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | -------------------------- | --------------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | User-facing error response | [errorContainer](#schemaerrorcontainer) | +| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) | +| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -1952,9 +1949,7 @@ More information can be found at [ORY Kratos User User Facing Error Documentatio } ``` - + #### Code samples @@ -1980,7 +1975,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -2000,20 +1995,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/errors?error=string', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -2092,17 +2087,19 @@ Accept: application/json ``` -This endpoint returns a login flow's context with, for example, error details and other information. +This endpoint returns a login flow's context with, for example, error details +and other information. -More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). +More information can be found at +[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|id|query|string|true|The Login Flow ID| +| Parameter | In | Type | Required | Description | +| --------- | ----- | ------ | -------- | ----------------- | +| id | query | string | true | The Login Flow ID | ##### Detailed descriptions @@ -2117,13 +2114,13 @@ application (e.g. `/login?flow=abcde`). ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|loginFlow|[loginFlow](#schemaloginflow)| -|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)| -|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)| -|410|[Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | loginFlow | [loginFlow](#schemaloginflow) | +| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) | +| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) | +| 410 | [Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -2253,9 +2250,7 @@ application (e.g. `/login?flow=abcde`). } ``` - + #### Code samples @@ -2281,7 +2276,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -2301,20 +2296,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/login/flows?id=string', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -2393,24 +2388,26 @@ Accept: application/json ``` -This endpoint returns a recovery flow's context with, for example, error details and other information. +This endpoint returns a recovery flow's context with, for example, error details +and other information. -More information can be found at [ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx). +More information can be found at +[ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx). #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|id|query|string|true|The Flow ID| +| Parameter | In | Type | Required | Description | +| --------- | ----- | ------ | -------- | ----------- | +| id | query | string | true | The Flow ID | ##### Detailed descriptions **id**: The Flow ID -The value for this parameter comes from `request` URL Query parameter sent to your -application (e.g. `/recovery?flow=abcde`). +The value for this parameter comes from `request` URL Query parameter sent to +your application (e.g. `/recovery?flow=abcde`). #### Responses @@ -2418,12 +2415,12 @@ application (e.g. `/recovery?flow=abcde`). ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|recoveryFlow|[recoveryFlow](#schemarecoveryflow)| -|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)| -|410|[Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | recoveryFlow | [recoveryFlow](#schemarecoveryflow) | +| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) | +| 410 | [Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -2517,9 +2514,7 @@ application (e.g. `/recovery?flow=abcde`). } ``` - + #### Code samples @@ -2545,7 +2540,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -2565,20 +2560,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/recovery/flows?id=string', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -2657,17 +2652,19 @@ Accept: application/json ``` -This endpoint returns a registration flow's context with, for example, error details and other information. +This endpoint returns a registration flow's context with, for example, error +details and other information. -More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). +More information can be found at +[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|id|query|string|true|The Registration Flow ID| +| Parameter | In | Type | Required | Description | +| --------- | ----- | ------ | -------- | ------------------------ | +| id | query | string | true | The Registration Flow ID | ##### Detailed descriptions @@ -2682,13 +2679,13 @@ application (e.g. `/registration?flow=abcde`). ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|registrationFlow|[registrationFlow](#schemaregistrationflow)| -|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)| -|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)| -|410|[Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ---------------- | ------------------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | registrationFlow | [registrationFlow](#schemaregistrationflow) | +| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) | +| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) | +| 410 | [Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -2817,9 +2814,7 @@ application (e.g. `/registration?flow=abcde`). } ``` - + #### Code samples @@ -2845,7 +2840,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -2865,20 +2860,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/registration/flows?id=string', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -2957,21 +2952,24 @@ Accept: application/json ``` -When accessing this endpoint through ORY Kratos' Public API you must ensure that either the ORY Kratos Session Cookie -or the ORY Kratos Session Token are set. The public endpoint does not return 404 status codes -but instead 403 or 500 to improve data privacy. +When accessing this endpoint through ORY Kratos' Public API you must ensure that +either the ORY Kratos Session Cookie or the ORY Kratos Session Token are set. +The public endpoint does not return 404 status codes but instead 403 or 500 to +improve data privacy. -You can access this endpoint without credentials when using ORY Kratos' Admin API. +You can access this endpoint without credentials when using ORY Kratos' Admin +API. -More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). +More information can be found at +[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|id|query|string|true|ID is the Settings Flow ID| +| Parameter | In | Type | Required | Description | +| --------- | ----- | ------ | -------- | -------------------------- | +| id | query | string | true | ID is the Settings Flow ID | ##### Detailed descriptions @@ -2986,13 +2984,13 @@ application (e.g. `/settings?flow=abcde`). ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|settingsFlow|[settingsFlow](#schemasettingsflow)| -|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)| -|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)| -|410|[Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | settingsFlow | [settingsFlow](#schemasettingsflow) | +| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) | +| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) | +| 410 | [Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -3109,9 +3107,7 @@ application (e.g. `/settings?flow=abcde`). } ``` - + #### Code samples @@ -3137,7 +3133,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -3157,20 +3153,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/settings/flows?id=string', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -3249,24 +3245,26 @@ Accept: application/json ``` -This endpoint returns a verification flow's context with, for example, error details and other information. +This endpoint returns a verification flow's context with, for example, error +details and other information. -More information can be found at [ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation). +More information can be found at +[ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation). #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|id|query|string|true|The Flow ID| +| Parameter | In | Type | Required | Description | +| --------- | ----- | ------ | -------- | ----------- | +| id | query | string | true | The Flow ID | ##### Detailed descriptions **id**: The Flow ID -The value for this parameter comes from `request` URL Query parameter sent to your -application (e.g. `/verification?flow=abcde`). +The value for this parameter comes from `request` URL Query parameter sent to +your application (e.g. `/verification?flow=abcde`). #### Responses @@ -3274,12 +3272,12 @@ application (e.g. `/verification?flow=abcde`). ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|verificationFlow|[verificationFlow](#schemaverificationflow)| -|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)| -|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ---------------- | ------------------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | verificationFlow | [verificationFlow](#schemaverificationflow) | +| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) | +| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -3373,9 +3371,7 @@ application (e.g. `/verification?flow=abcde`). } ``` - + #### Code samples @@ -3401,7 +3397,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -3421,20 +3417,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/verification/flows?id=string', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -3519,12 +3515,14 @@ Accept: application/json This endpoint initializes a logout flow. -> This endpoint is NOT INTENDED for API clients and only works -with browsers (Chrome, Firefox, ...). +> This endpoint is NOT INTENDED for API clients and only works with browsers +> (Chrome, Firefox, ...). -On successful logout, the browser will be redirected (HTTP 302 Found) to `urls.default_return_to`. +On successful logout, the browser will be redirected (HTTP 302 Found) to +`urls.default_return_to`. -More information can be found at [ORY Kratos User Logout Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-logout). +More information can be found at +[ORY Kratos User Logout Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-logout). #### Responses @@ -3532,11 +3530,11 @@ More information can be found at [ORY Kratos User Logout Documentation](https:// ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -3556,9 +3554,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -3584,7 +3580,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -3604,20 +3600,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/browser/flows/logout', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -3694,12 +3690,14 @@ Accept: application/json ``` -This endpoint completes a browser-based settings flow. This is usually achieved by POSTing data to this -endpoint. +This endpoint completes a browser-based settings flow. This is usually achieved +by POSTing data to this endpoint. -> This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...) and HTML Forms. +> This endpoint is NOT INTENDED for API clients and only works with browsers +> (Chrome, Firefox, ...) and HTML Forms. -More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). +More information can be found at +[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). #### Responses @@ -3707,11 +3705,11 @@ More information can be found at [ORY Kratos User Settings & Profile Management ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -3731,9 +3729,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -3759,7 +3755,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -3779,20 +3775,23 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } -fetch('/self-service/browser/flows/registration/strategies/oidc/settings/connections', { - method: 'POST', - headers -}) -.then(r => r.json()) -.then((body) => { +fetch( + '/self-service/browser/flows/registration/strategies/oidc/settings/connections', + { + method: 'POST', + headers + } +) + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -3869,40 +3868,44 @@ Accept: application/json ``` -This endpoint initiates a login flow for API clients such as mobile devices, smart TVs, and so on. +This endpoint initiates a login flow for API clients such as mobile devices, +smart TVs, and so on. -If a valid provided session cookie or session token is provided, a 400 Bad Request error -will be returned unless the URL query parameter `?refresh=true` is set. +If a valid provided session cookie or session token is provided, a 400 Bad +Request error will be returned unless the URL query parameter `?refresh=true` is +set. To fetch an existing login flow call `/self-service/login/flows?flow=`. :::warning -You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server -Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make -you vulnerable to a variety of CSRF attacks, including CSRF login attacks. +You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, +AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser +applications. Using this endpoint in these applications will make you vulnerable +to a variety of CSRF attacks, including CSRF login attacks. -This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...). +This endpoint MUST ONLY be used in scenarios such as native mobile apps (React +Native, Objective C, Swift, Java, ...). ::: -More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). +More information can be found at +[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|refresh|query|boolean|false|Refresh a login session| +| Parameter | In | Type | Required | Description | +| --------- | ----- | ------- | -------- | ----------------------- | +| refresh | query | boolean | false | Refresh a login session | ##### Detailed descriptions **refresh**: Refresh a login session -If set to true, this will refresh an existing login session by -asking the user to sign in again. This will reset the -authenticated_at time of the session. +If set to true, this will refresh an existing login session by asking the user +to sign in again. This will reset the authenticated_at time of the session. #### Responses @@ -3910,11 +3913,11 @@ authenticated_at time of the session. ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|loginFlow|[loginFlow](#schemaloginflow)| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | loginFlow | [loginFlow](#schemaloginflow) | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -4044,9 +4047,7 @@ authenticated_at time of the session. } ``` - + #### Code samples @@ -4072,7 +4073,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -4092,20 +4093,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/login/api', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -4182,14 +4183,17 @@ Accept: application/json ``` -This endpoint initializes a browser-based user login flow. Once initialized, the browser will be redirected to -`selfservice.flows.login.ui_url` with the flow ID set as the query parameter `?flow=`. If a valid user session -exists already, the browser will be redirected to `urls.default_redirect_url` unless the query parameter -`?refresh=true` was set. +This endpoint initializes a browser-based user login flow. Once initialized, the +browser will be redirected to `selfservice.flows.login.ui_url` with the flow ID +set as the query parameter `?flow=`. If a valid user session exists already, the +browser will be redirected to `urls.default_redirect_url` unless the query +parameter `?refresh=true` was set. -This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...). +This endpoint is NOT INTENDED for API clients and only works with browsers +(Chrome, Firefox, ...). -More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). +More information can be found at +[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). #### Responses @@ -4197,11 +4201,11 @@ More information can be found at [ORY Kratos User Login and User Registration Do ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -4221,9 +4225,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -4249,7 +4251,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -4269,20 +4271,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/login/browser', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -4359,30 +4361,32 @@ Accept: application/json ``` -Use this endpoint to complete a login flow by sending an identity's identifier and password. This endpoint -behaves differently for API and browser flows. +Use this endpoint to complete a login flow by sending an identity's identifier +and password. This endpoint behaves differently for API and browser flows. API flows expect `application/json` to be sent in the body and responds with -HTTP 200 and a application/json body with the session token on success; -HTTP 302 redirect to a fresh login flow if the original flow expired with the appropriate error messages set; -HTTP 400 on form validation errors. +HTTP 200 and a application/json body with the session token on success; HTTP 302 +redirect to a fresh login flow if the original flow expired with the appropriate +error messages set; HTTP 400 on form validation errors. -Browser flows expect `application/x-www-form-urlencoded` to be sent in the body and responds with -a HTTP 302 redirect to the post/after login URL or the `return_to` value if it was set and if the login succeeded; -a HTTP 302 redirect to the login UI URL with the flow ID containing the validation errors otherwise. +Browser flows expect `application/x-www-form-urlencoded` to be sent in the body +and responds with a HTTP 302 redirect to the post/after login URL or the +`return_to` value if it was set and if the login succeeded; a HTTP 302 redirect +to the login UI URL with the flow ID containing the validation errors otherwise. -More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). +More information can be found at +[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|password|query|string|false|The user's password.| -|identifier|query|string|false|Identifier is the email or username of the user trying to log in.| -|csrf_token|query|string|false|Sending the anti-csrf token is only required for browser login flows.| -|flow|query|string|true|The Flow ID| +| Parameter | In | Type | Required | Description | +| ---------- | ----- | ------ | -------- | --------------------------------------------------------------------- | +| password | query | string | false | The user's password. | +| identifier | query | string | false | Identifier is the email or username of the user trying to log in. | +| csrf_token | query | string | false | Sending the anti-csrf token is only required for browser login flows. | +| flow | query | string | true | The Flow ID | #### Responses @@ -4390,13 +4394,13 @@ More information can be found at [ORY Kratos User Login and User Registration Do ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|loginViaApiResponse|[loginViaApiResponse](#schemaloginviaapiresponse)| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|loginFlow|[loginFlow](#schemaloginflow)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ------------------------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | loginViaApiResponse | [loginViaApiResponse](#schemaloginviaapiresponse) | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | loginFlow | [loginFlow](#schemaloginflow) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -4438,9 +4442,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -4466,7 +4468,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -4486,20 +4488,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/login/methods/password?flow=string', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -4578,23 +4580,29 @@ Accept: application/json ``` -This endpoint initiates a recovery flow for API clients such as mobile devices, smart TVs, and so on. +This endpoint initiates a recovery flow for API clients such as mobile devices, +smart TVs, and so on. -If a valid provided session cookie or session token is provided, a 400 Bad Request error. +If a valid provided session cookie or session token is provided, a 400 Bad +Request error. -To fetch an existing recovery flow call `/self-service/recovery/flows?flow=`. +To fetch an existing recovery flow call +`/self-service/recovery/flows?flow=`. :::warning -You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server -Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make -you vulnerable to a variety of CSRF attacks. +You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, +AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser +applications. Using this endpoint in these applications will make you vulnerable +to a variety of CSRF attacks. -This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...). +This endpoint MUST ONLY be used in scenarios such as native mobile apps (React +Native, Objective C, Swift, Java, ...). ::: -More information can be found at [ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx). +More information can be found at +[ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx). #### Responses @@ -4602,11 +4610,11 @@ More information can be found at [ORY Kratos Account Recovery Documentation](../ ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|recoveryFlow|[recoveryFlow](#schemarecoveryflow)| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | recoveryFlow | [recoveryFlow](#schemarecoveryflow) | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -4700,9 +4708,7 @@ More information can be found at [ORY Kratos Account Recovery Documentation](../ } ``` - + #### Code samples @@ -4728,7 +4734,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -4748,20 +4754,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/recovery/api', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -4838,13 +4844,17 @@ Accept: application/json ``` -This endpoint initializes a browser-based account recovery flow. Once initialized, the browser will be redirected to -`selfservice.flows.recovery.ui_url` with the flow ID set as the query parameter `?flow=`. If a valid user session -exists, the browser is returned to the configured return URL. +This endpoint initializes a browser-based account recovery flow. Once +initialized, the browser will be redirected to +`selfservice.flows.recovery.ui_url` with the flow ID set as the query parameter +`?flow=`. If a valid user session exists, the browser is returned to the +configured return URL. -This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...). +This endpoint is NOT INTENDED for API clients and only works with browsers +(Chrome, Firefox, ...). -More information can be found at [ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx). +More information can be found at +[ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx). #### Responses @@ -4852,11 +4862,11 @@ More information can be found at [ORY Kratos Account Recovery Documentation](../ ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -4876,9 +4886,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -4904,7 +4912,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -4924,20 +4932,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/recovery/browser', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -5015,22 +5023,27 @@ Accept: application/json ``` -Use this endpoint to complete a recovery flow using the link method. This endpoint -behaves differently for API and browser flows and has several states: +Use this endpoint to complete a recovery flow using the link method. This +endpoint behaves differently for API and browser flows and has several states: -`choose_method` expects `flow` (in the URL query) and `email` (in the body) to be sent -and works with API- and Browser-initiated flows. -For API clients it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid -and a HTTP 302 Found redirect with a fresh recovery flow if the flow was otherwise invalid (e.g. expired). -For Browser clients it returns a HTTP 302 Found redirect to the Recovery UI URL with the Recovery Flow ID appended. -`sent_email` is the success state after `choose_method` and allows the user to request another recovery email. It -works for both API and Browser-initiated flows and returns the same responses as the flow in `choose_method` state. -`passed_challenge` expects a `token` to be sent in the URL query and given the nature of the flow ("sending a recovery link") -does not have any API capabilities. The server responds with a HTTP 302 Found redirect either to the Settings UI URL -(if the link was valid) and instructs the user to update their password, or a redirect to the Recover UI URL with -a new Recovery Flow ID which contains an error message that the recovery link was invalid. +`choose_method` expects `flow` (in the URL query) and `email` (in the body) to +be sent and works with API- and Browser-initiated flows. For API clients it +either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the +form is invalid and a HTTP 302 Found redirect with a fresh recovery flow if the +flow was otherwise invalid (e.g. expired). For Browser clients it returns a HTTP +302 Found redirect to the Recovery UI URL with the Recovery Flow ID appended. +`sent_email` is the success state after `choose_method` and allows the user to +request another recovery email. It works for both API and Browser-initiated +flows and returns the same responses as the flow in `choose_method` state. +`passed_challenge` expects a `token` to be sent in the URL query and given the +nature of the flow ("sending a recovery link") does not have any API +capabilities. The server responds with a HTTP 302 Found redirect either to the +Settings UI URL (if the link was valid) and instructs the user to update their +password, or a redirect to the Recover UI URL with a new Recovery Flow ID which +contains an error message that the recovery link was invalid. -More information can be found at [ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx). +More information can be found at +[ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx). #### Request body @@ -5044,25 +5057,24 @@ More information can be found at [ORY Kratos Account Recovery Documentation](../ ```yaml csrf_token: string email: string - ``` #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|token|query|string|false|Recovery Token| -|flow|query|string|false|The Flow ID| -|body|body|[completeSelfServiceRecoveryFlowWithLinkMethod](#schemacompleteselfservicerecoveryflowwithlinkmethod)|false|none| +| Parameter | In | Type | Required | Description | +| --------- | ----- | ----------------------------------------------------------------------------------------------------- | -------- | -------------- | +| token | query | string | false | Recovery Token | +| flow | query | string | false | The Flow ID | +| body | body | [completeSelfServiceRecoveryFlowWithLinkMethod](#schemacompleteselfservicerecoveryflowwithlinkmethod) | false | none | ##### Detailed descriptions **token**: Recovery Token -The recovery token which completes the recovery request. If the token -is invalid (e.g. expired) an error will be shown to the end-user. +The recovery token which completes the recovery request. If the token is invalid +(e.g. expired) an error will be shown to the end-user. **flow**: The Flow ID @@ -5074,12 +5086,12 @@ format: uuid ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|recoveryFlow|[recoveryFlow](#schemarecoveryflow)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | recoveryFlow | [recoveryFlow](#schemarecoveryflow) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -5173,9 +5185,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -5201,7 +5211,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Content-Type": []string{"application/json"}, "Accept": []string{"application/json"}, } @@ -5318,24 +5328,30 @@ Accept: application/json ``` -This endpoint initiates a registration flow for API clients such as mobile devices, smart TVs, and so on. +This endpoint initiates a registration flow for API clients such as mobile +devices, smart TVs, and so on. -If a valid provided session cookie or session token is provided, a 400 Bad Request error -will be returned unless the URL query parameter `?refresh=true` is set. +If a valid provided session cookie or session token is provided, a 400 Bad +Request error will be returned unless the URL query parameter `?refresh=true` is +set. -To fetch an existing registration flow call `/self-service/registration/flows?flow=`. +To fetch an existing registration flow call +`/self-service/registration/flows?flow=`. :::warning -You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server -Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make -you vulnerable to a variety of CSRF attacks. +You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, +AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser +applications. Using this endpoint in these applications will make you vulnerable +to a variety of CSRF attacks. -This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...). +This endpoint MUST ONLY be used in scenarios such as native mobile apps (React +Native, Objective C, Swift, Java, ...). ::: -More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). +More information can be found at +[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). #### Responses @@ -5343,11 +5359,11 @@ More information can be found at [ORY Kratos User Login and User Registration Do ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|registrationFlow|[registrationFlow](#schemaregistrationflow)| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ---------------- | ------------------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | registrationFlow | [registrationFlow](#schemaregistrationflow) | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -5476,9 +5492,7 @@ More information can be found at [ORY Kratos User Login and User Registration Do } ``` - + #### Code samples @@ -5504,7 +5518,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -5524,20 +5538,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/registration/api', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -5614,18 +5628,22 @@ Accept: application/json ``` -This endpoint initializes a browser-based user registration flow. Once initialized, the browser will be redirected to -`selfservice.flows.registration.ui_url` with the flow ID set as the query parameter `?flow=`. If a valid user session -exists already, the browser will be redirected to `urls.default_redirect_url` unless the query parameter +This endpoint initializes a browser-based user registration flow. Once +initialized, the browser will be redirected to +`selfservice.flows.registration.ui_url` with the flow ID set as the query +parameter `?flow=`. If a valid user session exists already, the browser will be +redirected to `urls.default_redirect_url` unless the query parameter `?refresh=true` was set. :::note -This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...). +This endpoint is NOT INTENDED for API clients and only works with browsers +(Chrome, Firefox, ...). ::: -More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). +More information can be found at +[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). #### Responses @@ -5633,11 +5651,11 @@ More information can be found at [ORY Kratos User Login and User Registration Do ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -5657,9 +5675,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -5685,7 +5701,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -5705,20 +5721,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/registration/browser', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -5796,20 +5812,25 @@ Accept: application/json ``` -Use this endpoint to complete a registration flow by sending an identity's traits and password. This endpoint -behaves differently for API and browser flows. +Use this endpoint to complete a registration flow by sending an identity's +traits and password. This endpoint behaves differently for API and browser +flows. -API flows expect `application/json` to be sent in the body and respond with -HTTP 200 and a application/json body with the created identity success - if the session hook is configured the -`session` and `session_token` will also be included; -HTTP 302 redirect to a fresh registration flow if the original flow expired with the appropriate error messages set; -HTTP 400 on form validation errors. +API flows expect `application/json` to be sent in the body and respond with HTTP +200 and a application/json body with the created identity success - if the +session hook is configured the `session` and `session_token` will also be +included; HTTP 302 redirect to a fresh registration flow if the original flow +expired with the appropriate error messages set; HTTP 400 on form validation +errors. -Browser flows expect `application/x-www-form-urlencoded` to be sent in the body and responds with -a HTTP 302 redirect to the post/after registration URL or the `return_to` value if it was set and if the registration succeeded; -a HTTP 302 redirect to the registration UI URL with the flow ID containing the validation errors otherwise. +Browser flows expect `application/x-www-form-urlencoded` to be sent in the body +and responds with a HTTP 302 redirect to the post/after registration URL or the +`return_to` value if it was set and if the registration succeeded; a HTTP 302 +redirect to the registration UI URL with the flow ID containing the validation +errors otherwise. -More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). +More information can be found at +[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration). #### Request body @@ -5819,17 +5840,16 @@ More information can be found at [ORY Kratos User Login and User Registration Do ```yaml {} - ``` #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|flow|query|string|false|Flow is flow ID.| -|body|body|object|false|none| +| Parameter | In | Type | Required | Description | +| --------- | ----- | ------ | -------- | ---------------- | +| flow | query | string | false | Flow is flow ID. | +| body | body | object | false | none | #### Responses @@ -5837,13 +5857,13 @@ More information can be found at [ORY Kratos User Login and User Registration Do ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|registrationViaApiResponse|[registrationViaApiResponse](#schemaregistrationviaapiresponse)| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|registrationFlow|[registrationFlow](#schemaregistrationflow)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | registrationViaApiResponse | [registrationViaApiResponse](#schemaregistrationviaapiresponse) | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | registrationFlow | [registrationFlow](#schemaregistrationflow) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -5908,9 +5928,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -5936,7 +5954,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Content-Type": []string{"application/json"}, "Accept": []string{"application/json"}, } @@ -5957,10 +5975,11 @@ func main() { ```javascript -const fetch = require('node-fetch'); -const input = '{}'; +const fetch = require('node-fetch') +const input = '{}' const headers = { - 'Content-Type': 'application/json', 'Accept': 'application/json' + 'Content-Type': 'application/json', + Accept: 'application/json' } fetch('/self-service/registration/methods/password', { @@ -5968,10 +5987,10 @@ fetch('/self-service/registration/methods/password', { body: input, headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -6050,22 +6069,27 @@ Accept: application/json ``` -This endpoint initiates a settings flow for API clients such as mobile devices, smart TVs, and so on. -You must provide a valid ORY Kratos Session Token for this endpoint to respond with HTTP 200 OK. +This endpoint initiates a settings flow for API clients such as mobile devices, +smart TVs, and so on. You must provide a valid ORY Kratos Session Token for this +endpoint to respond with HTTP 200 OK. -To fetch an existing settings flow call `/self-service/settings/flows?flow=`. +To fetch an existing settings flow call +`/self-service/settings/flows?flow=`. :::warning -You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server -Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make -you vulnerable to a variety of CSRF attacks. +You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, +AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser +applications. Using this endpoint in these applications will make you vulnerable +to a variety of CSRF attacks. -This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...). +This endpoint MUST ONLY be used in scenarios such as native mobile apps (React +Native, Objective C, Swift, Java, ...). ::: -More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). +More information can be found at +[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). #### Responses @@ -6073,11 +6097,11 @@ More information can be found at [ORY Kratos User Settings & Profile Management ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|settingsFlow|[settingsFlow](#schemasettingsflow)| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | settingsFlow | [settingsFlow](#schemasettingsflow) | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -6194,9 +6218,7 @@ More information can be found at [ORY Kratos User Settings & Profile Management } ``` - + #### Code samples @@ -6222,7 +6244,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -6242,20 +6264,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/settings/api', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -6332,17 +6354,20 @@ Accept: application/json ``` -This endpoint initializes a browser-based user settings flow. Once initialized, the browser will be redirected to -`selfservice.flows.settings.ui_url` with the flow ID set as the query parameter `?flow=`. If no valid -ORY Kratos Session Cookie is included in the request, a login flow will be initialized. +This endpoint initializes a browser-based user settings flow. Once initialized, +the browser will be redirected to `selfservice.flows.settings.ui_url` with the +flow ID set as the query parameter `?flow=`. If no valid ORY Kratos Session +Cookie is included in the request, a login flow will be initialized. :::note -This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...). +This endpoint is NOT INTENDED for API clients and only works with browsers +(Chrome, Firefox, ...). ::: -More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). +More information can be found at +[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). #### Responses @@ -6350,11 +6375,11 @@ More information can be found at [ORY Kratos User Settings & Profile Management ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -6374,9 +6399,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -6402,7 +6425,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -6422,20 +6445,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/settings/browser/flows', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -6513,23 +6536,26 @@ Accept: application/json ``` -Use this endpoint to complete a settings flow by sending an identity's updated password. This endpoint -behaves differently for API and browser flows. +Use this endpoint to complete a settings flow by sending an identity's updated +password. This endpoint behaves differently for API and browser flows. -API-initiated flows expect `application/json` to be sent in the body and respond with -HTTP 200 and an application/json body with the session token on success; -HTTP 302 redirect to a fresh settings flow if the original flow expired with the appropriate error messages set; -HTTP 400 on form validation errors. -HTTP 401 when the endpoint is called without a valid session token. -HTTP 403 when `selfservice.flows.settings.privileged_session_max_age` was reached. -Implies that the user needs to re-authenticate. +API-initiated flows expect `application/json` to be sent in the body and respond +with HTTP 200 and an application/json body with the session token on success; +HTTP 302 redirect to a fresh settings flow if the original flow expired with the +appropriate error messages set; HTTP 400 on form validation errors. HTTP 401 +when the endpoint is called without a valid session token. HTTP 403 when +`selfservice.flows.settings.privileged_session_max_age` was reached. Implies +that the user needs to re-authenticate. -Browser flows expect `application/x-www-form-urlencoded` to be sent in the body and responds with -a HTTP 302 redirect to the post/after settings URL or the `return_to` value if it was set and if the flow succeeded; -a HTTP 302 redirect to the Settings UI URL with the flow ID containing the validation errors otherwise. -a HTTP 302 redirect to the login endpoint when `selfservice.flows.settings.privileged_session_max_age` was reached. +Browser flows expect `application/x-www-form-urlencoded` to be sent in the body +and responds with a HTTP 302 redirect to the post/after settings URL or the +`return_to` value if it was set and if the flow succeeded; a HTTP 302 redirect +to the Settings UI URL with the flow ID containing the validation errors +otherwise. a HTTP 302 redirect to the login endpoint when +`selfservice.flows.settings.privileged_session_max_age` was reached. -More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). +More information can be found at +[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). #### Request body @@ -6543,17 +6569,16 @@ More information can be found at [ORY Kratos User Settings & Profile Management ```yaml csrf_token: string password: string - ``` #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|flow|query|string|false|Flow is flow ID.| -|body|body|[CompleteSelfServiceSettingsFlowWithPasswordMethod](#schemacompleteselfservicesettingsflowwithpasswordmethod)|false|none| +| Parameter | In | Type | Required | Description | +| --------- | ----- | ------------------------------------------------------------------------------------------------------------- | -------- | ---------------- | +| flow | query | string | false | Flow is flow ID. | +| body | body | [CompleteSelfServiceSettingsFlowWithPasswordMethod](#schemacompleteselfservicesettingsflowwithpasswordmethod) | false | none | #### Responses @@ -6561,15 +6586,15 @@ password: string ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|settingsViaApiResponse|[settingsViaApiResponse](#schemasettingsviaapiresponse)| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|settingsFlow|[settingsFlow](#schemasettingsflow)| -|401|[Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1)|genericError|[genericError](#schemagenericerror)| -|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | settingsViaApiResponse | [settingsViaApiResponse](#schemasettingsviaapiresponse) | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | settingsFlow | [settingsFlow](#schemasettingsflow) | +| 401 | [Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1) | genericError | [genericError](#schemagenericerror) | +| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -6711,9 +6736,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -6739,7 +6762,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Content-Type": []string{"application/json"}, "Accept": []string{"application/json"}, } @@ -6856,23 +6879,27 @@ Accept: application/json ``` -Use this endpoint to complete a settings flow by sending an identity's updated traits. This endpoint -behaves differently for API and browser flows. +Use this endpoint to complete a settings flow by sending an identity's updated +traits. This endpoint behaves differently for API and browser flows. -API-initiated flows expect `application/json` to be sent in the body and respond with -HTTP 200 and an application/json body with the session token on success; -HTTP 302 redirect to a fresh settings flow if the original flow expired with the appropriate error messages set; -HTTP 400 on form validation errors. -HTTP 401 when the endpoint is called without a valid session token. -HTTP 403 when `selfservice.flows.settings.privileged_session_max_age` was reached and a sensitive field was -updated (e.g. recovery email). Implies that the user needs to re-authenticate. +API-initiated flows expect `application/json` to be sent in the body and respond +with HTTP 200 and an application/json body with the session token on success; +HTTP 302 redirect to a fresh settings flow if the original flow expired with the +appropriate error messages set; HTTP 400 on form validation errors. HTTP 401 +when the endpoint is called without a valid session token. HTTP 403 when +`selfservice.flows.settings.privileged_session_max_age` was reached and a +sensitive field was updated (e.g. recovery email). Implies that the user needs +to re-authenticate. -Browser flows expect `application/x-www-form-urlencoded` to be sent in the body and responds with -a HTTP 302 redirect to the post/after settings URL or the `return_to` value if it was set and if the flow succeeded; -a HTTP 302 redirect to the settings UI URL with the flow ID containing the validation errors otherwise. -a HTTP 302 redirect to the login endpoint when `selfservice.flows.settings.privileged_session_max_age` was reached. +Browser flows expect `application/x-www-form-urlencoded` to be sent in the body +and responds with a HTTP 302 redirect to the post/after settings URL or the +`return_to` value if it was set and if the flow succeeded; a HTTP 302 redirect +to the settings UI URL with the flow ID containing the validation errors +otherwise. a HTTP 302 redirect to the login endpoint when +`selfservice.flows.settings.privileged_session_max_age` was reached. -More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). +More information can be found at +[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings). #### Responses @@ -6880,15 +6907,15 @@ More information can be found at [ORY Kratos User Settings & Profile Management ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|settingsFlow|[settingsFlow](#schemasettingsflow)| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|settingsFlow|[settingsFlow](#schemasettingsflow)| -|401|[Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1)|genericError|[genericError](#schemagenericerror)| -|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | settingsFlow | [settingsFlow](#schemasettingsflow) | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | settingsFlow | [settingsFlow](#schemasettingsflow) | +| 401 | [Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1) | genericError | [genericError](#schemagenericerror) | +| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -7005,9 +7032,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -7033,7 +7058,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -7053,20 +7078,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/settings/methods/profile', { method: 'POST', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -7143,21 +7168,26 @@ Accept: application/json ``` -This endpoint initiates a verification flow for API clients such as mobile devices, smart TVs, and so on. +This endpoint initiates a verification flow for API clients such as mobile +devices, smart TVs, and so on. -To fetch an existing verification flow call `/self-service/verification/flows?flow=`. +To fetch an existing verification flow call +`/self-service/verification/flows?flow=`. :::warning -You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server -Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make -you vulnerable to a variety of CSRF attacks. +You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, +AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser +applications. Using this endpoint in these applications will make you vulnerable +to a variety of CSRF attacks. -This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...). +This endpoint MUST ONLY be used in scenarios such as native mobile apps (React +Native, Objective C, Swift, Java, ...). ::: -More information can be found at [ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation). +More information can be found at +[ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation). #### Responses @@ -7165,11 +7195,11 @@ More information can be found at [ORY Kratos Email and Phone Verification Docume ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|verificationFlow|[verificationFlow](#schemaverificationflow)| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ---------------- | ------------------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | verificationFlow | [verificationFlow](#schemaverificationflow) | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -7263,9 +7293,7 @@ More information can be found at [ORY Kratos Email and Phone Verification Docume } ``` - + #### Code samples @@ -7291,7 +7319,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -7311,20 +7339,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/verification/api', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -7401,12 +7429,16 @@ Accept: application/json ``` -This endpoint initializes a browser-based account verification flow. Once initialized, the browser will be redirected to -`selfservice.flows.verification.ui_url` with the flow ID set as the query parameter `?flow=`. +This endpoint initializes a browser-based account verification flow. Once +initialized, the browser will be redirected to +`selfservice.flows.verification.ui_url` with the flow ID set as the query +parameter `?flow=`. -This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...). +This endpoint is NOT INTENDED for API clients and only works with browsers +(Chrome, Firefox, ...). -More information can be found at [ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation). +More information can be found at +[ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation). #### Responses @@ -7414,11 +7446,11 @@ More information can be found at [ORY Kratos Email and Phone Verification Docume ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -7438,9 +7470,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -7466,7 +7496,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -7486,20 +7516,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/self-service/verification/browser', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -7577,22 +7607,28 @@ Accept: application/json ``` -Use this endpoint to complete a verification flow using the link method. This endpoint -behaves differently for API and browser flows and has several states: +Use this endpoint to complete a verification flow using the link method. This +endpoint behaves differently for API and browser flows and has several states: -`choose_method` expects `flow` (in the URL query) and `email` (in the body) to be sent -and works with API- and Browser-initiated flows. -For API clients it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid -and a HTTP 302 Found redirect with a fresh verification flow if the flow was otherwise invalid (e.g. expired). -For Browser clients it returns a HTTP 302 Found redirect to the Verification UI URL with the Verification Flow ID appended. -`sent_email` is the success state after `choose_method` and allows the user to request another verification email. It -works for both API and Browser-initiated flows and returns the same responses as the flow in `choose_method` state. -`passed_challenge` expects a `token` to be sent in the URL query and given the nature of the flow ("sending a verification link") -does not have any API capabilities. The server responds with a HTTP 302 Found redirect either to the Settings UI URL -(if the link was valid) and instructs the user to update their password, or a redirect to the Verification UI URL with -a new Verification Flow ID which contains an error message that the verification link was invalid. +`choose_method` expects `flow` (in the URL query) and `email` (in the body) to +be sent and works with API- and Browser-initiated flows. For API clients it +either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the +form is invalid and a HTTP 302 Found redirect with a fresh verification flow if +the flow was otherwise invalid (e.g. expired). For Browser clients it returns a +HTTP 302 Found redirect to the Verification UI URL with the Verification Flow ID +appended. `sent_email` is the success state after `choose_method` and allows the +user to request another verification email. It works for both API and +Browser-initiated flows and returns the same responses as the flow in +`choose_method` state. `passed_challenge` expects a `token` to be sent in the +URL query and given the nature of the flow ("sending a verification link") does +not have any API capabilities. The server responds with a HTTP 302 Found +redirect either to the Settings UI URL (if the link was valid) and instructs the +user to update their password, or a redirect to the Verification UI URL with a +new Verification Flow ID which contains an error message that the verification +link was invalid. -More information can be found at [ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation). +More information can be found at +[ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation). #### Request body @@ -7606,25 +7642,24 @@ More information can be found at [ORY Kratos Email and Phone Verification Docume ```yaml csrf_token: string email: string - ``` #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|token|query|string|false|Verification Token| -|flow|query|string|false|The Flow ID| -|body|body|[completeSelfServiceVerificationFlowWithLinkMethod](#schemacompleteselfserviceverificationflowwithlinkmethod)|false|none| +| Parameter | In | Type | Required | Description | +| --------- | ----- | ------------------------------------------------------------------------------------------------------------- | -------- | ------------------ | +| token | query | string | false | Verification Token | +| flow | query | string | false | The Flow ID | +| body | body | [completeSelfServiceVerificationFlowWithLinkMethod](#schemacompleteselfserviceverificationflowwithlinkmethod) | false | none | ##### Detailed descriptions **token**: Verification Token -The verification token which completes the verification request. If the token -is invalid (e.g. expired) an error will be shown to the end-user. +The verification token which completes the verification request. If the token is +invalid (e.g. expired) an error will be shown to the end-user. **flow**: The Flow ID @@ -7636,12 +7671,12 @@ format: uuid ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|verificationFlow|[verificationFlow](#schemaverificationflow)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ------------------------------------------- | +| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | verificationFlow | [verificationFlow](#schemaverificationflow) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -7735,9 +7770,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -7763,7 +7796,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Content-Type": []string{"application/json"}, "Accept": []string{"application/json"}, } @@ -7881,10 +7914,12 @@ Accept: application/json ``` -Use this endpoint to revoke a session using its token. This endpoint is particularly useful for API clients -such as mobile apps to log the user out of the system and invalidate the session. +Use this endpoint to revoke a session using its token. This endpoint is +particularly useful for API clients such as mobile apps to log the user out of +the system and invalidate the session. -This endpoint does not remove any HTTP Cookies - use the Self-Service Logout Flow instead. +This endpoint does not remove any HTTP Cookies - use the Self-Service Logout +Flow instead. #### Request body @@ -7898,9 +7933,9 @@ This endpoint does not remove any HTTP Cookies - use the Self-Service Logout Flo #### Parameters -|Parameter|In|Type|Required|Description| -|---|---|---|---|---| -|body|body|[revokeSession](#schemarevokesession)|true|none| +| Parameter | In | Type | Required | Description | +| --------- | ---- | ------------------------------------- | -------- | ----------- | +| body | body | [revokeSession](#schemarevokesession) | true | none | #### Responses @@ -7908,12 +7943,12 @@ This endpoint does not remove any HTTP Cookies - use the Self-Service Logout Flo ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|204|[No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201.|None| -|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| 204 | [No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is | +| typically 201. | None | +| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -7933,9 +7968,7 @@ typically 201.|None| } ``` - + #### Code samples @@ -7961,7 +7994,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Content-Type": []string{"application/json"}, "Accept": []string{"application/json"}, } @@ -8077,9 +8110,11 @@ Accept: application/json ``` -Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. -Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. -Additionally when the request it successful it adds the user ID to the 'X-Kratos-Authenticated-Identity-Id' header in the response. +Uses the HTTP Headers in the GET request to determine (e.g. by using checking +the cookies) who is authenticated. Returns a session object in the body or 401 +if the credentials are invalid or no credentials were sent. Additionally when +the request it successful it adds the user ID to the +'X-Kratos-Authenticated-Identity-Id' header in the response. This endpoint is useful for reverse proxies and API Gateways. @@ -8089,11 +8124,11 @@ This endpoint is useful for reverse proxies and API Gateways. ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|session|[session](#schemasession)| -|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)| -|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)| +| Status | Meaning | Description | Schema | +| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | session | [session](#schemasession) | +| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) | +| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) | ##### Examples @@ -8132,9 +8167,7 @@ This endpoint is useful for reverse proxies and API Gateways. } ``` - + #### Code samples @@ -8160,7 +8193,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -8180,20 +8213,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/sessions/whoami', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -8274,13 +8307,14 @@ Accept: application/json ``` -This endpoint returns the service version typically notated using semantic versioning. +This endpoint returns the service version typically notated using semantic +versioning. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. -Be aware that if you are running multiple nodes of this service, the health status will never -refer to the cluster state, only to a single instance. +Be aware that if you are running multiple nodes of this service, the health +status will never refer to the cluster state, only to a single instance. #### Responses @@ -8288,9 +8322,9 @@ refer to the cluster state, only to a single instance. ##### Overview -|Status|Meaning|Description|Schema| -|---|---|---|---| -|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|version|[version](#schemaversion)| +| Status | Meaning | Description | Schema | +| ------ | ------------------------------------------------------- | ----------- | ------------------------- | +| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | version | [version](#schemaversion) | ##### Examples @@ -8302,9 +8336,7 @@ refer to the cluster state, only to a single instance. } ``` - + #### Code samples @@ -8330,7 +8362,7 @@ import ( ) func main() { - headers := map[string][]string{ + headers := map[string][]string{ "Accept": []string{"application/json"}, } @@ -8350,20 +8382,20 @@ func main() { ```javascript -const fetch = require('node-fetch'); +const fetch = require('node-fetch') const headers = { - 'Accept': 'application/json' + Accept: 'application/json' } fetch('/version', { method: 'GET', headers }) -.then(r => r.json()) -.then((body) => { + .then((r) => r.json()) + .then((body) => { console.log(body) -}) + }) ``` @@ -8443,15 +8475,14 @@ p JSON.parse(result) "csrf_token": "string", "password": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|csrf_token|string|false|none|CSRFToken is the anti-CSRF token

type: string| -|password|string|true|none|Password is the updated password

type: string| +| Name | Type | Required | Restrictions | Description | +| ---------- | ------ | -------- | ------------ | ---------------------------------------------------- | +| csrf_token | string | false | none | CSRFToken is the anti-CSRF token

type: string | +| password | string | true | none | Password is the updated password

type: string | @@ -8464,15 +8495,14 @@ p JSON.parse(result) "schema_id": "string", "traits": {} } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|schema_id|string|true|none|SchemaID is the ID of the JSON Schema to be used for validating the identity's traits.| -|traits|object|true|none|Traits represent an identity's traits. The identity is able to create, modify, and delete traits
in a self-service manner. The input will always be validated against the JSON Schema defined
in `schema_url`.| +| Name | Type | Required | Restrictions | Description | +| --------- | ------ | -------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| schema_id | string | true | none | SchemaID is the ID of the JSON Schema to be used for validating the identity's traits. | +| traits | object | true | none | Traits represent an identity's traits. The identity is able to create, modify, and delete traits
in a self-service manner. The input will always be validated against the JSON Schema defined
in `schema_url`. | @@ -8485,15 +8515,14 @@ p JSON.parse(result) "expires_in": "string", "identity_id": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|expires_in|string|false|none|Link Expires In

The recovery link will expire at that point in time. Defaults to the configuration value of
`selfservice.flows.recovery.request_lifespan`.| -|identity_id|[UUID](#schemauuid)|true|none|none| +| Name | Type | Required | Restrictions | Description | +| ----------- | ------------------- | -------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| expires_in | string | false | none | Link Expires In

The recovery link will expire at that point in time. Defaults to the configuration value of
`selfservice.flows.recovery.request_lifespan`. | +| identity_id | [UUID](#schemauuid) | true | none | none | @@ -8503,16 +8532,16 @@ p JSON.parse(result) ```json "string" - ``` -*CredentialsType represents several different credential types, like password credentials, passwordless credentials,* +_CredentialsType represents several different credential types, like password +credentials, passwordless credentials,_ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|CredentialsType represents several different credential types, like password credentials, passwordless credentials,|string|false|none|and so on.| +| Name | Type | Required | Restrictions | Description | +| ------------------------------------------------------------------------------------------------------------------- | ------ | -------- | ------------ | ----------- | +| CredentialsType represents several different credential types, like password credentials, passwordless credentials, | string | false | none | and so on. | @@ -8551,17 +8580,16 @@ p JSON.parse(result) ], "method": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|action|string|true|none|Action should be used as the form action URL `
`.| -|fields|[formFields](#schemaformfields)|true|none|Fields contains multiple fields| -|messages|[Messages](#schemamessages)|false|none|none| -|method|string|true|none|Method is the form method (e.g. POST)| +| Name | Type | Required | Restrictions | Description | +| -------- | ------------------------------- | -------- | ------------ | ------------------------------------------------------------------------------------------- | +| action | string | true | none | Action should be used as the form action URL ``. | +| fields | [formFields](#schemaformfields) | true | none | Fields contains multiple fields | +| messages | [Messages](#schemamessages) | false | none | none | +| method | string | true | none | Method is the form method (e.g. POST) | @@ -8571,14 +8599,13 @@ p JSON.parse(result) ```json 0 - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|*anonymous*|integer(int64)|false|none|none| +| Name | Type | Required | Restrictions | Description | +| ----------- | -------------- | -------- | ------------ | ----------- | +| _anonymous_ | integer(int64) | false | none | none | @@ -8610,19 +8637,18 @@ p JSON.parse(result) } ] } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|id|[UUID](#schemauuid)|true|none|none| -|recovery_addresses|[[RecoveryAddress](#schemarecoveryaddress)]|false|none|RecoveryAddresses contains all the addresses that can be used to recover an identity.| -|schema_id|string|true|none|SchemaID is the ID of the JSON Schema to be used for validating the identity's traits.| -|schema_url|string|false|none|SchemaURL is the URL of the endpoint where the identity's traits schema can be fetched from.

format: url| -|traits|[Traits](#schematraits)|true|none|none| -|verifiable_addresses|[[VerifiableAddress](#schemaverifiableaddress)]|false|none|VerifiableAddresses contains all the addresses that can be verified by the user.| +| Name | Type | Required | Restrictions | Description | +| -------------------- | ----------------------------------------------- | -------- | ------------ | --------------------------------------------------------------------------------------------------------------- | +| id | [UUID](#schemauuid) | true | none | none | +| recovery_addresses | [[RecoveryAddress](#schemarecoveryaddress)] | false | none | RecoveryAddresses contains all the addresses that can be used to recover an identity. | +| schema_id | string | true | none | SchemaID is the ID of the JSON Schema to be used for validating the identity's traits. | +| schema_url | string | false | none | SchemaURL is the URL of the endpoint where the identity's traits schema can be fetched from.

format: url | +| traits | [Traits](#schematraits) | true | none | none | +| verifiable_addresses | [[VerifiableAddress](#schemaverifiableaddress)] | false | none | VerifiableAddresses contains all the addresses that can be verified by the user. | @@ -8637,17 +8663,16 @@ p JSON.parse(result) "text": "string", "type": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|context|object|false|none|none| -|id|[ID](#schemaid)|false|none|none| -|text|string|false|none|none| -|type|[Type](#schematype)|false|none|The flow type can either be `api` or `browser`.| +| Name | Type | Required | Restrictions | Description | +| ------- | ------------------- | -------- | ------------ | ----------------------------------------------- | +| context | object | false | none | none | +| id | [ID](#schemaid) | false | none | none | +| text | string | false | none | none | +| type | [Type](#schematype) | false | none | The flow type can either be `api` or `browser`. | @@ -8664,14 +8689,13 @@ p JSON.parse(result) "type": "string" } ] - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|*anonymous*|[[Message](#schemamessage)]|false|none|none| +| Name | Type | Required | Restrictions | Description | +| ----------- | --------------------------- | -------- | ------------ | ----------- | +| _anonymous_ | [[Message](#schemamessage)] | false | none | none | @@ -8681,16 +8705,15 @@ p JSON.parse(result) ```json "2019-08-24T14:15:22Z" - ``` -*NullTime implements sql.NullTime functionality.* +_NullTime implements sql.NullTime functionality._ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|NullTime implements sql.NullTime functionality.|string(date-time)|false|none|none| +| Name | Type | Required | Restrictions | Description | +| ----------------------------------------------- | ----------------- | -------- | ------------ | ----------- | +| NullTime implements sql.NullTime functionality. | string(date-time) | false | none | none | @@ -8704,16 +8727,15 @@ p JSON.parse(result) "value": "string", "via": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|id|[UUID](#schemauuid)|true|none|none| -|value|string|true|none|none| -|via|[RecoveryAddressType](#schemarecoveryaddresstype)|true|none|none| +| Name | Type | Required | Restrictions | Description | +| ----- | ------------------------------------------------- | -------- | ------------ | ----------- | +| id | [UUID](#schemauuid) | true | none | none | +| value | string | true | none | none | +| via | [RecoveryAddressType](#schemarecoveryaddresstype) | true | none | none | @@ -8723,14 +8745,13 @@ p JSON.parse(result) ```json "string" - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|*anonymous*|string|false|none|none| +| Name | Type | Required | Restrictions | Description | +| ----------- | ------ | -------- | ------------ | ----------- | +| _anonymous_ | string | false | none | none | @@ -8740,14 +8761,13 @@ p JSON.parse(result) ```json "string" - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|*anonymous*|string|false|none|none| +| Name | Type | Required | Restrictions | Description | +| ----------- | ------ | -------- | ------------ | ----------- | +| _anonymous_ | string | false | none | none | @@ -8757,12 +8777,11 @@ p JSON.parse(result) ```json {} - ``` #### Properties -*None* +_None_ @@ -8772,16 +8791,15 @@ p JSON.parse(result) ```json "string" - ``` -*Type is the flow type.* +_Type is the flow type._ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|Type is the flow type.|string|false|none|The flow type can either be `api` or `browser`.| +| Name | Type | Required | Restrictions | Description | +| ---------------------- | ------ | -------- | ------------ | ----------------------------------------------- | +| Type is the flow type. | string | false | none | The flow type can either be `api` or `browser`. | @@ -8791,14 +8809,13 @@ p JSON.parse(result) ```json "string" - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|*anonymous*|string(uuid4)|false|none|none| +| Name | Type | Required | Restrictions | Description | +| ----------- | ------------- | -------- | ------------ | ----------- | +| _anonymous_ | string(uuid4) | false | none | none | @@ -8811,15 +8828,14 @@ p JSON.parse(result) "schema_id": "string", "traits": {} } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|schema_id|string|false|none|SchemaID is the ID of the JSON Schema to be used for validating the identity's traits. If set
will update the Identity's SchemaID.| -|traits|object|true|none|Traits represent an identity's traits. The identity is able to create, modify, and delete traits
in a self-service manner. The input will always be validated against the JSON Schema defined
in `schema_id`.| +| Name | Type | Required | Restrictions | Description | +| --------- | ------ | -------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| schema_id | string | false | none | SchemaID is the ID of the JSON Schema to be used for validating the identity's traits. If set
will update the Identity's SchemaID. | +| traits | object | true | none | Traits represent an identity's traits. The identity is able to create, modify, and delete traits
in a self-service manner. The input will always be validated against the JSON Schema defined
in `schema_id`. | @@ -8836,19 +8852,18 @@ p JSON.parse(result) "verified_at": "2019-08-24T14:15:22Z", "via": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|id|[UUID](#schemauuid)|true|none|none| -|status|[VerifiableAddressStatus](#schemaverifiableaddressstatus)|true|none|none| -|value|string|true|none|none| -|verified|boolean|true|none|none| -|verified_at|[NullTime](#schemanulltime)|false|none|none| -|via|[VerifiableAddressType](#schemaverifiableaddresstype)|true|none|none| +| Name | Type | Required | Restrictions | Description | +| ----------- | --------------------------------------------------------- | -------- | ------------ | ----------- | +| id | [UUID](#schemauuid) | true | none | none | +| status | [VerifiableAddressStatus](#schemaverifiableaddressstatus) | true | none | none | +| value | string | true | none | none | +| verified | boolean | true | none | none | +| verified_at | [NullTime](#schemanulltime) | false | none | none | +| via | [VerifiableAddressType](#schemaverifiableaddresstype) | true | none | none | @@ -8858,14 +8873,13 @@ p JSON.parse(result) ```json "string" - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|*anonymous*|string|false|none|none| +| Name | Type | Required | Restrictions | Description | +| ----------- | ------ | -------- | ------------ | ----------- | +| _anonymous_ | string | false | none | none | @@ -8875,14 +8889,13 @@ p JSON.parse(result) ```json "string" - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|*anonymous*|string|false|none|none| +| Name | Type | Required | Restrictions | Description | +| ----------- | ------ | -------- | ------------ | ----------- | +| _anonymous_ | string | false | none | none | @@ -8895,15 +8908,14 @@ p JSON.parse(result) "csrf_token": "string", "email": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|csrf_token|string|false|none|Sending the anti-csrf token is only required for browser login flows.| -|email|string|false|none|Email to Recover

Needs to be set when initiating the flow. If the email is a registered
recovery email, a recovery link will be sent. If the email is not known,
a email with details on what happened will be sent instead.

format: email
in: body| +| Name | Type | Required | Restrictions | Description | +| ---------- | ------ | -------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| csrf_token | string | false | none | Sending the anti-csrf token is only required for browser login flows. | +| email | string | false | none | Email to Recover

Needs to be set when initiating the flow. If the email is a registered
recovery email, a recovery link will be sent. If the email is not known,
a email with details on what happened will be sent instead.

format: email
in: body | @@ -8916,15 +8928,14 @@ p JSON.parse(result) "csrf_token": "string", "email": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|csrf_token|string|false|none|Sending the anti-csrf token is only required for browser login flows.| -|email|string|false|none|Email to Verify

Needs to be set when initiating the flow. If the email is a registered
verification email, a verification link will be sent. If the email is not known,
a email with details on what happened will be sent instead.

format: email
in: body| +| Name | Type | Required | Restrictions | Description | +| ---------- | ------ | -------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| csrf_token | string | false | none | Sending the anti-csrf token is only required for browser login flows. | +| email | string | false | none | Email to Verify

Needs to be set when initiating the flow. If the email is a registered
verification email, a verification link will be sent. If the email is not known,
a email with details on what happened will be sent instead.

format: email
in: body | @@ -8937,15 +8948,14 @@ p JSON.parse(result) "errors": {}, "id": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|errors|object|true|none|Errors in the container| -|id|[UUID](#schemauuid)|true|none|none| +| Name | Type | Required | Restrictions | Description | +| ------ | ------------------- | -------- | ------------ | ----------------------- | +| errors | object | true | none | Errors in the container | +| id | [UUID](#schemauuid) | true | none | none | @@ -8970,22 +8980,21 @@ p JSON.parse(result) "type": "string", "value": {} } - ``` -*Field represents a HTML Form Field* +_Field represents a HTML Form Field_ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|disabled|boolean|false|none|Disabled is the equivalent of ``| -|messages|[Messages](#schemamessages)|false|none|none| -|name|string|true|none|Name is the equivalent of ``| -|pattern|string|false|none|Pattern is the equivalent of ``| -|required|boolean|false|none|Required is the equivalent of ``| -|type|string|true|none|Type is the equivalent of ``| -|value|object|false|none|Value is the equivalent of ``| +| Name | Type | Required | Restrictions | Description | +| -------- | --------------------------- | -------- | ------------ | ------------------------------------------------------------------------ | +| disabled | boolean | false | none | Disabled is the equivalent of `` | +| messages | [Messages](#schemamessages) | false | none | none | +| name | string | true | none | Name is the equivalent of `` | +| pattern | string | false | none | Pattern is the equivalent of `` | +| required | boolean | false | none | Required is the equivalent of `` | +| type | string | true | none | Type is the equivalent of `` | +| value | object | false | none | Value is the equivalent of `` | @@ -9012,16 +9021,15 @@ p JSON.parse(result) "value": {} } ] - ``` -*Fields contains multiple fields* +_Fields contains multiple fields_ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|*anonymous*|[[formField](#schemaformfield)]|false|none|Fields contains multiple fields| +| Name | Type | Required | Restrictions | Description | +| ----------- | ------------------------------- | -------- | ------------ | ------------------------------- | +| _anonymous_ | [[formField](#schemaformfield)] | false | none | Fields contains multiple fields | @@ -9041,16 +9049,15 @@ p JSON.parse(result) "status": "string" } } - ``` -*Error response* +_Error response_ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|error|[genericErrorPayload](#schemagenericerrorpayload)|false|none|none| +| Name | Type | Required | Restrictions | Description | +| ----- | ------------------------------------------------- | -------- | ------------ | ----------- | +| error | [genericErrorPayload](#schemagenericerrorpayload) | false | none | none | @@ -9068,20 +9075,19 @@ p JSON.parse(result) "request": "string", "status": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|code|integer(int64)|false|none|Code represents the error status code (404, 403, 401, ...).| -|debug|string|false|none|Debug contains debug information. This is usually not available and has to be enabled.| -|details|object|false|none|none| -|message|string|false|none|none| -|reason|string|false|none|none| -|request|string|false|none|none| -|status|string|false|none|none| +| Name | Type | Required | Restrictions | Description | +| ------- | -------------- | -------- | ------------ | -------------------------------------------------------------------------------------- | +| code | integer(int64) | false | none | Code represents the error status code (404, 403, 401, ...). | +| debug | string | false | none | Debug contains debug information. This is usually not available and has to be enabled. | +| details | object | false | none | none | +| message | string | false | none | none | +| reason | string | false | none | none | +| request | string | false | none | none | +| status | string | false | none | none | @@ -9096,15 +9102,14 @@ p JSON.parse(result) "property2": "string" } } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|errors|object|false|none|Errors contains a list of errors that caused the not ready status.| -|» **additionalProperties**|string|false|none|none| +| Name | Type | Required | Restrictions | Description | +| -------------------------- | ------ | -------- | ------------ | ------------------------------------------------------------------ | +| errors | object | false | none | Errors contains a list of errors that caused the not ready status. | +| » **additionalProperties** | string | false | none | none | @@ -9116,14 +9121,13 @@ p JSON.parse(result) { "status": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|status|string|false|none|Status always contains "ok".| +| Name | Type | Required | Restrictions | Description | +| ------ | ------ | -------- | ------------ | ---------------------------- | +| status | string | false | none | Status always contains "ok". | @@ -9253,25 +9257,24 @@ p JSON.parse(result) "request_url": "string", "type": "string" } - ``` -*Login Flow* +_Login Flow_ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|active|[CredentialsType](#schemacredentialstype)|false|none|and so on.| -|expires_at|string(date-time)|true|none|ExpiresAt is the time (UTC) when the flow expires. If the user still wishes to log in,
a new flow has to be initiated.| -|forced|boolean|false|none|Forced stores whether this login flow should enforce re-authentication.| -|id|[UUID](#schemauuid)|true|none|none| -|issued_at|string(date-time)|true|none|IssuedAt is the time (UTC) when the flow started.| -|messages|[Messages](#schemamessages)|false|none|none| -|methods|object|true|none|List of login methods

This is the list of available login methods with their required form fields, such as `identifier` and `password`
for the password login method. This will also contain error messages such as "password can not be empty".| -|» **additionalProperties**|[loginFlowMethod](#schemaloginflowmethod)|false|none|none| -|request_url|string|true|none|RequestURL is the initial URL that was requested from ORY Kratos. It can be used
to forward information contained in the URL's path or query for example.| -|type|[Type](#schematype)|false|none|The flow type can either be `api` or `browser`.| +| Name | Type | Required | Restrictions | Description | +| -------------------------- | ----------------------------------------- | -------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| active | [CredentialsType](#schemacredentialstype) | false | none | and so on. | +| expires_at | string(date-time) | true | none | ExpiresAt is the time (UTC) when the flow expires. If the user still wishes to log in,
a new flow has to be initiated. | +| forced | boolean | false | none | Forced stores whether this login flow should enforce re-authentication. | +| id | [UUID](#schemauuid) | true | none | none | +| issued_at | string(date-time) | true | none | IssuedAt is the time (UTC) when the flow started. | +| messages | [Messages](#schemamessages) | false | none | none | +| methods | object | true | none | List of login methods

This is the list of available login methods with their required form fields, such as `identifier` and `password`
for the password login method. This will also contain error messages such as "password can not be empty". | +| » **additionalProperties** | [loginFlowMethod](#schemaloginflowmethod) | false | none | none | +| request_url | string | true | none | RequestURL is the initial URL that was requested from ORY Kratos. It can be used
to forward information contained in the URL's path or query for example. | +| type | [Type](#schematype) | false | none | The flow type can either be `api` or `browser`. | @@ -9331,15 +9334,14 @@ p JSON.parse(result) }, "method": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|config|[loginFlowMethodConfig](#schemaloginflowmethodconfig)|true|none|none| -|method|[CredentialsType](#schemacredentialstype)|true|none|and so on.| +| Name | Type | Required | Restrictions | Description | +| ------ | ----------------------------------------------------- | -------- | ------------ | ----------- | +| config | [loginFlowMethodConfig](#schemaloginflowmethodconfig) | true | none | none | +| method | [CredentialsType](#schemacredentialstype) | true | none | and so on. | @@ -9396,18 +9398,17 @@ p JSON.parse(result) } ] } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|action|string|true|none|Action should be used as the form action URL ``.| -|fields|[formFields](#schemaformfields)|true|none|Fields contains multiple fields| -|messages|[Messages](#schemamessages)|false|none|none| -|method|string|true|none|Method is the form method (e.g. POST)| -|providers|[[formField](#schemaformfield)]|false|none|Providers is set for the "oidc" flow method.| +| Name | Type | Required | Restrictions | Description | +| --------- | ------------------------------- | -------- | ------------ | ------------------------------------------------------------------------------------------- | +| action | string | true | none | Action should be used as the form action URL ``. | +| fields | [formFields](#schemaformfields) | true | none | Fields contains multiple fields | +| messages | [Messages](#schemamessages) | false | none | none | +| method | string | true | none | Method is the form method (e.g. POST) | +| providers | [[formField](#schemaformfield)] | false | none | Providers is set for the "oidc" flow method. | @@ -9449,17 +9450,16 @@ p JSON.parse(result) }, "session_token": "string" } - ``` -*The Response for Login Flows via API* +_The Response for Login Flows via API_ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|session|[session](#schemasession)|true|none|none| -|session_token|string|true|none|The Session Token

A session token is equivalent to a session cookie, but it can be sent in the HTTP Authorization
Header:

Authorization: bearer

The session token is only issued for API flows, not for Browser flows!| +| Name | Type | Required | Restrictions | Description | +| ------------- | ------------------------- | -------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| session | [session](#schemasession) | true | none | none | +| session_token | string | true | none | The Session Token

A session token is equivalent to a session cookie, but it can be sent in the HTTP Authorization
Header:

Authorization: bearer

The session token is only issued for API flows, not for Browser flows! | @@ -9553,25 +9553,24 @@ p JSON.parse(result) "state": "string", "type": "string" } - ``` -*A Recovery Flow* +_A Recovery Flow_ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|active|string|false|none|Active, if set, contains the registration method that is being used. It is initially
not set.| -|expires_at|string(date-time)|true|none|ExpiresAt is the time (UTC) when the request expires. If the user still wishes to update the setting,
a new request has to be initiated.| -|id|[UUID](#schemauuid)|true|none|none| -|issued_at|string(date-time)|true|none|IssuedAt is the time (UTC) when the request occurred.| -|messages|[Messages](#schemamessages)|false|none|none| -|methods|object|true|none|Methods contains context for all account recovery methods. If a registration request has been
processed, but for example the password is incorrect, this will contain error messages.| -|» **additionalProperties**|[recoveryFlowMethod](#schemarecoveryflowmethod)|false|none|none| -|request_url|string|true|none|RequestURL is the initial URL that was requested from ORY Kratos. It can be used
to forward information contained in the URL's path or query for example.| -|state|[State](#schemastate)|true|none|none| -|type|[Type](#schematype)|false|none|The flow type can either be `api` or `browser`.| +| Name | Type | Required | Restrictions | Description | +| -------------------------- | ----------------------------------------------- | -------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| active | string | false | none | Active, if set, contains the registration method that is being used. It is initially
not set. | +| expires_at | string(date-time) | true | none | ExpiresAt is the time (UTC) when the request expires. If the user still wishes to update the setting,
a new request has to be initiated. | +| id | [UUID](#schemauuid) | true | none | none | +| issued_at | string(date-time) | true | none | IssuedAt is the time (UTC) when the request occurred. | +| messages | [Messages](#schemamessages) | false | none | none | +| methods | object | true | none | Methods contains context for all account recovery methods. If a registration request has been
processed, but for example the password is incorrect, this will contain error messages. | +| » **additionalProperties** | [recoveryFlowMethod](#schemarecoveryflowmethod) | false | none | none | +| request_url | string | true | none | RequestURL is the initial URL that was requested from ORY Kratos. It can be used
to forward information contained in the URL's path or query for example. | +| state | [State](#schemastate) | true | none | none | +| type | [Type](#schematype) | false | none | The flow type can either be `api` or `browser`. | @@ -9613,15 +9612,14 @@ p JSON.parse(result) }, "method": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|config|[recoveryFlowMethodConfig](#schemarecoveryflowmethodconfig)|false|none|none| -|method|string|false|none|Method contains the request credentials type.| +| Name | Type | Required | Restrictions | Description | +| ------ | ----------------------------------------------------------- | -------- | ------------ | --------------------------------------------- | +| config | [recoveryFlowMethodConfig](#schemarecoveryflowmethodconfig) | false | none | none | +| method | string | false | none | Method contains the request credentials type. | @@ -9660,17 +9658,16 @@ p JSON.parse(result) ], "method": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|action|string|true|none|Action should be used as the form action URL ``.| -|fields|[formFields](#schemaformfields)|true|none|Fields contains multiple fields| -|messages|[Messages](#schemamessages)|false|none|none| -|method|string|true|none|Method is the form method (e.g. POST)| +| Name | Type | Required | Restrictions | Description | +| -------- | ------------------------------- | -------- | ------------ | ------------------------------------------------------------------------------------------- | +| action | string | true | none | Action should be used as the form action URL ``. | +| fields | [formFields](#schemaformfields) | true | none | Fields contains multiple fields | +| messages | [Messages](#schemamessages) | false | none | none | +| method | string | true | none | Method is the form method (e.g. POST) | @@ -9683,15 +9680,14 @@ p JSON.parse(result) "expires_at": "2019-08-24T14:15:22Z", "recovery_link": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|expires_at|string(date-time)|false|none|Recovery Link Expires At

The timestamp when the recovery link expires.| -|recovery_link|string|true|none|Recovery Link

This link can be used to recover the account.| +| Name | Type | Required | Restrictions | Description | +| ------------- | ----------------- | -------- | ------------ | ----------------------------------------------------------------------------- | +| expires_at | string(date-time) | false | none | Recovery Link Expires At

The timestamp when the recovery link expires. | +| recovery_link | string | true | none | Recovery Link

This link can be used to recover the account. | @@ -9820,22 +9816,21 @@ p JSON.parse(result) "request_url": "string", "type": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|active|[CredentialsType](#schemacredentialstype)|false|none|and so on.| -|expires_at|string(date-time)|true|none|ExpiresAt is the time (UTC) when the flow expires. If the user still wishes to log in,
a new flow has to be initiated.| -|id|[UUID](#schemauuid)|true|none|none| -|issued_at|string(date-time)|true|none|IssuedAt is the time (UTC) when the flow occurred.| -|messages|[Messages](#schemamessages)|false|none|none| -|methods|object|true|none|Methods contains context for all enabled registration methods. If a registration flow has been
processed, but for example the password is incorrect, this will contain error messages.| -|» **additionalProperties**|[registrationFlowMethod](#schemaregistrationflowmethod)|false|none|none| -|request_url|string|true|none|RequestURL is the initial URL that was requested from ORY Kratos. It can be used
to forward information contained in the URL's path or query for example.| -|type|[Type](#schematype)|false|none|The flow type can either be `api` or `browser`.| +| Name | Type | Required | Restrictions | Description | +| -------------------------- | ------------------------------------------------------- | -------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| active | [CredentialsType](#schemacredentialstype) | false | none | and so on. | +| expires_at | string(date-time) | true | none | ExpiresAt is the time (UTC) when the flow expires. If the user still wishes to log in,
a new flow has to be initiated. | +| id | [UUID](#schemauuid) | true | none | none | +| issued_at | string(date-time) | true | none | IssuedAt is the time (UTC) when the flow occurred. | +| messages | [Messages](#schemamessages) | false | none | none | +| methods | object | true | none | Methods contains context for all enabled registration methods. If a registration flow has been
processed, but for example the password is incorrect, this will contain error messages. | +| » **additionalProperties** | [registrationFlowMethod](#schemaregistrationflowmethod) | false | none | none | +| request_url | string | true | none | RequestURL is the initial URL that was requested from ORY Kratos. It can be used
to forward information contained in the URL's path or query for example. | +| type | [Type](#schematype) | false | none | The flow type can either be `api` or `browser`. | @@ -9895,15 +9890,14 @@ p JSON.parse(result) }, "method": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|config|[registrationFlowMethodConfig](#schemaregistrationflowmethodconfig)|false|none|none| -|method|[CredentialsType](#schemacredentialstype)|false|none|and so on.| +| Name | Type | Required | Restrictions | Description | +| ------ | ------------------------------------------------------------------- | -------- | ------------ | ----------- | +| config | [registrationFlowMethodConfig](#schemaregistrationflowmethodconfig) | false | none | none | +| method | [CredentialsType](#schemacredentialstype) | false | none | and so on. | @@ -9960,18 +9954,17 @@ p JSON.parse(result) } ] } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|action|string|true|none|Action should be used as the form action URL ``.| -|fields|[formFields](#schemaformfields)|true|none|Fields contains multiple fields| -|messages|[Messages](#schemamessages)|false|none|none| -|method|string|true|none|Method is the form method (e.g. POST)| -|providers|[[formField](#schemaformfield)]|false|none|Providers is set for the "oidc" registration method.| +| Name | Type | Required | Restrictions | Description | +| --------- | ------------------------------- | -------- | ------------ | ------------------------------------------------------------------------------------------- | +| action | string | true | none | Action should be used as the form action URL ``. | +| fields | [formFields](#schemaformfields) | true | none | Fields contains multiple fields | +| messages | [Messages](#schemamessages) | false | none | none | +| method | string | true | none | Method is the form method (e.g. POST) | +| providers | [[formField](#schemaformfield)] | false | none | Providers is set for the "oidc" registration method. | @@ -10036,18 +10029,17 @@ p JSON.parse(result) }, "session_token": "string" } - ``` -*The Response for Registration Flows via API* +_The Response for Registration Flows via API_ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|identity|[Identity](#schemaidentity)|true|none|none| -|session|[session](#schemasession)|false|none|none| -|session_token|string|true|none|The Session Token

This field is only set when the session hook is configured as a post-registration hook.

A session token is equivalent to a session cookie, but it can be sent in the HTTP Authorization
Header:

Authorization: bearer

The session token is only issued for API flows, not for Browser flows!| +| Name | Type | Required | Restrictions | Description | +| ------------- | --------------------------- | -------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| identity | [Identity](#schemaidentity) | true | none | none | +| session | [session](#schemasession) | false | none | none | +| session_token | string | true | none | The Session Token

This field is only set when the session hook is configured as a post-registration hook.

A session token is equivalent to a session cookie, but it can be sent in the HTTP Authorization
Header:

Authorization: bearer

The session token is only issued for API flows, not for Browser flows! | @@ -10059,14 +10051,13 @@ p JSON.parse(result) { "session_token": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|session_token|string|true|none|The Session Token

Invalidate this session token.| +| Name | Type | Required | Restrictions | Description | +| ------------- | ------ | -------- | ------------ | ------------------------------------------------------- | +| session_token | string | true | none | The Session Token

Invalidate this session token. | @@ -10105,19 +10096,18 @@ p JSON.parse(result) }, "issued_at": "2019-08-24T14:15:22Z" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|active|boolean|false|none|none| -|authenticated_at|string(date-time)|true|none|none| -|expires_at|string(date-time)|true|none|none| -|id|[UUID](#schemauuid)|true|none|none| -|identity|[Identity](#schemaidentity)|true|none|none| -|issued_at|string(date-time)|true|none|none| +| Name | Type | Required | Restrictions | Description | +| ---------------- | --------------------------- | -------- | ------------ | ----------- | +| active | boolean | false | none | none | +| authenticated_at | string(date-time) | true | none | none | +| expires_at | string(date-time) | true | none | none | +| id | [UUID](#schemauuid) | true | none | none | +| identity | [Identity](#schemaidentity) | true | none | none | +| issued_at | string(date-time) | true | none | none | @@ -10234,26 +10224,25 @@ p JSON.parse(result) "state": "string", "type": "string" } - ``` -*Flow represents a Settings Flow* +_Flow represents a Settings Flow_ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|active|string|false|none|Active, if set, contains the registration method that is being used. It is initially
not set.| -|expires_at|string(date-time)|true|none|ExpiresAt is the time (UTC) when the flow expires. If the user still wishes to update the setting,
a new flow has to be initiated.| -|id|[UUID](#schemauuid)|true|none|none| -|identity|[Identity](#schemaidentity)|true|none|none| -|issued_at|string(date-time)|true|none|IssuedAt is the time (UTC) when the flow occurred.| -|messages|[Messages](#schemamessages)|false|none|none| -|methods|object|true|none|Methods contains context for all enabled registration methods. If a settings flow has been
processed, but for example the first name is empty, this will contain error messages.| -|» **additionalProperties**|[settingsFlowMethod](#schemasettingsflowmethod)|false|none|none| -|request_url|string|true|none|RequestURL is the initial URL that was requested from ORY Kratos. It can be used
to forward information contained in the URL's path or query for example.| -|state|[State](#schemastate)|true|none|none| -|type|[Type](#schematype)|false|none|The flow type can either be `api` or `browser`.| +| Name | Type | Required | Restrictions | Description | +| -------------------------- | ----------------------------------------------- | -------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| active | string | false | none | Active, if set, contains the registration method that is being used. It is initially
not set. | +| expires_at | string(date-time) | true | none | ExpiresAt is the time (UTC) when the flow expires. If the user still wishes to update the setting,
a new flow has to be initiated. | +| id | [UUID](#schemauuid) | true | none | none | +| identity | [Identity](#schemaidentity) | true | none | none | +| issued_at | string(date-time) | true | none | IssuedAt is the time (UTC) when the flow occurred. | +| messages | [Messages](#schemamessages) | false | none | none | +| methods | object | true | none | Methods contains context for all enabled registration methods. If a settings flow has been
processed, but for example the first name is empty, this will contain error messages. | +| » **additionalProperties** | [settingsFlowMethod](#schemasettingsflowmethod) | false | none | none | +| request_url | string | true | none | RequestURL is the initial URL that was requested from ORY Kratos. It can be used
to forward information contained in the URL's path or query for example. | +| state | [State](#schemastate) | true | none | none | +| type | [Type](#schematype) | false | none | The flow type can either be `api` or `browser`. | @@ -10295,15 +10284,14 @@ p JSON.parse(result) }, "method": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|config|[FlowMethodConfig](#schemaflowmethodconfig)|false|none|none| -|method|string|false|none|Method is the name of this flow method.| +| Name | Type | Required | Restrictions | Description | +| ------ | ------------------------------------------- | -------- | ------------ | --------------------------------------- | +| config | [FlowMethodConfig](#schemaflowmethodconfig) | false | none | none | +| method | string | false | none | Method is the name of this flow method. | @@ -10445,17 +10433,16 @@ p JSON.parse(result) ] } } - ``` -*The Response for Settings Flows via API* +_The Response for Settings Flows via API_ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|flow|[settingsFlow](#schemasettingsflow)|true|none|This flow is used when an identity wants to update settings
(e.g. profile data, passwords, ...) in a selfservice manner.

We recommend reading the [User Settings Documentation](../self-service/flows/user-settings)| -|identity|[Identity](#schemaidentity)|true|none|none| +| Name | Type | Required | Restrictions | Description | +| -------- | ----------------------------------- | -------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| flow | [settingsFlow](#schemasettingsflow) | true | none | This flow is used when an identity wants to update settings
(e.g. profile data, passwords, ...) in a selfservice manner.

We recommend reading the [User Settings Documentation](../self-service/flows/user-settings) | +| identity | [Identity](#schemaidentity) | true | none | none | @@ -10549,25 +10536,24 @@ p JSON.parse(result) "state": "string", "type": "string" } - ``` -*A Verification Flow* +_A Verification Flow_ #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|active|string|false|none|Active, if set, contains the registration method that is being used. It is initially
not set.| -|expires_at|string(date-time)|false|none|ExpiresAt is the time (UTC) when the request expires. If the user still wishes to verify the address,
a new request has to be initiated.| -|id|[UUID](#schemauuid)|false|none|none| -|issued_at|string(date-time)|false|none|IssuedAt is the time (UTC) when the request occurred.| -|messages|[Messages](#schemamessages)|false|none|none| -|methods|object|true|none|Methods contains context for all account verification methods. If a registration request has been
processed, but for example the password is incorrect, this will contain error messages.| -|» **additionalProperties**|[verificationFlowMethod](#schemaverificationflowmethod)|false|none|none| -|request_url|string|false|none|RequestURL is the initial URL that was requested from ORY Kratos. It can be used
to forward information contained in the URL's path or query for example.| -|state|[State](#schemastate)|true|none|none| -|type|[Type](#schematype)|false|none|The flow type can either be `api` or `browser`.| +| Name | Type | Required | Restrictions | Description | +| -------------------------- | ------------------------------------------------------- | -------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| active | string | false | none | Active, if set, contains the registration method that is being used. It is initially
not set. | +| expires_at | string(date-time) | false | none | ExpiresAt is the time (UTC) when the request expires. If the user still wishes to verify the address,
a new request has to be initiated. | +| id | [UUID](#schemauuid) | false | none | none | +| issued_at | string(date-time) | false | none | IssuedAt is the time (UTC) when the request occurred. | +| messages | [Messages](#schemamessages) | false | none | none | +| methods | object | true | none | Methods contains context for all account verification methods. If a registration request has been
processed, but for example the password is incorrect, this will contain error messages. | +| » **additionalProperties** | [verificationFlowMethod](#schemaverificationflowmethod) | false | none | none | +| request_url | string | false | none | RequestURL is the initial URL that was requested from ORY Kratos. It can be used
to forward information contained in the URL's path or query for example. | +| state | [State](#schemastate) | true | none | none | +| type | [Type](#schematype) | false | none | The flow type can either be `api` or `browser`. | @@ -10609,15 +10595,14 @@ p JSON.parse(result) }, "method": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|config|[verificationFlowMethodConfig](#schemaverificationflowmethodconfig)|false|none|none| -|method|string|false|none|Method contains the request credentials type.| +| Name | Type | Required | Restrictions | Description | +| ------ | ------------------------------------------------------------------- | -------- | ------------ | --------------------------------------------- | +| config | [verificationFlowMethodConfig](#schemaverificationflowmethodconfig) | false | none | none | +| method | string | false | none | Method contains the request credentials type. | @@ -10656,17 +10641,16 @@ p JSON.parse(result) ], "method": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|action|string|true|none|Action should be used as the form action URL ``.| -|fields|[formFields](#schemaformfields)|true|none|Fields contains multiple fields| -|messages|[Messages](#schemamessages)|false|none|none| -|method|string|true|none|Method is the form method (e.g. POST)| +| Name | Type | Required | Restrictions | Description | +| -------- | ------------------------------- | -------- | ------------ | ------------------------------------------------------------------------------------------- | +| action | string | true | none | Action should be used as the form action URL ``. | +| fields | [formFields](#schemaformfields) | true | none | Fields contains multiple fields | +| messages | [Messages](#schemamessages) | false | none | none | +| method | string | true | none | Method is the form method (e.g. POST) | @@ -10678,12 +10662,10 @@ p JSON.parse(result) { "version": "string" } - ``` #### Properties -|Name|Type|Required|Restrictions|Description| -|---|---|---|---|---| -|version|string|false|none|Version is the service's version.| - +| Name | Type | Required | Restrictions | Description | +| ------- | ------ | -------- | ------------ | --------------------------------- | +| version | string | false | none | Version is the service's version. | diff --git a/docs/docs/reference/configuration.md b/docs/docs/reference/configuration.md index afcc9aa960c..501cdfcdc4b 100644 --- a/docs/docs/reference/configuration.md +++ b/docs/docs/reference/configuration.md @@ -7,27 +7,29 @@ title: Configuration OPEN AN ISSUE IF YOU WOULD LIKE TO MAKE ADJUSTMENTS HERE AND MAINTAINERS WILL HELP YOU LOCATE THE RIGHT FILE --> -If file `$HOME/.kratos.yaml` exists, it will be used as a configuration file which supports all -configuration settings listed below. +If file `$HOME/.kratos.yaml` exists, it will be used as a configuration file +which supports all configuration settings listed below. -You can load the config file from another source using the `-c path/to/config.yaml` or `--config path/to/config.yaml` -flag: `kratos --config path/to/config.yaml`. +You can load the config file from another source using the +`-c path/to/config.yaml` or `--config path/to/config.yaml` flag: +`kratos --config path/to/config.yaml`. -Config files can be formatted as JSON, YAML and TOML. Some configuration values support reloading without server restart. -All configuration values can be set using environment variables, as documented below. +Config files can be formatted as JSON, YAML and TOML. Some configuration values +support reloading without server restart. All configuration values can be set +using environment variables, as documented below. -To find out more about edge cases like setting string array values through environmental variables head to the -[Configuring ORY services](https://www.ory.sh/docs/ecosystem/configuring) section. +To find out more about edge cases like setting string array values through +environmental variables head to the +[Configuring ORY services](https://www.ory.sh/docs/ecosystem/configuring) +section. ```yaml ## ORY Kratos Configuration # - ## identity ## # identity: - ## JSON Schema URL for default identity traits ## # # Path to the JSON Schema which describes a default identity's traits. @@ -35,7 +37,7 @@ identity: # Examples: # - file://path/to/identity.traits.schema.json # - https://foo.bar.com/path/to/identity.traits.schema.json - # + # # Set this value using environment variables on # - Linux/macOS: # $ export IDENTITY_DEFAULT_SCHEMA_URL= @@ -53,7 +55,7 @@ identity: # url: https://foo.bar.com/path/to/employee.traits.schema.json # - id: employee-v2 # url: https://foo.bar.com/path/to/employee.v2.traits.schema.json - # + # # Set this value using environment variables on # - Linux/macOS: # $ export IDENTITY_SCHEMAS= @@ -79,7 +81,7 @@ identity: # - mysql://user:secret@tcp(mysqld:3306)/database?max_conns=20&max_idle_conns=4 # - cockroach://user@cockroachdb:26257/database?sslmode=disable&max_conns=20&max_idle_conns=4 # - sqlite:///var/lib/sqlite/db.sqlite?_fk=true&mode=rwc -# +# # Set this value using environment variables on # - Linux/macOS: # $ export DSN= @@ -93,7 +95,6 @@ dsn: "postgres://user: ## selfservice ## # selfservice: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -101,7 +102,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_DEFAULT_BROWSER_RETURN_URL= @@ -118,7 +119,7 @@ selfservice: # - - https://app.my-app.com/dashboard # - /dashboard # - https://www.my-app.com/ - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_WHITELISTED_RETURN_URLS= @@ -133,11 +134,9 @@ selfservice: ## flows ## # flows: - ## settings ## # settings: - ## URL of the Settings page. ## # # URL where the Settings UI is hosted. Check the [reference implementation](https://github.com/ory/kratos-selfservice-ui-node). @@ -146,7 +145,7 @@ selfservice: # # Examples: # - https://my-app.com/user/settings - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_SETTINGS_UI_URL= @@ -163,7 +162,7 @@ selfservice: # - 1h # - 1m # - 1s - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_SETTINGS_LIFESPAN= @@ -180,7 +179,7 @@ selfservice: # - 1h # - 1m # - 1s - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_SETTINGS_PRIVILEGED_SESSION_MAX_AGE= @@ -192,7 +191,6 @@ selfservice: ## after ## # after: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -200,7 +198,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_SETTINGS_AFTER_DEFAULT_BROWSER_RETURN_URL= @@ -212,7 +210,6 @@ selfservice: ## password ## # password: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -220,7 +217,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_SETTINGS_AFTER_PASSWORD_DEFAULT_BROWSER_RETURN_URL= @@ -243,7 +240,6 @@ selfservice: ## profile ## # profile: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -251,7 +247,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_SETTINGS_AFTER_PROFILE_DEFAULT_BROWSER_RETURN_URL= @@ -274,11 +270,9 @@ selfservice: ## logout ## # logout: - ## after ## # after: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -286,7 +280,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_LOGOUT_AFTER_DEFAULT_BROWSER_RETURN_URL= @@ -298,7 +292,6 @@ selfservice: ## registration ## # registration: - ## Registration UI URL ## # # URL where the Registration UI is hosted. Check the [reference implementation](https://github.com/ory/kratos-selfservice-ui-node). @@ -307,7 +300,7 @@ selfservice: # # Examples: # - https://my-app.com/signup - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_REGISTRATION_UI_URL= @@ -324,7 +317,7 @@ selfservice: # - 1h # - 1m # - 1s - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_REGISTRATION_LIFESPAN= @@ -336,7 +329,6 @@ selfservice: ## after ## # after: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -344,7 +336,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_REGISTRATION_AFTER_DEFAULT_BROWSER_RETURN_URL= @@ -356,7 +348,6 @@ selfservice: ## password ## # password: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -364,7 +355,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_REGISTRATION_AFTER_PASSWORD_DEFAULT_BROWSER_RETURN_URL= @@ -387,7 +378,6 @@ selfservice: ## oidc ## # oidc: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -395,7 +385,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_REGISTRATION_AFTER_OIDC_DEFAULT_BROWSER_RETURN_URL= @@ -418,7 +408,6 @@ selfservice: ## login ## # login: - ## Login UI URL ## # # URL where the Login UI is hosted. Check the [reference implementation](https://github.com/ory/kratos-selfservice-ui-node). @@ -427,7 +416,7 @@ selfservice: # # Examples: # - https://my-app.com/login - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_LOGIN_UI_URL= @@ -444,7 +433,7 @@ selfservice: # - 1h # - 1m # - 1s - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_LOGIN_LIFESPAN= @@ -456,7 +445,6 @@ selfservice: ## after ## # after: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -464,7 +452,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_LOGIN_AFTER_DEFAULT_BROWSER_RETURN_URL= @@ -476,7 +464,6 @@ selfservice: ## password ## # password: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -484,7 +471,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_LOGIN_AFTER_PASSWORD_DEFAULT_BROWSER_RETURN_URL= @@ -507,7 +494,6 @@ selfservice: ## oidc ## # oidc: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -515,7 +501,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_LOGIN_AFTER_OIDC_DEFAULT_BROWSER_RETURN_URL= @@ -538,7 +524,6 @@ selfservice: ## Email and Phone Verification and Account Activation Configuration ## # verification: - ## Enable Email/Phone Verification ## # # If set to true will enable [Email and Phone Verification and Account Activation](https://www.ory.sh/kratos/docs/self-service/flows/verify-email-account-activation/). @@ -561,7 +546,7 @@ selfservice: # # Examples: # - https://my-app.com/verify - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_VERIFICATION_UI_URL= @@ -573,7 +558,6 @@ selfservice: ## after ## # after: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -581,7 +565,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_VERIFICATION_AFTER_DEFAULT_BROWSER_RETURN_URL= @@ -600,7 +584,7 @@ selfservice: # - 1h # - 1m # - 1s - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_VERIFICATION_LIFESPAN= @@ -612,7 +596,6 @@ selfservice: ## Account Recovery Configuration ## # recovery: - ## Enable Account Recovery ## # # If set to true will enable [Account Recovery](https://www.ory.sh/kratos/docs/self-service/flows/password-reset-account-recovery/). @@ -635,7 +618,7 @@ selfservice: # # Examples: # - https://my-app.com/verify - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_RECOVERY_UI_URL= @@ -647,7 +630,6 @@ selfservice: ## after ## # after: - ## Redirect browsers to set URL per default ## # # ORY Kratos redirects to this URL per default on completion of self-service flows and other browser interaction. Read this [article for more information on browser redirects](https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion). @@ -655,7 +637,7 @@ selfservice: # Examples: # - https://my-app.com/dashboard # - /dashboard - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_RECOVERY_AFTER_DEFAULT_BROWSER_RETURN_URL= @@ -674,7 +656,7 @@ selfservice: # - 1h # - 1m # - 1s - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_RECOVERY_LIFESPAN= @@ -686,7 +668,6 @@ selfservice: ## error ## # error: - ## ORY Kratos Error UI URL ## # # URL where the ORY Kratos Error UI is hosted. Check the [reference implementation](https://github.com/ory/kratos-selfservice-ui-node). @@ -695,7 +676,7 @@ selfservice: # # Examples: # - https://my-app.com/kratos-error - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SELFSERVICE_FLOWS_ERROR_UI_URL= @@ -707,11 +688,9 @@ selfservice: ## methods ## # methods: - ## profile ## # profile: - ## Enables Profile Management Method ## # # Default value: true @@ -727,7 +706,6 @@ selfservice: ## recovery_token ## # recovery_token: - ## Enables Token-based Account Recovery Method ## # # Default value: true @@ -743,7 +721,6 @@ selfservice: ## password ## # password: - ## Enables Username/Email and Password Method ## # # Default value: true @@ -759,7 +736,6 @@ selfservice: ## oidc ## # oidc: - ## Enables OpenID Connect Method ## # # Default value: false @@ -775,7 +751,6 @@ selfservice: ## config ## # config: - ## OpenID Connect and OAuth2 Providers ## # # A list and configuration of OAuth2 and OpenID Connect providers ORY Kratos should integrate with. @@ -844,20 +819,18 @@ selfservice: # The courier is responsible for sending and delivering messages over email, sms, and other means. # courier: - ## SMTP Configuration ## # # Configures outgoing emails using the SMTP protocol. # smtp: - ## SMTP connection string ## # # This URI will be used to connect to the SMTP server. Use the query parameter to allow (`?skip_ssl_verify=true`) or disallow (`?skip_ssl_verify=false`) self-signed TLS certificates. Please keep in mind that any host other than localhost / 127.0.0.1 must use smtp over TLS (smtps) or the connection will not be possible. # # Examples: # - smtps://foo:bar@my-mailserver:1234/?skip_ssl_verify=false - # + # # Set this value using environment variables on # - Linux/macOS: # $ export COURIER_SMTP_CONNECTION_URI= @@ -886,7 +859,7 @@ courier: # # Examples: # - /conf/courier-templates - # + # # Set this value using environment variables on # - Linux/macOS: # $ export COURIER_TEMPLATE_OVERRIDE_PATH= @@ -898,18 +871,16 @@ courier: ## serve ## # serve: - ## admin ## # admin: - ## Admin Base URL ## # # The URL where the admin endpoint is exposed at. # # Examples: # - https://kratos.private-network:4434/ - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SERVE_ADMIN_BASE_URL= @@ -944,7 +915,7 @@ serve: # # Examples: # - 4434 - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SERVE_ADMIN_PORT= @@ -956,7 +927,6 @@ serve: ## public ## # public: - ## Public Base URL ## # # The URL where the public endpoint is exposed at. @@ -964,7 +934,7 @@ serve: # Examples: # - https://my-app.com/.ory/kratos/public # - /.ory/kratos/public/ - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SERVE_PUBLIC_BASE_URL= @@ -999,7 +969,7 @@ serve: # # Examples: # - 4433 - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SERVE_PUBLIC_PORT= @@ -1011,7 +981,6 @@ serve: ## log ## # log: - ## level ## # # One of: @@ -1022,7 +991,7 @@ log: # - error # - fatal # - panic - # + # # Set this value using environment variables on # - Linux/macOS: # $ export LOG_LEVEL= @@ -1048,7 +1017,7 @@ log: # One of: # - json # - text - # + # # Set this value using environment variables on # - Linux/macOS: # $ export LOG_FORMAT= @@ -1060,7 +1029,6 @@ log: ## secrets ## # secrets: - ## Default Encryption Signing Secrets ## # # The first secret in the array is used for singing and encrypting things while all other keys are used to verify and decrypt older things that were signed with that old secret. @@ -1093,11 +1061,9 @@ secrets: ## Hashing Algorithm Configuration ## # hashers: - ## Configuration for the Argon2id hasher. ## # argon2: - ## memory ## # # Minimum value: 16384 @@ -1161,7 +1127,6 @@ hashers: ## session ## # session: - ## Session Lifespan ## # # Defines how long a session is active. Once that lifespan has been reached, the user needs to sign in again. @@ -1172,7 +1137,7 @@ session: # - 1h # - 1m # - 1s - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SESSION_LIFESPAN= @@ -1184,15 +1149,15 @@ session: ## cookie ## # cookie: - ## Session Cookie Domain ## # # Sets the session cookie domain. Useful when dealing with subdomains. Use with care! # domain: title: Session Cookie Domain - description: Sets the session cookie domain. Useful when dealing with - subdomains. Use with care! + description: + Sets the session cookie domain. Useful when dealing with subdomains. Use + with care! ## Make Session Cookie Persistent ## # @@ -1230,7 +1195,7 @@ session: # - Strict # - Lax # - None - # + # # Set this value using environment variables on # - Linux/macOS: # $ export SESSION_COOKIE_SAME_SITE= @@ -1248,5 +1213,4 @@ session: # > set VERSION= # version: v91333221585.262418.0+qDWwJmAz.2e.tvyE9.buy6nC.THs - -``` \ No newline at end of file +``` diff --git a/docs/sidebar.json b/docs/sidebar.json index 095e4c9bb58..d79deb32478 100644 --- a/docs/sidebar.json +++ b/docs/sidebar.json @@ -85,6 +85,24 @@ "cli/kratos-remote-status", "cli/kratos-remote-version" ] + }, + { + "items": [ + "cli/kratos", + "cli/kratos-identities", + "cli/kratos-identities-delete", + "cli/kratos-identities-get", + "cli/kratos-identities-import", + "cli/kratos-identities-list", + "cli/kratos-identities-patch", + "cli/kratos-identities-validate", + "cli/kratos-jsonnet", + "cli/kratos-jsonnet-format", + "cli/kratos-jsonnet-lint", + "cli/kratos-remote", + "cli/kratos-remote-status", + "cli/kratos-remote-version" + ] } ], "Debug & Help": ["debug/csrf"],