Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document OIDC auth flow #124

Closed
aeneasr opened this issue Nov 22, 2019 · 7 comments · Fixed by #415
Closed

Document OIDC auth flow #124

aeneasr opened this issue Nov 22, 2019 · 7 comments · Fixed by #415
Milestone
v0.3.0-alpha.1

Comments

@aeneasr
Copy link
Member

aeneasr commented Nov 22, 2019
edited
Loading

Is your feature request related to a problem? Please describe.

This documents how the OpenID Connect (and OAuth2) strategy work.

Describe the solution you'd like

  1. Document that POST data (e.g. traits.foo=bar) overrides data from oidc provider (using ory\.sh/kratos.mappings.identities.traits.#.path) when signing up.
  2. Document the overall flow using mermaid graph
@aeneasr aeneasr added this to the v0.0.1 milestone Nov 22, 2019
@gperdomor
Copy link

How this flow works? Kratos standalone or should be configured with Hydra?

@aeneasr
Copy link
Member Author

aeneasr commented Feb 18, 2020

This will be working with ORY Hydra and GitHub, Google, and so on. Still needs a lot of docs though!

@gperdomor
Copy link

In my job, we provide a SAAS platform and we want to expand our API to 3rd party clients, so we want to rewrite some things, one of them, the User related API, Initially I wanted to write a User/Identity API (in this case, with Node) and connected with Hydra, until i saw Kratos, what do you recommend us?

@aeneasr
Copy link
Member Author

aeneasr commented Feb 18, 2020

I see, so this issue will document how ORY Kratos can consume e.g. "Sign in with Google". Another issue will be to integrate ORY Hydra natively with ORY Kratos. You can probably work around this interface not existing yet by implementing the login/consent flow in the app that handles the login ui for kratos :)

@gperdomor
Copy link

Mmmmm yes ... instead of using Node to build some kind of "Kratos", I wanted to try using Kratos + Hydra ... I was thinking that maybe build a REST with a user CRUD and call the Kratos API in second plan to manage the Identities, then try to integrate with Hydra 🤔

@aeneasr
Copy link
Member Author

aeneasr commented Feb 18, 2020

Yeah, that's a good plan :) We don't support Hydra yet in Kratos as downstream (so your usecase), only as upstream (so "log in via X,Y,Z") but this will be solved in a future patch!

@aeneasr aeneasr modified the milestones: v0.2.0-alpha.1, v0.2.1-alpha.1 May 2, 2020
@aeneasr aeneasr mentioned this issue May 4, 2020
Merged
@aeneasr
Copy link
Member Author

aeneasr commented May 5, 2020

This should be addressed after the switch to JSONNet #380

aeneasr added a commit that referenced this issue May 15, 2020
@aeneasr
docs: document oidc strategy
cba0073 
Closes #409
Closes #124
Closes #32
@aeneasr aeneasr mentioned this issue May 15, 2020
Merged
aeneasr added a commit that referenced this issue May 15, 2020
@aeneasr
docs: document oidc strategy (#415)
9f079f4 
Closes #409
Closes #124
Closes #32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.3.0-alpha.1
Development

Successfully merging a pull request may close this issue.

docs: document oidc strategy ory/kratos
2 participants
@gperdomor @aeneasr