ory/kratos

Issues

• Hook `require_verified_address`: option to require all of the addresses to be verified

  #4117 opened 2 months ago by renom
  1

• Verify email address before registration

  #4096 opened 2 months ago by doneHappyPlay
  1

• Kratos is unable to contact NAT64 addresses even when `clients.http.disallow_private_ip_ranges` is false

  #4142 opened 2 months ago by tesinormed
  0

• Requesting a login code returns HTTP 400

  #4052 opened 2 months ago by micheljung
  11

• Support login passwordless OTP code flow with username identifier

  #4141 opened 2 months ago by karakter98
  0

• Support appending to array and resetting value when loading multiple configs

  #4136 opened 2 months ago by renom
  0

• OIDC Provider Filtering in Self-Hosted Kratos Instance

  #4135 opened 2 months ago by mapepro
  0

• Set recovery methods to aal0 (Authenticator Assurance Level)

  #4134 opened 2 months ago by hhu10
  0

• Entra App installation failure

  #4133 opened 2 months ago by DimuthuSig
  0

• Jsonnet flag to skip triggering of web hook

  #4130 opened 2 months ago by renom
  2

• /sessions/whoami cannot authorise by session token, only by session cookies

  #4129 opened 2 months ago by tamtakoe
  0

• Missing "x-total-count" header for listIdentities endpoint

  #4128 opened 2 months ago by thephilippbusch
  1

• Add support for JWE for kratos session JWT

  #4126 opened 2 months ago by geekodour
  3

• Credential Identifiers Are Appended, Not Updated, When Changing the `email` Trait

  #4076 opened 2 months ago by 3schwartz
  12

• If user sits on Account-Experience login page, they get a login flow expired error

  #4097 opened 2 months ago by calebgrollins
  7

• Augment PKCE autodiscovery

  #4125 opened 2 months ago by alnr
  0

• CSRF Error during Login Flow despite passing cookies, X-CSRF-Token headers on SvelteKit Server Side.

  #4030 opened 3 months ago by devNamanG
  1

• Cannot patch identity with op: 'test', 'copy', 'move'

  #4032 opened 3 months ago by fmiqbal
  3

• Return conflicting rows on batch import

  #4072 opened 2 months ago by zepatrik
  0

• A request failed due to a missing or invalid csrf_token value

  #4043 opened 2 months ago by yonas
  3

• Before verification webhook not called

  #4110 opened 2 months ago by camero2734
  0

• `ErrCompletedByStrategy` is not an error, but shows up in telemetry as such.

  #4109 opened 2 months ago by beanow-at-crabnebula
  0

• Verification is automatically shown for password flow even if required auth is disabled

  #4105 opened 2 months ago by aeneasr
  0

• Frontend Get User-Flow Errors API exposes technical details

  #4100 opened 2 months ago by OskarsPakers
  0

• Support for PKCE in OIDC social providers

  #4009 opened 2 months ago by OskarsPakers
  9

• Ory Kratos quickstart error

  #4094 opened 2 months ago by JackySu
  1

• Unable to send verification SMS on registration flow when set custom http port

  #4099 opened 2 months ago by eyoboue
  4

• Refresh identity traits on social / SSO login

  #4084 opened 2 months ago by Sese-Schneider
  1

• Mark email addresses as valid after completing admin initiated recovery (invite) flow with code method

  #4090 opened 2 months ago by winterec
  1

• Add request data to web hook ctx

  #4082 opened 2 months ago by renom
  0

• Add old identity to web hook ctx for settings flow

  #4081 opened 2 months ago by renom
  0

• Disallow updating (editing) of verified identifiers

  #4080 opened 3 months ago by renom
  0

• OIDC native login/registration does not query for missing traits

  #4073 opened 3 months ago by hperl
  1

• profile:back button method not working

  #4010 opened 4 months ago by blitss
  2

• Settings flow unable to update password and vulnerability discovered

  #4065 opened 3 months ago by dextercodo
  0

• Clients generated from OpenAPI specification cannot handle Passkey authentication method

  #4063 opened 3 months ago by Saancreed
  0

• Internal Server Error: Unable to increment the message's "send_count" field

  #4058 opened 3 months ago by micheljung
  1

• json: unknown field - use_password_migration_hook

  #4039 opened 3 months ago by jimmills
  1

• Email update does not indicate `show_verification_ui` if session is no longer privileged

  #4053 opened 3 months ago by aeneasr
  0

• disallow_private_ip_ranges and private_ip_exception_urls settings don't work as expected

  #4049 opened 3 months ago by David-Wobrock
  0

• Unable to sign up via passkeys but can log in with Webauthn -> Passkeys

  #4045 opened 3 months ago by eadwu
  0

• [With Hdyra]Kratos return null for login_challenge when previous OIDC for the same client not complete.

  #4024 opened 4 months ago by EverettSummer
  2

• Upgrade go-webauthn to 0.11.0

  #4034 opened 3 months ago by aeneasr
  0

• Workarounds for Microsoft Entra non-compliance to the OIDC spec

  #4005 opened 4 months ago by mpauly-exnaton
  3

• Replace obsolete and vulnerable SHA1 with SHA256 for TOTP.

  #4020 opened 4 months ago by kamilkloch
  0

• Session ID is nil in post login password webhook

  #4016 opened 4 months ago by b-pagis
  0

• Getting error on email submission on recovery - "message": "named insert: ERROR: column \"channel\" of relation \"courier_messages\" does not exist (SQLSTATE 42703)"

  #4014 opened 4 months ago by tanmayvaij
  0

• `persistence.sql.NextMessages` registers as Error in otel-tracing

  #4013 opened 4 months ago by afreakk
  0

• Add Support for Masking Identifiers (Email and Phone) in Settings and Interfaces

  #4012 opened 4 months ago by VoDmAl
  0

• Cookie setting SameSite not applied when accessing provider from iframe hosted app in MS Dynamics environment

  #4006 opened 4 months ago by Saibot27
  0