ORY Kratos

Get Identities

curl -s http://kratos-admin.ory.svc.cluster.local/admin/identities | jq

Delete

curl -X DELETE http://kratos-admin.ory.svc.cluster.local/admin/identities/<IDENTIRY_ID>

Create

curl -X POST http://kratos-admin.ory.svc.cluster.local/admin/identities \
  -H "Content-Type: application/json" \
  -d '{"schema_id":"default","state":"active","traits":{"email":"[email protected]"},"credentials":{"password":{"config":{"password":"PASSWORD"}}}}'

Set password

curl -X PUT http://kratos-admin.ory.svc.cluster.local/admin/identities/<IDENTIRY_ID> \
  -H "Content-Type: application/json" \
  -d '{"schema_id":"default","state":"active","traits":{"email":"[email protected]"},"credentials":{"password":{"config":{"password":"NEW_PASSWORD"}}}}'

Pod Logs

kubectl logs -f -n ory -l app.kubernetes.io/name=kratos

OIDC Secrets in kubernetes: works!

deployment:
  extraEnv:
    - name: DSN
      valueFrom:
        secretKeyRef:
          name: kratos-secrets
          key: dsn
    # Google
    - name: SELFSERVICE_METHODS_OIDC_CONFIG_PROVIDERS_0_CLIENT_SECRET
      valueFrom:
        secretKeyRef:
          name: kratos-secrets
          key: SELFSERVICE_METHODS_OIDC_CONFIG_PROVIDERS_0_CLIENT_SECRET
    # Microsoft
    - name: SELFSERVICE_METHODS_OIDC_CONFIG_PROVIDERS_1_CLIENT_SECRET
      valueFrom:
        secretKeyRef:
          name: kratos-secrets
          key: SELFSERVICE_METHODS_OIDC_CONFIG_PROVIDERS_1_CLIENT_SECRET