Guten tag Oryers! I want to use the keto grpc clie...
# ory-networkc
curved-fountain-46946
03/16/2023, 1:43 PMGuten tag Oryers! I want to use the keto grpc client with ory network. Is this supported? If so, where do I connect and how do I auth? Kind regards, your friend HC
r
refined-kangaroo-48640
03/16/2023, 2:05 PMYes, gRPC for Keto is supported. Auth works by creating an API key in the console, and setting that as a bearer token in the header (
Authorization: Bearer ory_pat_xyz123…s
steep-lamp-91158
03/16/2023, 2:09 PM
c
curved-fountain-46946
03/16/2023, 2:16 PMAh, smooth! And you run the grpc server on the same interface/port as the http one? So no custom ports or anything?
r
refined-kangaroo-48640
03/16/2023, 2:47 PMYep
c
curved-fountain-46946
03/16/2023, 3:00 PMI'm kinda stuck @ tls rn. I see your client is running
Copy code
// nolint explicity set through scary flag
InsecureSkipVerify: true,curved-fountain-46946
03/16/2023, 3:01 PMIt would, in all honesty, be way cooler to actually trust your certs 😎
curved-fountain-46946
03/16/2023, 3:03 PMWell, you have the possibility to run insecure at least. I'm currently trusting my system ca pool, I feel like your cert should probably be trusted there already
s
steep-lamp-91158
03/16/2023, 3:11 PM
It should work with tls
c
curved-fountain-46946
03/16/2023, 3:13 PMYeah, I must be doing something wrong. Esp. since I'm using the same tlsconfig for http and grpc, and http does not complain, while grpc does (unless I run insecureSkipVerify)
curved-fountain-46946
03/16/2023, 3:26 PMYou're right, it was me being a dumbass the entire time. I made a PublicGrpcClient which trusts the root pool rather than our internal CA, but guess what? Even though I made a public one, I kept using the internal one when testing. What a moron...
curved-fountain-46946
03/16/2023, 3:27 PMOf course, when I actually use the public tls config, it works first try 🙃
👍 2
s
steep-lamp-91158
03/16/2023, 3:29 PM
Nice
4 Views