Hi, any doc reference or clue on multi schema handling, let’s say in registration flow, for different user types?

Hi @glamorous-parrot-72599 This is currently not possible, see https://github.com/ory/kratos/issues/765

@proud-plumber-24205 Does this applies to Ory Network also? (we’re doing PoC currently w. Ory Network)

Yes this also applies to the Ory Network unfortunately. What is your use case, maybe I can assist to find a solution?

We have need to have different schemas(eg.): • Employees • Employers

Is it because the traits are different?

Yes

That's fine, you can use a singular schema and then add permissions to each using their unique ID assigned by Kratos. Find common traits to store in the schema and the rest you store inside your own database.

We’re still learning ory permissions. Not sure how easy the permission handling is if we have over 300k users and roughly 40k companies.

@glamorous-parrot-72599 I think we have community contributed examples here: https://github.com/ory/examples/tree/master/kratos-keto-oathkeeper-k8s But to be honest, this is more extensive topic within your own systems architecture. Ory just provides the services for Authentication and Authorization. A basic implementation would be: 1. User signs up (Ory Identity / Kratos) 2. A webhook fires calling your service with the Identity ID 3. Your service stores this information and creates the necessary permissions using Ory Permissions / Keto 4. Later the user calls your service with a session cookie - the cookie contains their userID 5. The userID is used with the object you are protecting (e.g. files) to call Ory permissions check API. Based on response you allow or deny. Please take a look at the permissions document https://www.ory.sh/docs/keto/

@proud-plumber-24205 I am using

code

strategy and sending the recovery link, but users are not able to complete flow because of missing csrf_token how do I handle this.