This message was deleted Ory Community #general

Join Slack

This message was deleted.

# general

microscopic-answer-24504

05/22/2023, 8:34 AM

This message was deleted.

magnificent-energy-493

05/22/2023, 9:00 AM

Hello @worried-memory-93297 At the moment Ory supports OIDC and SAML is coming soon. SCIM would be neat and there is interest from the community, not sure if an issue for that already exists. LDAP has been discussed a lot on GitHub and I think right now no plans to implement. Generally you can use Webhooks/Ory Actions to integrate/sync other systems: https://www.ory.sh/docs/kratos/hooks/configure-hooks

worried-memory-93297

05/22/2023, 11:28 AM

Thank you!

worried-memory-93297

05/22/2023, 2:40 PM

Could you please suggest, Is there examples how can I do simple things step by step? Basically I want to try to do the following things step by step 1. Register several users 2. Gave them different roles and permissions in different groups 3. Get users /permissons via API 4. Try to figure out how to add an approval flow to get some permissions

fancy-oil-87995

07/18/2023, 10:08 PM

Hi @magnificent-energy-493 can you give a status update on the SAML work? Is there a ticket for this that we can track?

magnificent-energy-493

07/19/2023, 7:08 AM

Hello @fancy-oil-87995 there are some issues and PRs open in the ory/kratos repository. However if your company is interested in the feature I would suggest to reach out to the team directly -> https://www.ory.sh/contact/. We are still looking for companies interested in it and will prioritize work on SAML accordingly.

magnificent-energy-493

07/19/2023, 7:12 AM

Hey @worried-memory-93297 apologies for the late follow up 1. Register several users: Ory supports two types of registration flows: one for server-side or client-side applications and another for API interactions. Two registration methods are supported:

password

for signing up with an email/username and password, and

oidc

for signing up using a social sign in provider such as Google or Facebook. You can configure which methods to use in the Ory Identities configuration or in the Console UI. Here is an example of how to enable these methods in the configuration file:

Copy code

selfservice:  
 methods:  
 password:  
 enabled: true  
 oidc:  
 enabled: true  
 # ...

(Source: User Registration) 2. Give them different roles and permissions in different groups: Ory Permissions provides features to manage relationships and permissions in your application. You can define namespaces to organize your entities, and use the Ory Permissions API to create and manage relationships and permissions programmatically. You can use the Ory Permission Language (OPL) to configure namespaces and relationship rules. For example, you can specify that if a user has access to a folder, the user also has access to all files in that folder. (Source: Simple Access Check Guide, Permissions Overview) 3. Get users/permissions via API: Ory Permissions exposes two APIs for integration: REST and gRPC. The REST API includes the Permission API and the Relationship API. You can use these APIs to get, create, update, and delete permissions, and to check if a user has a permission. 4. *Add an approval flow to get some permission*s: All permission checks are performed using Ory Permissions. Before any action is taken, the required permission should be checked to ensure that the action is allowed. Once you authenticated the subject, you can perform permission checks by calling the check method of the OryPermissions client. The check method takes the subject, permission, and object as parameters and returns a boolean value indicating whether the permission is granted or not. (Source: Simple Access Check Guide)

🙌 1

7 Views

Open in Slack

Previous Next