Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Why do identities created via OIDC providers also automatically have the password and webauthn configured as one of the credentials? :thinking_face:
Can this be prevented?

I’m asking as we want to know which authentication methods a user can sign-in with.
But the user does not have any password or Passkey configured

Okay switching from the default email &amp; password identity schema to a custom one without
```"<http://ory.sh/kratos|ory.sh/kratos>": {
  "credentials": {
    "password": {
      "identifier": true
    },
    "webauthn": {
      "identifier": true
    },
    "totp": {
      "account_name": true
    }
  },
  "recovery": {
    "via": "email"
  },
  "verification": {
    "via": "email"
  }
}```
did the trick