Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

What is the best way to protect the admin api from Kratos? I want to build a frontend for it used as an admin ui, that will be publicly available. On Ory network you can create an api access token. When selfhosted, Oathkeeper would be the best option. But with that what would be the best option there? Should I create users with specific permissions via Keto, that can login to that ui specifically?