<https://ory-community.slack.com/archives/C012RBZF...
# ory-networkp
prehistoric-businessperson-29259
09/06/2023, 1:37 AMhttps://ory-community.slack.com/archives/C012RBZFMDG/p1693963833712619 this is on Ory network and is very much POC.
i am also curious if Ory network has oathkeeper available for non-enterprise? i am deploying on cloudflare and i may be reading it wrong, but seems like i can't use their waf to natively use hydra other than for internal users on their zero trust network at the bargain rate of $7/mo per user.
h
high-optician-2097
09/06/2023, 1:53 PM
Hey, looks like you’re trying to use our private backoffice APIs in that case. Those are not public (yet), so they won’t work with oathkeeper etc. I assume you want to use the APIs available at oryapis.com instead?
p
prehistoric-businessperson-29259
09/06/2023, 2:54 PMi am not sure what you mean by backoffice APIs?
I have a cname from auth.thriv.systems to elated-khayyam-50ns5l2iaf.projects.oryapis.com. i have tried both and am always getting the same thing. this is a maybe-easier-to-grok curl
Copy code
curl -vvv -H "Authorization: Bearer $ORY_API_KEY" -H "Accept: application/json" "${ORY_PRIVATE_API}/console/active/project"* Trying 104.18.12.126:443...* Connected to <http://elated-khayyam-50ns5l2iaf.projects.oryapis.com|elated-khayyam-50ns5l2iaf.projects.oryapis.com> (104.18.12.126) port 443 (#0)* ALPN: offers h2,http/1.1* (304) (OUT), TLS handshake, Client hello (1):* CAfile: /etc/ssl/cert.pem* CApath: none* (304) (IN), TLS handshake, Server hello (2):* (304) (IN), TLS handshake, Unknown (8):* (304) (IN), TLS handshake, Certificate (11):* (304) (IN), TLS handshake, CERT verify (15):* (304) (IN), TLS handshake, Finished (20):* (304) (OUT), TLS handshake, Finished (20):* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256* ALPN: server accepted h2* Server certificate:* subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=<http://oryapis.com|oryapis.com>* start date: Sep 1 00:00:00 2023 GMT* expire date: Nov 30 23:59:59 2023 GMT* subjectAltName: host "<http://elated-khayyam-50ns5l2iaf.projects.oryapis.com|elated-khayyam-50ns5l2iaf.projects.oryapis.com>" matched cert's "*.<http://projects.oryapis.com|projects.oryapis.com>"* issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3* SSL certificate verify ok.* using HTTP/2* h2h3 [:method: GET]* h2h3 [:path: /console/active/project]* h2h3 [:scheme: https]* h2h3 [:authority: <http://elated-khayyam-50ns5l2iaf.projects.oryapis.com|elated-khayyam-50ns5l2iaf.projects.oryapis.com>]* h2h3 [user-agent: curl/7.88.1]* h2h3 [authorization: Bearer ory_pat_d............................CJQ]* h2h3 [accept: application/json]* Using Stream ID: 1 (easy handle 0x14200a800)> GET /console/active/project HTTP/2> Host: <http://elated-khayyam-50ns5l2iaf.projects.oryapis.com|elated-khayyam-50ns5l2iaf.projects.oryapis.com>> user-agent: curl/7.88.1> authorization: Bearer ory_pat_d............................CJQ> accept: application/json>< HTTP/2 404< date: Wed, 06 Sep 2023 05:22:28 GMT< content-type: application/json< content-length: 144< vary: Origin< ory-network-region: euw< ory-network-request-id: 5c10c57b-f246-9912-82db-8390bc3868fd< cf-cache-status: DYNAMIC< set-cookie: __cf_bm=P.W7rvm3A............................GJSCtzUk-1693977748-0-AU/ubOKJA4ua............................l16GBL1CaeOyU0M=; path=/; expires=Wed, 06-Sep-23 05:52:28 GMT; domain=.<http://oryapis.com|oryapis.com>; HttpOnly; Secure; SameSite=None< set-cookie: __cflb=04dToa4SRc6TYov............................4FtQT; SameSite=None; Secure; path=/; expires=Wed, 06-Sep-23 06:22:28 GMT; HttpOnly< server: cloudflare< cf-ray: 802446425d9242f7-EWR< alt-svc: h3=":443"; ma=86400<{"error":{"code":404,"status":"Not Found","request":"5c10c57b-f246-9912-82db-8390bc3868fd","message":"Requested url does not match any rules"}}h
high-optician-2097
09/06/2023, 3:04 PM
/console/active/projectp
prehistoric-businessperson-29259
09/06/2023, 3:31 PMincredible. thanks. not sure what i had wrong before but i was trying other random APIs that i thought were more likely to work 🙃 .
i am not sure still how to distinguish what are "back office apis" and what are apis that are usable on ory network.
h
high-optician-2097
09/07/2023, 2:22 PM
where did you find this endpoint? I don’t believe we have it documented anywhere 😅
high-optician-2097
09/07/2023, 2:22 PM
I lied. we have it here: https://www.ory.sh/docs/reference/api#tag/project/operation/getActiveProjectInConsole
that’s an oversight on our part
p
prehistoric-businessperson-29259
09/07/2023, 2:22 PMyeah that's where i found it 😉
prehistoric-businessperson-29259
09/07/2023, 2:23 PMi was like.. for sure that one would work
h
high-optician-2097
09/07/2023, 2:23 PM
ok yeah these endpoints aren’t yet public. you can use them but it’s a bit of hassle. @magnificent-energy-493 has a guide how it works right
p
prehistoric-businessperson-29259
09/07/2023, 2:25 PMi think i have what i need. that was just needless assumption on my part trying different apis. all i absolutely need to do is permission and relationship stuff and that appears to work fine. i am not sure what i had wrong the first time tbh
h
high-optician-2097
09/07/2023, 2:29 PM
ok, good to hear!
5 Views