Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hi all,
I have a couple of questions:
1. I'm trying to integrate Ory client for dotnet to view and manage all of the identities. The docs says that to implement pagination I should provide `pageToken` . However, the `IdentityApi.ListIdentities` has return type of `Task&lt;List&lt;ClientIdentity&gt;&gt;` and I don't know how to receive the token for the next page.
2. My authorization model is extremely simple and Ory Permissions seems to be quite an overkill for it. On top of that, I need to come up with a solution that is relatively simple to justify Ory Network to my peers and managers. Is there a way to safely store permissions on the identity object itself? I was thinking something like claim or Ory traits.

after reading more docs its seems like metadata is a better candidate
still, would it be considered good enough security wise?