Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hi, I have a design question. I want to create a rest api and frontend that should do user management and authentication via Ory Kratos. However the rest api stores content according to the user ID of the user stored in ory kratos. There comes the first problem. When using a relational database, I can't do a relational mapping, as the user (identity) is stored in the ory database and not in the one of my rest api. So I might have to create some actions that will duplicate the user attributes to my rest api database. 

Another problem I have is, that the content the users can create is public. So everyone can query it and therefore need to query the user data every time the content is queried. This could be solved with the approach above by duplicating it or via the admin api and a separate microservice that wraps around it.

What do you think would be the best approach to solve this? Duplicating the user attributes to the rest api database on creation seems a bit messy to me. On the other hand this would save resources on the ory server and might be more secure as I don't always go over the admin api of ory itself