Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hello everyone, I faced an issue when I try browser login api via postman or swagger even I passed the csrf_token token received by get login browser I got security_csrf_violation

This is because you are not calling from an authorized DNS name, which must be configured in Kratos to include all domains from which the call will be made.

I just used the base uri generated by ory-network., login api works fine but for browser no