The Ory Kratos documentation does not provide explicit information on disabling the ability to change the email address in the profile flow. However, the profile flow allows updating protected fields such as the username or email address used to sign in, and the recovery email address. If you want to restrict this, you might need to customize the flow or the Identity Schema. It's recommended to check the [Ory Kratos documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-settings#update-profile) or reach out to the Ory community for more specific guidance.

The Ory Kratos documentation does not provide explicit information on disabling the ability to change the identifier field. The identifier field is typically used for login purposes and can be set to various fields such as

password

,

code

for one-time password login, or

webauthn

for WebAuthn login. Here are examples of setting the identifier field: For password login:

json {    "<http://ory.sh/kratos|ory.sh/kratos>": {    "credentials": {    "password": {    "identifier": true    }    }    }   }

For one-time code login:

json {    "<http://ory.sh/kratos|ory.sh/kratos>": {    credentials: {    code: {    identifier: true,    via: "email",    },    },    },   }

For WebAuthn login:

json {     "<http://ory.sh/kratos|ory.sh/kratos>": {       "credentials": {         "webauthn": {           "identifier": true         }       }     }   }

If you want to restrict changes to these fields, you might need to customize the flow or the Identity Schema. It's recommended to check the [Ory Kratos documentation](https://www.ory.sh/docs/kratos/) or reach out to the Ory community for more specific guidance.