I'm developing my own front end for kratos in our system. It will be client-side React (Patternfly). Just to confirm, I use the API (not browser) flows for Kratos, right? What is the proper way to configure the SDK to do this? I can start the login flow, but when I attempt to login I get

The HTTP Request Header included the \"Origin\" key, indicating that this request was made as part of an AJAX request in a Browser. The flow however was initiated as an API request. To prevent potential misuse and mitigate several attack vectors including CSRF, the request has been blocked. Please consult the documentation."

I have setup the kratos public url to be ingress routed to a known URL/path. This connection seems to work. Is this the expected/proper way to access Kratos when using a client-side GUI? My current sdk config is based on this: https://github.com/ory/kratos-selfservice-ui-react-native/blob/master/src/helpers/sdk.tsx#L26

If you are still using a browser to render your application - so not React Native, then you will need to use the Browser flows through AJAX / fetch.

Ok. And that will work with a client-side GUI?

Yes

Ok. Thanks!

No, if you are using a browser you need the credentials included since you are using a cookie instead of a token.

Is there a client-side GUI example?

No we don't have a pure official client-side (SPA) example yet. But this might help you since it is react + nextjs https://github.com/ory/kratos-selfservice-ui-react-nextjs