https://www.ory.sh/ logo
Join Slack
Powered by
<@U04UQ68083H> which date-time format ory supports...
# ory-copilot
f
@chilly-king-10285 which date-time format ory supports?
c
A message from kapa.ai
Ory supports the [rfc3339](https://tools.ietf.org/html/rfc3339) date format. Here is an example of how the date is formatted:
Copy code
json {     "created_at": "2006-01-02T15:04:05+07:00"   }
This format is used across various Ory APIs such as the frontend, oAuth2, project, and workspace APIs. Sources: - [Ory's REST design](https://www.ory.sh/docs/ecosystem/api-design) - [Ory API Reference](https://www.ory.sh/docs/reference/api)
f
@chilly-king-10285 what ory expect as payload for password change?
c
A message from kapa.ai
To change the password using Ory, you need to send a JSON payload that includes the new password. Here is an example of how the payload should look:
Copy code
json {   "password": "new-password",   "method": "password" }
This payload is sent to the action URL that you get from the settings API. Here is an example of how you can get the action URL and send the payload:
Copy code
bash password=ByS8NWuFSkDgMjbe      actionUrl=$(curl -s -H "Accept: application/json" \     -H "Authorization: bearer $sessionToken" \     '<https://playground.projects.oryapis.com/self-service/settings/api>' | jq -r '.ui.action')      curl -s -X POST -H "Accept: application/json" -H "Content-Type: application/json" \       -H "Authorization: bearer $sessionToken" \       -d '{"password": "'$password'", "method": "password"}' \       "$actionUrl" | jq
In this example, 
ByS8NWuFSkDgMjbe
is the new password and 
$sessionToken
is the session token of the user who wants to change their password. Sources: - [Ory Kratos User Settings & Profile Management](https://www.ory.sh/docs/kratos/self-service/flows/user-settings#api-clients-and-clients-without-browsers) - [Ory Kratos User Settings & Profile Management - Update Password](https://www.ory.sh/docs/kratos/self-service/flows/user-settings#update-password)
f
2024-07-13T025253+06:00
Copy code
2006-01-02T15:04:05+07:00
@chilly-king-10285 what is the date of birth format supports ory
c
A message from kapa.ai
Ory supports the ISO 8601:2004 date format for representing the date of birth. The format is 
YYYY-MM-DD
. The year may be 
0000
, indicating that it is omitted. To represent only the year, 
YYYY
format is allowed. Here is an example:
Copy code
json {   "birthdate": "2000-01-01" }
Please note that depending on the underlying platform's date related function, providing just year can result in varying month and day. So the implementers need to take this factor into account to correctly process the dates. Sources: - [Ory API Reference - oidc](https://www.ory.sh/docs/reference/api) - [Hydra API Reference - oidc](https://www.ory.sh/docs/hydra/reference/api)
f
@chilly-king-10285 how can I implement password change verification?
c
A message from kapa.ai
To implement password change verification in Ory, you need to follow these steps: 1. The end-user fills out the presented form and provides a new password. 2. You send a POST request to the action URL that you get from the settings API. The request includes a JSON payload that contains the new password. Here is an example of how you can get the action URL and send the payload:
Copy code
bash password=ByS8NWuFSkDgMjbe      actionUrl=$(curl -s -H "Accept: application/json" \     -H "Authorization: bearer $sessionToken" \     '<https://playground.projects.oryapis.com/self-service/settings/api>' | jq -r '.ui.action')      curl -s -X POST -H "Accept: application/json" -H "Content-Type: application/json" \       -H "Authorization: bearer $sessionToken" \       -d '{{"password": "'$password'", "method": "password"}}' \       "$actionUrl" | jq
In this example, 
ByS8NWuFSkDgMjbe
is the new password and 
$sessionToken
is the session token of the user who wants to change their password. Possible validation errors include not providing the password or providing a password which doesn't match the password policy. For additional security, you can also configure Ory to terminate all active sessions of the user when they change their password. To do this, you add the 
revoke_active_sessions
action to the 
hooks
configuration in the config file:
Copy code
yaml selfservice:     flows:       settings:         after:           password:             hooks:               - hook: revoke_active_sessions
Sources: - [Ory Kratos User Settings & Profile Management](https://www.ory.sh/docs/kratos/self-service/flows/user-settings#api-clients-and-clients-without-browsers) - [Ory Kratos User Settings & Profile Management - Update Password](https://www.ory.sh/docs/kratos/self-service/flows/user-settings#update-password-1) - [Ory Kratos Session Management - Revoke Sessions](https://www.ory.sh/docs/kratos/session-management/revoke-sessions-hook)
f
c
A message from kapa.ai
The 
/sessions/token-exchange
API endpoint is used to exchange a session token. This is part of the Ory API and is used in the frontend. Here are the parameters it requires: - `init_code`: This is a string that is part of the code returned when initializing the flow. It is a required query parameter. - `return_to_code`: This is a string that is part of the code returned by the return_to URL. It is also a required query parameter. The operation does not require authentication. Here's an example of how it might be used in a native app authentication flow: 1. The native app initializes a login or registration flow and receives the first part of the session token exchange code from the Ory Network. 2. After the user performs the social sign-in, the user is redirected back to the native application via an iOS Universal Link or Android App Link. 3. The native application then exchanges the session token exchange code for a session token using the first part of the code returned from the flow initialization, and the second part of the code returned from the 
return_to
query parameter. Sources: - [Ory API Reference](https://www.ory.sh/docs/reference/api) - [Kratos API Reference](https://www.ory.sh/docs/kratos/reference/api) - [Social sign-in for native and mobile apps](https://www.ory.sh/docs/kratos/social-signin/native-apps#the-native-app-authentication-flow)
f
@chilly-king-10285 I want to use this for flutter app and I get the return_to_code from code parameter not the return_to parameter
c
A message from kapa.ai
In the context of a Flutter application, you would still use the 
return_to_code
and 
init_code
parameters with the 
/sessions/token-exchange
API endpoint. The 
return_to_code
is part of the code returned by the 
return_to
URL, not the 
return_to
parameter itself. Here's a simplified example of how it might work: 1. Your Flutter app initializes a login or registration flow with Ory, and receives the first part of the session token exchange code (
init_code
). 2. After the user completes the login or registration process, they are redirected back to your Flutter app. The redirection URL will include a 
code
parameter, which is the second part of the session token exchange code (
return_to_code
). 3. Your Flutter app then makes a GET request to the 
/sessions/token-exchange
endpoint, including the 
init_code
and 
return_to_code
as query parameters. Please note that the actual implementation might be more complex and depends on the specifics of your application and your Ory configuration. Sources: - [Ory API Reference](https://www.ory.sh/docs/reference/api) - [Kratos API Reference](https://www.ory.sh/docs/kratos/reference/api) - [Social sign-in for native and mobile apps](https://www.ory.sh/docs/kratos/social-signin/native-apps#the-native-app-authentication-flow)
f
@chilly-king-10285 I am managing login, registration using ory sdk in my nextjs app, but I want to do profile update in dashboard, and my ui/ux doesn't match how ory sdk provides the UI, that's why I've decided to use browser api for just the setting part, here is the example of my get settings flow api: https://suspicious-shaw-xz8njg5h4o.projects.oryapis.com/self-service/settings/browser but I am getting cors error, any suggestion?
c
A message from kapa.ai
The CORS error you're encountering is likely due to the fact that Ory Kratos and your Next.js app need to be hosted on the same domain. This is a requirement for the settings flow to work correctly. Here's the relevant information from the Ory documentation: > Ory and your UI must be on the hosted on same top level domain. You can't host Ory and your UI on separate top level domains: > - 
<http://ory.bar.com|ory.bar.com>
and 
<http://app.bar.com|app.bar.com>
will work; > - 
<http://ory.bar.com|ory.bar.com>
and 
<http://bar.com|bar.com>
will work; > - 
<http://ory.bar.com|ory.bar.com>
and 
<http://not-bar.com|not-bar.com>
will not work. If your Next.js app and Ory Kratos are not on the same domain, you'll need to adjust your setup to ensure they are. Additionally, you need to ensure that all cookies are sent using the appropriate CORS and 
includeCredentials
configurations. This is especially important if you're making AJAX requests. If you're still encountering issues after checking these points, you might want to look into your server's CORS configuration to ensure it's allowing requests from the correct origins. Sources: - [Ory Kratos User Settings & Profile Management](https://www.ory.sh/docs/kratos/self-service/flows/user-settings#initialize-settings-flow) - [Ory Kratos User Settings & Profile Management - Client-Side (AJAX) Browser Clients](https://www.ory.sh/docs/kratos/self-service/flows/user-settings#user-and-profile-settings-for-client-side-ajax-browser-clients)
f
@chilly-king-10285 I am in development mode
c
A message from kapa.ai
When developing locally, your application is often exposed at the 
localhost
domain. Ory APIs must be available on the same domain (so 
localhost
) as your application to avoid issues with third-party cookies (e.g. when using Ory Session Cookies). The easiest way to expose Ory on your 
localhost
domain is to use the Ory CLI Tunnel. Here's an example of how to do this:
Copy code
bash ory tunnel --dev --project $PROJECT_SLUG <http://localhost:3000>
In this command, 
$PROJECT_SLUG
is the project slug from your project's Connect page. You can also set up environment variables for your local development. Here's an example of how to do this:
Copy code
bash # Unix   export VITE_ORY_SDK_URL=<http://localhost:4000>    # Windows   $Env:VITE_ORY_SDK_URL = "<http://localhost:4000>"
In this example, 
<http://localhost:4000>
is the URL where your Ory APIs are exposed. Sources: - [Ory Local Development](https://www.ory.sh/docs/getting-started/local-development#local-development) - [Ory Custom UI with Ory Elements](https://www.ory.sh/docs/kratos/bring-your-own-ui/custom-ui-ory-elements#run-the-sample-application) - [Ory Integrate Authentication into React](https://www.ory.sh/docs/getting-started/integrate-auth/react#run-your-react-app)
f
@chilly-king-10285 if I want to use browser api with axios instead of ory sdk, what would be the axios setup
c
A message from kapa.ai
To use Axios with the Ory Browser API, you need to set up Axios to include credentials with every request. This is necessary because Ory uses cookies for session management, and these cookies need to be included with every request. Here's an example of how you can set up Axios:
Copy code
javascript import axios from 'axios';  const api = axios.create({   baseURL: '<https://your-ory-endpoint.com>',   withCredentials: true, });  api.get('/self-service/settings/browser')   .then(response => {     // Handle the response   })   .catch(error => {     // Handle the error   });
In this example, 
<https://your-ory-endpoint.com>
should be replaced with the URL of your Ory instance. Please note that you need to make sure your server is set up to accept cross-origin requests from your site's domain, otherwise you might encounter CORS errors. Sources: - [Ory Kratos User Settings & Profile Management - Client-Side (AJAX) Browser Clients](https://www.ory.sh/docs/kratos/self-service/flows/user-settings#user-and-profile-settings-for-client-side-ajax-browser-clients) - [Ory Kratos Bring-your-own-ui - Single-page application](https://www.ory.sh/docs/kratos/bring-your-own-ui/custom-ui-basic-integration#single-page-application)
f
@chilly-king-10285 I am using ory sdk for my nextjs app for login, registration and other authentication works. some of my pages needs logged in user and some of features needs to be logged in. If someone tries to visit those private pages and if he/she is not logged in then I am redirecting the user to login page and after login, ory redirects the user to homepage, but I want to redirect the user to that page where he/she wanted to visit. How can I achieve that?
b
A message from kapa.ai
To redirect a user back to the page they were trying to access before being redirected to the login page, you can use the 
return_to
query parameter when initializing a login or registration flow. This parameter should be set to the URL of the page the user was trying to access. Here's an example of how you can do this in a Next.js application:
Copy code
javascript import { Configuration, FrontendApi } from "@ory/client"; import { useRouter } from "next/router";  const ory = new FrontendApi(   new Configuration({     basePath: "<http://localhost:4000>", // Use your local Ory Tunnel URL     baseOptions: {       withCredentials: true, // we need to include cookies     },   }) );  export const Login = () => {   const router = useRouter();   const [searchParams] = useSearchParams();    useEffect(() => {     const returnTo = searchParams.get("return_to");      ory       .createBrowserLoginFlow({         returnTo: returnTo || "/", // redirect to the original path after login       })       .then(({ data: flow }) => {         // set the flow data       })       .catch((err) => {         // handle the error       });   }, []); };
In this example, 
returnTo
is the URL of the page the user was trying to access. If the user was not trying to access a specific page, they are redirected to the root path ("/") after login. Please note that the 
return_to
query parameter doesn't automatically persist across different flows and must be added to new flows. For example, if the user starts a login flow with 
return_to
URL set and then switches to a registration flow, the 
return_to
URL isn't used for the registration flow. In such a case, your application can re-use the same 
return_to
from the login flow by extracting the 
return_to
URL from the login flow's 
flow.return_to
and adding it to the registration flow. Sources: - [Ory Kratos Bring-your-own-ui - Advanced integration - Advanced redirects](https://www.ory.sh/docs/kratos/bring-your-own-ui/custom-ui-advanced-integration#advanced-redirects) - [Ory Getting-started - Integrate-auth - Integrate authentication into Next.js - Require login to access the home page](https://www.ory.sh/docs/getting-started/integrate-auth/nextjs#require-login-to-access-the-home-page)
f
@chilly-king-10285 I am getting this error If I try to start the flow with return to url: The return_to address is not allowed.
b
A message from kapa.ai
The error message "The return_to address is not allowed" typically occurs when the 
return_to
URL is not on the allow list. Ory uses an allow list to prevent Open Redirect Attacks by only allowing certain domains or paths on a domain. To fix this issue, you need to add the domain of your 
return_to
URL to the allow list in your Ory configuration. Here's an example of how to do this:
Copy code
yaml selfservice:   allowed_return_urls:     - <https://www.myapp.com/>
In this example, 
<https://www.myapp.com/>
is the domain that you want to allow. Replace this with the domain of your 
return_to
URL. Please note that you need to match the sub-domain and path exactly. For example, if you allow 
<https://sub.domain.myapp.com/only/path>
, other redirects using 
<http://myapp.com|myapp.com>
will fail. Sources: - [Ory Kratos Concepts - HTTP redirection configuration - Redirection](https://www.ory.sh/docs/kratos/concepts/browser-redirect-flow-completion#redirection) - [Ory Kratos Concepts - Browser redirects and flow completion](https://www.ory.sh/docs/concepts/redirects)
5 Views
Open in Slack
PreviousNext
Powered by