great-laptop-90610
07/24/2024, 11:53 AMchilly-king-10285
07/24/2024, 11:53 AMchilly-king-10285
07/24/2024, 11:53 AMDELETE /admin/identities/{id}
endpoint of the Ory API. This endpoint irrecoverably and permanently deletes the identity given its ID. This action cannot be undone. The endpoint returns 204 when the identity was deleted or when the identity was not found, in which case it is assumed that it has been deleted already. Here is an example of how to delete an identity using the Go SDK: go r, err = apiClient.IdentityApi.DeleteIdentity(context.Background(), getIdentity.Id).Execute() if err != nil { fmt.Fprintf(os.Stderr, "Error when calling `IdentityApi.DeleteIdentity``: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } fmt.Println("Successfully Removed identity")
Please note that the ID of the identity to be deleted is required. For more information, you can refer to the [Ory API Reference](https://www.ory.sh/docs/reference/api) and the [Kratos API Reference](https://www.ory.sh/docs/kratos/reference/api).great-laptop-90610
07/24/2024, 12:04 PMgreat-laptop-90610
07/24/2024, 12:04 PMchilly-king-10285
07/24/2024, 12:04 PMchilly-king-10285
07/24/2024, 12:05 PMjavascript import { Configuration, PublicApi, AdminApi } from "@ory/client" const kratosPublic = new PublicApi( new Configuration({ basePath: "<https://public.kratos:4433/>", }), ) const kratosAdmin = new AdminApi( new Configuration({ basePath: "<https://admin.kratos:4434/>", }), )
In this example, kratosPublic
is the instance for the public API and kratosAdmin
is the instance for the admin API. You can switch between them by using the respective instance for the operation you want to perform. Please note that you need to replace "<https://public.kratos:4433/>"
and "<https://admin.kratos:4434/>"
with the actual URLs of your public and admin APIs. For more information, you can refer to the [Ory Kratos JavaScript SDK documentation](https://www.ory.sh/docs/hydra/sdk/js). Remember to secure your admin API properly as it can perform sensitive operations. It's recommended to make the admin API inaccessible via the public internet by setting serve.admin.host
to 127.0.0.1
to ensure Ory Kratos is listening on the loopback interface. This is mentioned in the [Ory Kratos guide on deploying to production](https://www.ory.sh/docs/kratos/guides/deploy-kratos-example#run-ory-kratos-using-systemd).great-laptop-90610
07/24/2024, 12:05 PMchilly-king-10285
07/24/2024, 12:05 PMchilly-king-10285
07/24/2024, 12:05 PMgo package main import ( "<http://github.com/ory/kratos-client-go/client|github.com/ory/kratos-client-go/client>" "<http://github.com/ory/kratos-client-go/client/admin|github.com/ory/kratos-client-go/client/admin>" "<http://github.com/ory/kratos-client-go/client/public|github.com/ory/kratos-client-go/client/public>" ) func main() { // Create a new Kratos admin client adminClient := client.NewHTTPClientWithConfig(nil, &client.TransportConfig{ Host: "admin.kratos:4434", BasePath: "/", Schemes: []string{"https"}, }) // Create a new Kratos public client publicClient := client.NewHTTPClientWithConfig(nil, &client.TransportConfig{ Host: "public.kratos:4433", BasePath: "/", Schemes: []string{"https"}, }) // Now you can use adminClient and publicClient to make requests to the admin and public APIs respectively // For example, to list identities using the admin API: params := admin.NewListIdentitiesParams() adminClient.Admin.ListIdentities(params) // And to get a self-service registration flow with the public API: params := public.NewGetSelfServiceRegistrationFlowParams().WithID(flowID) publicClient.Public.GetSelfServiceRegistrationFlow(params) }
In this example, adminClient
is the instance for the admin API and publicClient
is the instance for the public API. You can switch between them by using the respective instance for the operation you want to perform. Please note that you need to replace "admin.kratos:4434"
and "public.kratos:4433"
with the actual URLs of your admin and public APIs. For more information, you can refer to the [Ory Kratos Go SDK documentation](https://www.ory.sh/docs/hydra/sdk/go). Remember to secure your admin API properly as it can perform sensitive operations. It's recommended to make the admin API inaccessible via the public internet by setting serve.admin.host
to 127.0.0.1
to ensure Ory Kratos is listening on the loopback interface. This is mentioned in the [Ory Kratos guide on deploying to production](https://www.ory.sh/docs/kratos/guides/deploy-kratos-example#run-ory-kratos-using-systemd).great-laptop-90610
07/24/2024, 12:13 PMchilly-king-10285
07/24/2024, 12:13 PMchilly-king-10285
07/24/2024, 12:13 PMOperationServers
property in the Ory Kratos Go SDK is used to specify different servers for different API operations. This can be useful when you have different endpoints for different operations, such as a separate endpoint for admin operations. Here's an example of how you might use it: go package main import ( "context" "<http://github.com/ory/kratos-client-go/client|github.com/ory/kratos-client-go/client>" "<http://github.com/ory/kratos-client-go/client/admin|github.com/ory/kratos-client-go/client/admin>" ) func main() { configuration := client.NewConfiguration() configuration.Servers = []client.ServerConfiguration{ { URL: "<http://127.0.0.1:4434>", // Kratos Admin API }, } apiClient := client.NewAPIClient(configuration) // Use OperationServers to specify a different server for a specific operation apiClient.Admin.ListIdentities.OperationServers = map[string]string{ "default": "<http://different.server:4434>", } // Now when you call ListIdentities, it will use the server specified in OperationServers _, _, err := apiClient.Admin.ListIdentities(context.Background(), &admin.ListIdentitiesParams{}) if err != nil { // handle error } }
In this example, we're setting a different server for the ListIdentities
operation. When we call ListIdentities
, it will use the server specified in OperationServers
instead of the default server specified in the configuration
. Please note that the OperationServers
property is not available in all SDKs. If you're using a different SDK, you might need to use a different method to specify different servers for different operations. For more information, you can refer to the [Ory Kratos Go SDK documentation](https://www.ory.sh/docs/kratos/self-hosted/go).great-laptop-90610
07/24/2024, 12:36 PMchilly-king-10285
07/24/2024, 12:36 PMchilly-king-10285
07/24/2024, 12:36 PMnginx location /admin { # Check for the presence of the 'X-Admin-API-Key' header if ($http_x_admin_api_key = "") { return 403; } # Check the value of the 'X-Admin-API-Key' header if ($http_x_admin_api_key != "your-api-key") { return 403; } proxy_pass <http://admin_api>; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }
In this example, Nginx checks for the presence of the 'X-Admin-API-Key' header and its value. If the header is not present or the value is not correct, Nginx returns a 403 response, preventing the request from reaching your Admin API. Please replace "your-api-key"
with your actual API key. This is just an example and the actual implementation may vary depending on your specific requirements and the reverse proxy you are using. For more information, you can refer to the [Ory Hydra guide on deploying to production](https://www.ory.sh/docs/hydra/self-hosted/deploy-hydra-example#install-and-configure-nginx) and the [Ory Kratos guide on deploying to production](https://www.ory.sh/docs/kratos/guides/deploy-kratos-example#install-and-configure-nginx).great-laptop-90610
07/24/2024, 1:22 PMchilly-king-10285
07/24/2024, 1:22 PMchilly-king-10285
07/24/2024, 1:23 PMinactive
. Here is an example of how to do this using the Ory SDK in JavaScript: javascript import { Configuration, IdentityApi } from "@ory/client" import { JsonPatchOpEnum } from "@ory/client/api" const identity = new IdentityApi( new Configuration({ basePath: `https://${process.env.ORY_PROJECT_SLUG}.<http://projects.oryapis.com|projects.oryapis.com>`, accessToken: process.env.ORY_API_KEY, }), ) export async function setState( identityId: string, state: "active" | "inactive", ) { return await identity .patchIdentity({ id: identityId, jsonPatch: [ { op: JsonPatchOpEnum.Replace, value: state, path: "/state", }, ], }) .then(({ data }) => data) }
And here is how to do it in Go: go package identity import ( "context" "fmt" "os" client "<http://github.com/ory/client-go|github.com/ory/client-go>" ) var authed = context.WithValue(context.Background(), client.ContextAccessToken, os.Getenv("ORY_API_KEY")) func init() { cfg := client.NewConfiguration() cfg.Servers = client.ServerConfigurations{ {URL: fmt.Sprintf("<https://%s.projects.oryapis.com>", os.Getenv("ORY_PROJECT_SLUG"))}, } ory = client.NewAPIClient(cfg) } func setState(identityId string, state string) (err error) { _, _, err = ory.IdentityApi. PatchIdentity(authed, identityId). JsonPatch([]client.JsonPatch{{Op: "replace", Path: "/state", Value: state}}).Execute() return err }
In both examples, you need to replace identityId
with the ID of the identity you want to disable, and state
with "inactive"
. For more information, you can refer to the [Ory documentation on changing the identity state](https://www.ory.sh/docs/identities/model/activate-deactivate-user-login-state).