Is there an API for creating/modifying OIDC providers integrated with Kratos? It seems like there was an issue to create this, but it was closed as completed? https://github.com/ory/kratos/issues/3119

It was automatically closed as stale. It’s not possible as far as I know, needs to be done through the kratos config file

That's my understanding as well

what I think could be a workaround is that Kratos watches the config file and will automatically reload config changes. You can see this when you’re running the quickstart with docker compose.. I think one way of doing it is to have some service update the config file on Kratos’s filesystem, which should be then picked up by Kratos.. You’d need to build the API though I guess

Yeah that seems like it could work, but would be incredibly janky. At that point I'd just fork kratos and create a config table in the database. Thanks though!

Hey, a bit late response but i think there are no plans to add such an API. As far as I know Ory Network (which offers this through the /projects API) uses a back office service that implements this.

@magnificent-energy-493 Thanks! I figured the network would need a better approach for true multitenancy. Do you use a single-instance of kratos to accomplish this or manage an array of different kratos instances with different configs? If this is too proprietary feel free to ignore!

each "project" in Ory Network is one deployment of all the Ory services (oathkeeper,kratos,keto,hydra) - so many instances with different configs

That makes a lot more sense given the way the services are built, thanks! I'm assuming they don't share users or databases, but do they share domains? I assume you need to provision individual domains for each?

uhm im not too firm on how it actually works, but everything runs at oryapis.com and users can assign a CNAME to each project (or multiple)