https://www.ory.sh/ logo
Join Slack
Powered by
<@U04UQ68083H> Can you build an identity schema an...
# ory-copilot
s
@chilly-king-10285 Can you build an identity schema and configuration where users register with email and password, verify their email, and then enable SMS-based MFA through a settings flow?
b
A message from kapa.ai
Yes, you can build an identity schema and configuration with those requirements. Here's how you can set it up: 1. Identity Schema: First, create an identity schema that includes both email and phone number fields:
Copy code
json
{
  "$id": "<https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json>",
  "$schema": "<http://json-schema.org/draft-07/schema#>",
  "title": "Person",
  "type": "object",
  "properties": {
    "traits": {
      "type": "object",
      "properties": {
        "email": {
          "type": "string",
          "format": "email",
          "title": "E-Mail",
          "<http://ory.sh/kratos|ory.sh/kratos>": {
            "credentials": {
              "password": {
                "identifier": true
              }
            },
            "verification": {
              "via": "email"
            },
            "recovery": {
              "via": "email"
            }
          }
        },
        "phone": {
          "type": "string",
          "format": "tel",
          "title": "Phone number",
          "<http://ory.sh/kratos|ory.sh/kratos>": {
            "credentials": {
              "code": {
                "identifier": true,
                "via": "sms"
              }
            }
          }
        }
      },
      "required": ["email"],
      "additionalProperties": false
    }
  }
}
This schema sets up email as the primary identifier for password login and verification, while also including a phone field for SMS-based MFA [Identity schema extensions](https://www.ory.sh/docs/kratos/manage-identities/customize-identity-schema#identity-schema-extensions). 2. Configuration: Next, update your Ory Identities configuration to enable email verification and SMS-based MFA:
Copy code
yaml
selfservice:
  methods:
    password:
      enabled: true
    code:
      enabled: true
      mfa_enabled: true

  flows:
    verification:
      enabled: true
      ui_url: <http://127.0.0.1:4455/verification>

    settings:
      enabled: true
      ui_url: <http://127.0.0.1:4455/settings>

courier:
  smtp:
    connection_uri: <smtps://username:password@smtp-server:1234/>
  channels:
    - id: sms
      request_config:
        url: "<https://your-sms-provider-url>"
        method: "POST"
        body: "Your SMS request body template"
This configuration enables password login, email verification, and SMS-based MFA [Account activation and email verification settings](https://www.ory.sh/docs/kratos/self-hosted/account-activation-email-verification). 3. Implementation: - Users will register with email and password. - After registration, they'll need to verify their email [Email and Phone Verification and Account Activation Documentation](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation). - Once verified, users can access the settings flow to add their phone number and enable SMS-based MFA [SMS and Email 2FA](https://www.ory.sh/docs/kratos/mfa/mfa-via-sms).
Yes, you can build an identity schema and configuration with those requirements. Here's how you can set it up: 1. Identity Schema: First, create an identity schema that includes both email and phone number fields:
Copy code
json {   "$id": "<https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json>",   "$schema": "<http://json-schema.org/draft-07/schema#>",   "title": "Person",   "type": "object",   "properties": {     "traits": {       "type": "object",       "properties": {         "email": {           "type": "string",           "format": "email",           "title": "E-Mail",           "<http://ory.sh/kratos|ory.sh/kratos>": {             "credentials": {               "password": {                 "identifier": true               }             },             "verification": {               "via": "email"             },             "recovery": {               "via": "email"             }           }         },         "phone": {           "type": "string",           "format": "tel",           "title": "Phone number",           "<http://ory.sh/kratos|ory.sh/kratos>": {             "credentials": {               "code": {                 "identifier": true,                 "via": "sms"               }             }           }         }       },       "required": ["email"],       "additionalProperties": false     }   } }
This schema sets up email as the primary identifier for password login and verification, while also including a phone field for SMS-based MFA [Identity schema extensions](https://www.ory.sh/docs/kratos/manage-identities/customize-identity-schema#identity-schema-extensions). 2. Configuration: Next, update your Ory Identities configuration to enable email verification and SMS-based MFA:
Copy code
yaml selfservice:   methods:     password:       enabled: true     code:       enabled: true       mfa_enabled: true    flows:     verification:       enabled: true       ui_url: <http://127.0.0.1:4455/verification>      settings:       enabled: true       ui_url: <http://127.0.0.1:4455/settings>  courier:   smtp:     connection_uri: <smtps://username:password@smtp-server:1234/>   channels:     - id: sms       request_config:         url: "<https://your-sms-provider-url>"         method: "POST"         body: "Your SMS request body template"
This configuration enables password login, email verification, and SMS-based MFA [Account activation and email verification settings](https://www.ory.sh/docs/kratos/self-hosted/account-activation-email-verification). 3. Implementation: - Users will register with email and password. - After registration, they'll need to verify their email [Email and Phone Verification and Account Activation Documentation](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation). - Once verified, users can access the settings flow to add their phone number and enable SMS-based MFA [SMS and Email 2FA](https://www.ory.sh/docs/kratos/mfa/mfa-via-sms). Remember to set up your SMTP server for email verification and an SMS provider for MFA [SMS delivery configuration](https://www.ory.sh/docs/kratos/emails-sms/sending-sms). This setup allows users to register with email and password, verify their email, and then optionally enable SMS-based MFA through the settings flow.
Open in Slack
PreviousNext
Powered by