https://www.ory.sh/ logo
Join Slack
Powered by
anyone help this
# talk-kratos
m
anyone help this
p
Hi @magnificent-noon-17550 A bad request could be multiple things: 1. CSRF Cookie is not sent (in header as cookie) 2. CSRF token is not sent (in body as hidden input field) 3. Missing field (traits.x is missing from the body)
m
whether we need to send CSRF cookie in header?
p
There are 2 CSRF tokens
on initial request it sets a CSRF cookie
and inside json response is a UI node with a csrf token
m
i didntt get csrf cookie
i get csrf token in node
please check i use following code as init registration
<?php require_once(DIR . '/vendor4/autoload.php'); $config = Ory\Kratos\Client\Configuration::getDefaultConfiguration()->setHost('http://auth.lambdadigital.co.in:4433'); $apiInstance = new Ory\Kratos\Client\Api\V0alpha2Api( // If you want use custom http client, pass your client which implements 
GuzzleHttp\ClientInterface
. // This is optional, 
GuzzleHttp\Client
will be used as default. new GuzzleHttp\Client(), $config ); $returnTo = 'http://auth.lambdadigital.co.in:10444/oryserver/user-registration.php'; // string | The URL to return the browser to after the flow was completed. try { $result = $apiInstance->initializeSelfServiceRegistrationFlowForBrowsers(); print_r($result); } catch (Exception $e) { echo 'Exception when calling V0alpha2Api->initializeSelfServiceRegistrationFlowForBrowsers: ', $e->getMessage(), PHP_EOL; }
then i send this <?php require_once(DIR . '/vendor4/autoload.php'); $config = Ory\Kratos\Client\Configuration::getDefaultConfiguration()->setHost('http://auth.lambdadigital.co.in:4433'); $apiInstance = new Ory\Kratos\Client\Api\V0alpha2Api( // If you want use custom http client, pass your client which implements 
GuzzleHttp\ClientInterface
. // This is optional, 
GuzzleHttp\Client
will be used as default. new GuzzleHttp\Client(), $config ); //$flow = 'c6af0070-50d6-495f-930e-be79f44d8341 '; // string | The Registration Flow ID The value for this parameter comes from 
flow
URL Query parameter sent to your application (e.g. 
/registration?flow=abcde
). $arr = array ( "traits"=>array( "email"=>"alaghusun290@gmail.com", "name"=>array( "last"=>"alaghu", "first"=>"sundar", )) ); print_r( $arr); $arrayVariable = array( "method" => "password", "csrf_token" => "Gftxl++5eqIlAxqeufAI2i7eUWXlWmKg4NWadFrDpbAHWOH3+lP+5sRLIK0se7V2Tb+KM40drh9TEhvlu8dNAw==", "password"=> "Alaghu987", "traits"=> $arr, ); print_r($arrayVariable); $flow = '4b51dd4b-2bd4-4f86-83d1-4bae54d204e1'; $submitSelfServiceLoginFlowBody = new \Ory\Kratos\Client\Model\SubmitSelfServiceRegistrationFlowBody($arrayVariable); // \Ory\Kratos\Client\Model\SubmitSelfServiceLoginFlowBody $xSessionToken = 'xSessionToken_example'; // string | The Session Token of the Identity performing the settings flow. $cookie = ''; // string | HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected. try { $result = $apiInstance->submitSelfServiceRegistrationFlow($flow, $submitSelfServiceLoginFlowBody ); print_r($result); } catch (Exception $e) { echo 'Exception when calling V0alpha2Api->submitSelfServiceLoginFlow: ', $e->getMessage(), PHP_EOL; }
p
where are you including the headers?
when you do an initial request you need to copy over the headers to the following requests
m
how we do that
i just copy csrf token and flow id
p
another option is to do browser redirect flows 1. initialize the request by calling kratos directly 
/selfservice/registration/browser
2. this redirects back to your php server with a flowID, PHP extracts the flowID, gets the nodes and renders the UI 3. the UI posts back all the UI nodes in an HTML form to kratos directly
the browser will handle the cookies
m
in /selfservice/registration/browser how we call this
i already define kratos.yml
p
m
still didnt understand which php sdk support this
i use initializeSelfServiceRegistrationFlowForBrowsers and getSelfServiceRegistrationFlow
p
the sdk doesn't do everything for you, you still need to wire up some of the things yourself since it depends on your use case.
m
okay i check this
now selfservice working. If we want different client . How we configure kratos.xml
p
Hi @magnificent-noon-17550 Different client as in another domain? or just another app (SPA, native etc) on the same domain?
could you elaborate a bit?
m
we configure kratos.yml for one project. By using selfservice. It working fine. If i want another project using same kratos. How it possible
p
if you have another browser redirect app, then you would need to: 1. run another instance of kratos on the same database but different selfservice redirect URLs 2. use relative urls e.g. 
/login
, 
/register
etc. But I think the base URL might not be relative (i would need to confirm with that) 3. use Ory Cloud
@magnificent-energy-493 do relative URLs work for such a scenario in Kratos selfservice? I think the baseURL always needs to be set, but using say a relative login URL might use the origin host e.g. my app is running on 
<https://example.com>
and another is on 
<https://example.org>
so the hostname here will be used as the return URL + the path 
/login
/ 
/register
Open in Slack
PreviousNext
Powered by