Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hi guys, :wave:

We have a backend application that needs to access admin endpoints to retrieve user data. Right now, we are using our personal accounts to be authenticated to get data from admin urls. (with user email + password)

Is there a way to retrieve data without setting up a user? What is the best way to do it?

Simple authenticate method we have
```    user_payload: dict[str, str] = {
      "identifier": admin_email,
      "password": admin_pwd,
      "method": "password",
      "csrf_token": csrf_token
    }

    # authorize current client
    await <http://self.client.post|self.client.post>(url=f"{self.url}/self-service/login?{flow}", data=user_payload)```

As I understand it, the Admin API (exposed on port 4434 by default) does not require any authentication, and is left to you to implement secure internal implementation (via nginx, or another proxy)

Thanks <@U0284GCRUCC> ! My point was more like `how-to get details of users from admin`. Admin urls are already public in the same network but to get details, we need a session. To have a session we need a user first? :slightly_smiling_face: