This block of code appears after a successful login or registration in Ory's authentication flow. Let me explain what it means: The

continue_with

array contains actions that should be taken after the successful completion of the login or registration process. In this specific case, there's one action: 1. `"action": "set_ory_session_token"`: This indicates that a session token has been issued. 2. `"ory_session_token": "ory_st_t7CldrqQokKLLn0JSmc0sdDsXDzyc8G1"`: This is the actual session token that has been generated for the user. This block essentially means that the application should use this token for authenticated requests going forward. The session token represents the user's authenticated session. According to the [Ory API Reference](https://www.ory.sh/docs/reference/api), this action is described as: "Indicates that a session was issued, and the application should use this token for authenticated requests" In practical terms, your application should store this session token securely (usually in a cookie or local storage) and include it in the headers of subsequent API requests to authenticate the user.

Based on the information provided in the knowledge sources, I can offer some insights into the "The session is not active" error you're encountering. This error typically occurs when trying to access a protected resource or endpoint with an invalid or expired session. Let's explore some possible reasons and solutions: 1. Session Expiration: Sessions in Ory have an expiration time. If your session has expired, you'll receive this error. You can check the

expires_at

field in the session object to see when it's set to expire. 2. Invalid Session Token: Ensure that you're sending the correct session token with your requests. The session token should be included in the

Cookie

header for browser-based applications or as a bearer token in the

Authorization

header for non-browser applications. 3. Session Validation: To check if your session is still valid, you can use the

/sessions/whoami

endpoint. This endpoint authenticates users by checking the session cookie or token. Here's how you can validate your session:

go
session, _, err := ory.FrontendAPI.ToSession(request.Context()).Cookie(cookies).Execute()
if err != nil || (err == nil && !*session.Active) {
    // Session is not active
    // Redirect to login or handle the error
}

[Ory API Reference](https://www.ory.sh/docs/reference/api) provides more details on the

toSession

method. 4. Multiple Cookies: If you're sending multiple cookies, make sure they are properly formatted. According to a GitHub issue discussion, Ory server only splits multiple cookies sent in the Cookie HTTP header if they are terminated with ";". This might be causing issues if your cookies are not properly formatted. [GitHub Issue Discussion](https://github.com/ory/network/issues/36) 5. Session Middleware: If you're using session middleware, ensure it's correctly implemented. Here's an example of how it should look:

go
func (app *App) sessionMiddleware(next http.HandlerFunc) http.HandlerFunc {
    return func(writer http.ResponseWriter, request *http.Request) {
        cookies := request.Header.Get("Cookie")
        session, _, err := app.ory.FrontendAPI.ToSession(request.Context()).Cookie(cookies).Execute()
        if err != nil || (err == nil && !*session.Active) {
            http.Redirect(writer, request, "/.ory/self-service/login/browser", http.StatusSeeOther)
            return
        }
        // Continue to the next handler
        next.ServeHTTP(writer, request.WithContext(ctx))
    }
}

[Ory Docs: Integrate authentication into Go](https://www.ory.sh/docs/getting-started/integrate-auth/go#validate-and-login) To determine if the error is on your side or Ory's side, I recommend: 1. Double-check your implementation against the Ory documentation. 2. Verify that you're sending the correct session token or cookie. 3. Use the

/sessions/whoami

endpoint to debug and see detailed information about your session status.

Based on the information provided in the knowledge sources, I can offer some insights into the "The session is not active" error you're encountering. This error typically occurs when trying to access a protected resource or endpoint with an invalid or expired session. Let's explore some possible reasons and solutions: 1. Session Expiration: Sessions in Ory have an expiration time. If your session has expired, you'll receive this error. You can check the

expires_at

field in the session object to see when it's set to expire. 2. Invalid Session Token: Ensure that you're sending the correct session token with your requests. The session token should be included in the

Cookie

header for browser-based applications or as a bearer token in the

Authorization

header for non-browser applications. 3. Session Validation: To check if your session is still valid, you can use the

/sessions/whoami

endpoint. This endpoint authenticates users by checking the session cookie or token. Here's how you can validate your session:

go session, _, err := ory.FrontendAPI.ToSession(request.Context()).Cookie(cookies).Execute() if err != nil || (err == nil && !*session.Active) {     // Session is not active     // Redirect to login or handle the error }

[Ory API Reference](https://www.ory.sh/docs/reference/api) provides more details on the

toSession

method. 4. Multiple Cookies: If you're sending multiple cookies, make sure they are properly formatted. According to a GitHub issue discussion, Ory server only splits multiple cookies sent in the Cookie HTTP header if they are terminated with ";". This might be causing issues if your cookies are not properly formatted. [GitHub Issue Discussion](https://github.com/ory/network/issues/36) 5. Session Middleware: If you're using session middleware, ensure it's correctly implemented. Here's an example of how it should look:

go func (app *App) sessionMiddleware(next http.HandlerFunc) http.HandlerFunc {     return func(writer http.ResponseWriter, request *http.Request) {         cookies := request.Header.Get("Cookie")         session, _, err := app.ory.FrontendAPI.ToSession(request.Context()).Cookie(cookies).Execute()         if err != nil || (err == nil && !*session.Active) {             http.Redirect(writer, request, "/.ory/self-service/login/browser", http.StatusSeeOther)             return         }         // Continue to the next handler         next.ServeHTTP(writer, request.WithContext(ctx))     } }

[Ory Docs: Integrate authentication into Go](https://www.ory.sh/docs/getting-started/integrate-auth/go#validate-and-login) To determine if the error is on your side or Ory's side, I recommend: 1. Double-check your implementation against the Ory documentation. 2. Verify that you're sending the correct session token or cookie. 3. Use the

/sessions/whoami

endpoint to debug and see detailed information about your session status. If after these checks you're still encountering issues, it might be worth reaching out to Ory support for further assistance.

I'll explain how to set up code verification with both phone and email in Ory Kratos, and how to generate the verification flow when you already have Plivo set up as your SMS carrier. ## Email and Phone Verification Setup ### 1. Configure Verification Flow First, you need to configure the verification flow in your Ory configuration:

yaml selfservice:   methods:     code:       enabled: true       config:         lifespan: 15m      flows:     verification:       use: code  # Use code method instead of link       enabled: true       lifespan: 15m       notify_unknown_recipients: false

[Address verification](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation) ### 2. Update Identity Schema Make sure your identity schema has both email and phone marked as verifiable:

json {   "$id": "<https://schemas.ory.sh/presets/kratos/quickstart/phone-password/identity.schema.json>",   "$schema": "<http://json-schema.org/draft-07/schema#>",   "title": "Person",   "type": "object",   "properties": {     "traits": {       "type": "object",       "properties": {         "email": {           "type": "string",           "title": "E-Mail",           "format": "email",           "<http://ory.sh/kratos|ory.sh/kratos>": {             "credentials": {               "password": {                 "identifier": true               }             },             "verification": {               "via": "email"             }           }         },         "phone": {           "type": "string",           "title": "Phone number",           "format": "tel",           "<http://ory.sh/kratos|ory.sh/kratos>": {             "verification": {               "via": "sms"             }           }         }       },       "additionalProperties": false     }   } }

[Phone number verification](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation#phone-number-verification) ### 3. Configure SMS Channel (Plivo) Since you already have Plivo set up, ensure your SMS channel configuration is properly set in your Ory configuration:

yaml courier:   channels:     - id: sms       type: http       request_config:         url: <https://api.plivo.com/v1/Account/YOUR_ACCOUNT_ID/Message/>         method: POST         body: <base64://ZnVuY3Rpb24oY3R4KSB7CiAgc3JjOiAiWU9VUl9QTElWT19QSE9ORV9OVU1CRVIiLAogIGRzdDogY3R4LnJlY2lwaWVudCwKICB0ZXh0OiBjdHguYm9keSwKfQ>==         headers:           Content-Type: application/json         auth:           type: basic_auth           config:             user: YOUR_PLIVO_AUTH_ID             password: YOUR_PLIVO_AUTH_TOKEN

The base64 encoded body decodes to a Jsonnet template like:

function(ctx) {   src: "YOUR_PLIVO_PHONE_NUMBER",   dst: ctx.recipient,   text: ctx.body, }

[Send SMS to your users](https://www.ory.sh/docs/kratos/emails-sms/sending-sms) ## Generating Verification Flows ### For Email Verification #### 1. Create a verification flow:

bash curl -H 'Content-Type: application/json' \     -H 'Accept: application/json' \     -c cookies.txt \     <https://YOUR_PROJECT_SLUG.projects.oryapis.com/self-service/verification/browser>

For API clients:

bash curl -H 'Content-Type: application/json' \     -H 'Accept: application/json' \     <https://YOUR_PROJECT_SLUG.projects.oryapis.com/self-service/verification/api>

[Verification flow](https://www.ory.sh/docs/kratos/bring-your-own-ui/custom-ui-basic-integration#verification-flow) #### 2. Submit the verification flow with email:

bash curl -X POST \     -H 'Content-Type: application/json' \     -H 'Accept: application/json' \     -d '{"method":"code","email":"<mailto:user@example.com|user@example.com>"}' \     "<https://YOUR_PROJECT_SLUG.projects.oryapis.com/self-service/verification?flow=YOUR_FLOW_ID>"

### For Phone Verification The process is similar to email verification, but you'll use the phone number instead:

bash curl -X POST \     -H 'Content-Type: application/json' \     -H 'Accept: application/json' \     -d '{"method":"code","phone":"+1234567890"}' \     "<https://YOUR_PROJECT_SLUG.projects.oryapis.com/self-service/verification?flow=YOUR_FLOW_ID>"

### Submitting the Verification Code Once the user receives the code via email or SMS, submit it:

bash curl -X POST \     -H 'Content-Type: application/json' \     -H 'Accept: application/json' \     -d '{"method":"code","code":"123456"}' \     "<https://YOUR_PROJECT_SLUG.projects.oryapis.com/self-service/verification?flow=YOUR_FLOW_ID>"

[Submit verification flow](https://www.ory.sh/docs/kratos/bring-your-own-ui/custom-ui-basic-integration#submit-verification-flow) ## Important Notes 1. Only one verification method can be enabled at a time. The

code

method is enabled by default in new Ory Network projects. 2. There's a known issue where when signing up with SMS code (OTP), a verification email might be sent automatically. This is documented in a GitHub issue [Phone+email schema: verification email is sent when signed up with SMS code](https://github.com/ory/kratos/issues/4161). 3. For phone verification to work properly, ensure your identity schema correctly marks the phone trait as verifiable with

"via": "sms"

. 4. The verification flow state machine progresses from

choose_method

to

sent_email

(or sent SMS) to

passed_challenge

when successful. If you encounter any issues with the verification flow, check the response from the API calls for specific error messages that can help diagnose the problem.

I'll provide you with the specific APIs needed for the verification flow process with SMS codes in Ory Kratos. ## 1. Initiate the Verification Flow For API clients (like mobile apps), use:

GET /self-service/verification/api

Example:

bash curl -X GET \   -H 'Accept: application/json' \   "<https://YOUR_PROJECT_SLUG.projects.oryapis.com/self-service/verification/api>"

This will return a flow object with an ID that you'll need for the next steps. [Ory API Reference](https://www.ory.sh/docs/reference/api) ## 2. Send the SMS Code Use the

updateVerificationFlow

API to send the verification code via SMS:

POST /self-service/verification

Example:

bash curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","email":"<mailto:user@example.com|user@example.com>"}' \   "<https://YOUR_PROJECT_SLUG.projects.oryapis.com/self-service/verification?flow=YOUR_FLOW_ID>"

For phone verification, replace the email with phone:

bash curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","phone":"+1234567890"}' \   "<https://YOUR_PROJECT_SLUG.projects.oryapis.com/self-service/verification?flow=YOUR_FLOW_ID>"

[Submit verification flow](https://www.ory.sh/docs/kratos/bring-your-own-ui/custom-ui-basic-integration#submit-verification-flow) ## 3. Verify the Code After the user receives the code, use the same API endpoint to verify it:

POST /self-service/verification

Example:

bash curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","code":"123456"}' \   "<https://YOUR_PROJECT_SLUG.projects.oryapis.com/self-service/verification?flow=YOUR_FLOW_ID>"

If you're using the TypeScript SDK, here's how you would implement it:

typescript import {     Configuration,     FrontendApi,     UpdateVerificationFlowBody,   } from "@ory/client"      const frontend = new FrontendApi(     new Configuration({       basePath: `https://${process.env.ORY_PROJECT_SLUG}.<http://projects.oryapis.com|projects.oryapis.com>`,     }),   )      export async function submitVerification(     id: string,     body: UpdateVerificationFlowBody,   ) {     return await frontend.updateVerificationFlow({       flow: id,       updateVerificationFlowBody: body,     })   }

[Submit verification flow](https://www.ory.sh/docs/kratos/bring-your-own-ui/custom-ui-basic-integration#submit-verification-flow) The flow typically progresses through these states: 1.

choose_method

- Initial state 2.

sent_email

(or sent SMS) - After sending the code 3.

passed_challenge

- After successful verification Make sure your identity schema has the phone trait properly configured with

"via": "sms"

for SMS verification to work correctly.

I see the issue with your verification flow request. The problem is that you're trying to use phone verification, but the API is expecting an email parameter instead. Let me explain what's happening and how to fix it. ## The Issue Your curl command is sending a

phone

parameter, but the error message indicates that the API is expecting an

email

parameter:

"messages":[{"id":4000002,"text":"Property email is missing.","type":"error","context":{"property":"email"}}]

This suggests that either: 1. Your identity schema doesn't have phone verification properly configured 2. The verification flow is currently set up for email verification only ## How to Fix It ### 1. Check Your Identity Schema Make sure your identity schema has the phone trait properly configured with `"via": "sms"`:

json "phone": {   "type": "string",   "title": "Phone number",   "format": "tel",   "<http://ory.sh/kratos|ory.sh/kratos>": {     "verification": {       "via": "sms"     }   } }

[Phone number verification](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation#phone-number-verification) ### 2. Correct API Request Format For phone verification, the correct format should be:

bash curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","email":""}' \   "<http://localhost:4433/self-service/verification?flow=YOUR_FLOW_ID>"

Notice that you still need to include the

email

parameter (even if empty) because the API is expecting it based on the error message. ### 3. Alternative Approach If you've configured SMS verification correctly, you might need to try a different approach:

bash curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","to":"+919145278388"}' \   "<http://localhost:4433/self-service/verification?flow=YOUR_FLOW_ID>"

### 4. Check SMS Configuration Also ensure that your SMS channel (Plivo) is properly configured in your Ory configuration:

yaml courier:   channels:     - id: sms       type: http       request_config:         url: <https://api.plivo.com/v1/Account/YOUR_ACCOUNT_ID/Message/>         method: POST         # Configure the body appropriately for Plivo

[Send SMS to your users](https://www.ory.sh/docs/kratos/emails-sms/sending-sms) ### 5. Format Issue There's also a format issue in your phone number parameter. You're using

"phone":"<tel:+919145278388|+919145278388>"

which contains HTML-like formatting. It should simply be

"phone":"+919145278388"

. If you continue to have issues, you might want to check the Kratos logs for more detailed error messages that could help identify the specific problem.

I see the issue with your verification flow request. There are a couple of problems with your API call: 1. You're using

"to"

parameter, but according to the API documentation, this is incorrect. The API expects

"email"

parameter even for phone verification. 2. The phone number format is incorrect. You're using

"<tel:+919145278388|+919145278388>"

which contains HTML-like formatting. 3. The error message indicates that the

"method"

value is causing an issue, even though you're using

"code"

which should be valid. Here's how to fix your request:

bash curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","email":"+919145278388"}' \   "<http://localhost:4433/self-service/verification?flow=69c843fe-0e8f-414c-b3df-a5eb40f72cb4>"

According to the [Ory API Reference](https://www.ory.sh/docs/reference/api), the

updateVerificationFlow

endpoint requires the following parameters: 1. `method`: Must be one of

"link"

or

"code"

(you have this correct) 2. `email`: This is required even for phone verification 3. `csrf_token`: For browser flows (not needed for API flows) The error message

"Property email is missing"

with error code

4000002

indicates that the required

email

property is missing from your request [Property is missing error](https://www.ory.sh/docs/kratos/concepts/ui-messages#property-property-is-missing-4000002). If you're specifically trying to do phone verification, make sure: 1. Your identity schema has phone verification properly configured with

"via": "sms"

2. You have configured an SMS channel in your Ory configuration 3. You're using the correct parameter format in your API call If you continue to have issues, check your Kratos logs for more detailed error messages.

I see the issue with your verification flow request. There are several problems: 1. The error message shows that the system is expecting an email format, but you're providing a phone number:

"+919145278388" is not valid "email"

. 2. The phone number format is incorrect. You're using

"<tel:+919145278388|+919145278388>"

which contains HTML-like formatting. 3. There's also an error with the method value:

"value must be one of "code", "link""

Based on the [Ory documentation for phone verification](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation#phone-number-verification), it appears that your system is not properly configured for phone verification. Here's what you need to check: 1. Make sure your identity schema has the phone trait properly configured with `"via": "sms"`:

json "phone": {   "type": "string",   "title": "Phone number",   "format": "tel",   "<http://ory.sh/kratos|ory.sh/kratos>": {     "verification": {       "via": "sms"     }   } }

2. Ensure you have configured an SMS channel in your Ory configuration:

yaml courier:   channels:     - id: sms       type: http       request_config:         url: <https://api.plivo.com/v1/Account/YOUR_ACCOUNT_ID/Message/>         method: POST         # Configure the body appropriately for Plivo

3. For the API call, try using a proper email address since the system is expecting an email format:

bash curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","email":"<mailto:user@example.com|user@example.com>"}' \   "<http://localhost:4433/self-service/verification?flow=YOUR_FLOW_ID>"

The error messages suggest that your Ory instance is currently configured for email verification only, not phone verification. You'll need to update your configuration to support phone verification as described in the [documentation](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation#phone-number-verification).

I understand you want to verify a phone number specifically. Based on the documentation and your previous attempts, here's the proper request for phone number verification in Ory Kratos: First, ensure your identity schema has phone verification properly configured:

json "phone": {   "type": "string",   "format": "tel",   "<http://ory.sh/kratos|ory.sh/kratos>": {     "verification": {       "via": "sms"     }   } }

Then, to initiate phone verification, follow these steps: 1. Create a verification flow:

bash curl -X GET \   -H 'Accept: application/json' \   "<http://localhost:4433/self-service/verification/api>"

2. Submit the verification flow with the phone number:

bash curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","email":"","phone":"+919145278388"}' \   "<http://localhost:4433/self-service/verification?flow=YOUR_FLOW_ID>"

Note: The

phone

parameter is used for phone verification, but you may still need to include an empty

email

parameter as the API seems to expect it based on your previous attempts. 3. After receiving the code via SMS, verify it:

bash curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","code":"123456"}' \   "<http://localhost:4433/self-service/verification?flow=YOUR_FLOW_ID>"

If you continue to have issues, it's likely that your Ory instance isn't properly configured for phone verification. Make sure you have: 1. Configured the SMS channel in your Ory configuration 2. Properly set up your identity schema for phone verification 3. Enabled the verification flow in your configuration [Phone number verification](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation#phone-number-verification)

I can see from your API responses that your Ory Kratos instance is currently only configured for email verification, not phone verification. The UI nodes in the response only show an input field for email, and when you try to include a phone parameter, it's still expecting an email. Here's what's happening: 1. The verification flow API returns a form with only an email field 2. When you try to submit with a phone number, you get the error:

"Property email is missing."

This indicates that your Ory instance isn't properly configured for phone verification. Here's what you need to do: ## 1. Update Your Identity Schema Make sure your identity schema has the phone trait properly configured with `"via": "sms"`:

json "phone": {   "type": "string",   "format": "tel",   "<http://ory.sh/kratos|ory.sh/kratos>": {     "verification": {       "via": "sms"     }   } }

[Phone number verification](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation#phone-number-verification) ## 2. Configure SMS Channel Ensure you have configured an SMS channel in your Ory configuration:

yaml courier:   channels:     - id: sms       type: http       request_config:         url: <https://api.plivo.com/v1/Account/YOUR_ACCOUNT_ID/Message/>         method: POST         # Configure the body appropriately for Plivo

[Send SMS to your users](https://www.ory.sh/docs/kratos/emails-sms/sending-sms) ## 3. Try Again with Email Verification First Since your system is currently only set up for email verification, try that first to make sure the verification flow works:

bash curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","email":"<mailto:your-email@example.com|your-email@example.com>"}' \   "<http://localhost:4433/self-service/verification?flow=YOUR_FLOW_ID>"

Once you've confirmed that works, update your configuration for phone verification. ## 4. Fix Phone Number Format Also, your phone number format is incorrect. You're using

"<tel:+919145278388|+919145278388>"

which contains HTML-like formatting. It should simply be

"+919145278388"

. After making these changes, restart your Ory Kratos instance and try again with the proper phone verification request.

I can see that your email verification flow is working correctly. The system has sent a verification code to the email address you provided, and the response shows that the state has changed to

"state":"sent_email"

. However, there are a couple of issues with your request: 1. The email format is incorrect. You're using

"<mailto:dhanesh@marchtee.com|dhanesh@marchtee.com>"

which contains HTML-like formatting. It should simply be

"<mailto:dhanesh@marchtee.com|dhanesh@marchtee.com>"

. 2. For SMS verification, your Ory Kratos instance doesn't appear to be properly configured. Based on the documentation and your previous attempts, here's what you need to check: ## Fixing SMS Verification 1. Check your identity schema: Make sure your identity schema has the phone trait properly configured with `"via": "sms"`:

json "phone": {   "type": "string",   "format": "tel",   "<http://ory.sh/kratos|ory.sh/kratos>": {     "verification": {       "via": "sms"     }   } }

[Phone number verification](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation#phone-number-verification) 2. Configure SMS channel: Ensure you have configured an SMS channel in your Ory configuration:

yaml courier:   channels:     - id: sms       type: http       request_config:         url: <https://api.plivo.com/v1/Account/YOUR_ACCOUNT_ID/Message/>         method: POST         # Configure the body appropriately for Plivo

[Send SMS to your users](https://www.ory.sh/docs/kratos/emails-sms/sending-sms) 3. Restart Kratos: After making these configuration changes, restart your Ory Kratos instance. 4. Try the verification flow again: Use the correct phone number format:

bash curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","phone":"+919145278388"}' \   "<http://localhost:4433/self-service/verification?flow=YOUR_NEW_FLOW_ID>"

If you're still having issues, check the Kratos logs for more detailed error messages. The fact that email verification is working but SMS verification isn't suggests that there's a configuration issue specifically with the SMS setup.

I've reviewed your identity schema JSON, and there are a few formatting issues that need to be fixed: 1. The URLs in your schema contain HTML-like formatting with angle brackets and pipe symbols, which is incorrect. For example: -

<http://ory.sh/kratos|ory.sh/kratos>

should be

<http://ory.sh/kratos|ory.sh/kratos>

-

<https://schemas.ory.sh/presets/kratos/identity.custom.schema.json>

should be

<https://schemas.ory.sh/presets/kratos/identity.custom.schema.json>

2. The schema itself looks functionally correct for supporting both email and phone verification, but the formatting issues might prevent it from working properly. Here's the corrected version:

json {   "$id": "<https://schemas.ory.sh/presets/kratos/identity.custom.schema.json>",   "$schema": "<http://json-schema.org/draft-07/schema#>",   "title": "Person",   "type": "object",   "properties": {     "traits": {       "type": "object",       "properties": {         "email": {           "type": "string",           "format": "email",           "title": "E-Mail",           "<http://ory.sh/kratos|ory.sh/kratos>": {             "credentials": {               "password": {                 "identifier": true               },               "webauthn": {                 "identifier": true               },               "totp": {                 "account_name": true               },               "code": {                 "identifier": true,                 "via": "email"               },               "passkey": {                 "display_name": true               }             },             "verification": {               "via": "email"             },             "recovery": {               "via": "email"             }           },           "maxLength": 320         },         "phone": {           "type": "string",           "format": "tel",           "title": "Phone Number",           "<http://ory.sh/kratos|ory.sh/kratos>": {             "credentials": {               "code": {                 "identifier": true,                 "via": "sms"               }             },             "verification": {               "via": "sms"             }           }         },         "name": {           "type": "object",           "properties": {             "first": {               "type": "string",               "title": "First Name"             },             "last": {               "type": "string",               "title": "Last Name"             }           }         }       },       "required": [         "email",         "phone"       ],       "additionalProperties": false     }   } }

The schema correctly configures: - Email for password login, webauthn, TOTP, email code, and passkey - Email for verification and recovery - Phone for SMS code login - Phone for SMS verification This should work for both email and phone verification as you intended, once the formatting issues are fixed.

I understand your frustration. You're right that the changes I suggested were primarily formatting-related and might not address the core issue you're experiencing with phone verification. Based on the knowledge sources and our conversation, there appears to be a known issue with phone verification in Ory Kratos. According to [GitHub issue #406](https://github.com/ory/network/issues/406), users have reported difficulties with phone verification where the verification flow doesn't provide the expected

continue_with

response for verification. A user in that issue commented: > "We're able to verify the phone number now, it's not ideal, but we do it via the

login_flow

." They also mentioned that specifying the

via

parameter was causing problems after some changes in Kratos v1.3.0:

We need to not specify the `via` parameter now, if we pass the `via: phone` then it throws `Cannot login with unverified address`

You might want to try this workaround - using the login flow with AAL2 instead of the verification flow:

bash curl -X GET \   -H 'Accept: application/json' \   "<http://localhost:4433/self-service/login/api?aal=aal2>"

Then follow up with your login credentials without specifying the

via

parameter. If this doesn't work, you might need to check your Ory Kratos configuration to ensure: 1. The SMS courier channel is properly configured 2. The verification flow is enabled for SMS 3. Your identity schema is correctly formatted (without the HTML-like formatting) If you continue to experience issues, it might be worth opening a support ticket with Ory or contributing to the existing GitHub issue.

I understand you're specifically asking about the verification flow for phone numbers in Ory Kratos. Let me focus on the core issue based on the knowledge sources. There appears to be a known issue with phone verification in Ory Kratos. According to the documentation and GitHub issues, there are some specific behaviors and potential issues with phone verification: 1. According to [GitHub issue #4161](https://github.com/ory/kratos/issues/4161), there's a bug where when signing up with SMS code (OTP), a verification email might be sent automatically. 2. From [GitHub issue #406](https://github.com/ory/network/issues/406), users have reported that the verification flow doesn't provide the expected

continue_with

response for phone verification. For the proper verification flow with phone numbers, here's what should work:

bash # 1. Create a verification flow curl -X GET \   -H 'Accept: application/json' \   "<http://localhost:4433/self-service/verification/api>"  # 2. Submit the verification flow with phone number curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","phone":"+919145278388"}' \   "<http://localhost:4433/self-service/verification?flow=YOUR_FLOW_ID>"  # 3. After receiving the code via SMS, verify it curl -X POST \   -H 'Content-Type: application/json' \   -H 'Accept: application/json' \   -d '{"method":"code","code":"123456"}' \   "<http://localhost:4433/self-service/verification?flow=YOUR_FLOW_ID>"

Make sure your identity schema has the phone trait properly configured with

"via": "sms"

and that you have configured an SMS channel in your Ory configuration. If you're still experiencing issues, it might be related to the known bugs in the current implementation of phone verification in Ory Kratos.