https://www.ory.sh/ logo
Join Slack
Powered by
hey everyone. Are there any docs, or guidance or s...
# general
h
hey everyone. Are there any docs, or guidance or something on how I can build kratos into my backend app (golang http api). so kinda forwarding i guess, sessions or something from my nextjs frontend into the backend.
e
Hey @hundreds-psychiatrist-38730, check out this repo and see if any of the examples here can help you: https://github.com/ory/awesome-ory
h
there was something i could look into. but seems like i need to use 
API Authentication
in my backend to be able to use it with hooks. or am i wrong about that? 🤔
or should i just include the session token in my request and then e.g. validate that token?
e
The latter would work if you are using the SDKs. It depends on where you want the authenticated calls to Kratos to live.
h
well, in my frontend ofc. my backend is going to be hidden from the public ofc. but I need it to have authentication and later on "RBAC" with Keto. so not everyone can request the endpoints if they find them.
e
Passing the session and validating it in the backend is most likely your best approach.
h
wouldn't it also still require me to build 
API KEY
in it? based on https://www.ory.sh/docs/guides/integrate-with-ory-cloud-through-webhooks#request-authentication
or what would 
value
be? 🤔
e
I could be misunderstanding what you are specifically asking, but let me see if this helps: Your frontend can use the 
createLoginFlowforBrowser
api to get a new flowId which can be used with the 
submitLoginFlow
which does not require a API Key. The 
submitLoginFlow
will return the 
session
and 
session_token
which you can then pass the 
id
using the getSession API on the backend to validate the session if needed.
h
yes, all that is in place
that's in my nextjs app, using 
@ory/client-fetch
e
You could also exchange the session for a JWT if you wanted to use that same session in other backend services.
h
i then want to leverage the actions/hooks, to request my backend api for e.g. 
after registration hook
or 
after login hook
and as i linked to the docs. The webhooks, only allow 2 type of auth. API.. or Basic auth.
and i will cut off my foot if i should use basic auth 😂
e
Ah I see now. Ok, thank you for the detail I was struggling to grasp. I think at this time you would have to use API.
h
but i also read it, as the kratos go app, to allow request to my backend
e
We do have a roadmap item to support other auth types for actions, but no firm date for that.
h
since that config:
Copy code
hook: web_hook
# other configuration keys
config:
  auth:
    type: api_key
    config:
      name: Authorization
      value: { API Key value }
      in: header # alternatively "cookie"
is the 
kratos.yml
config.. right?
e
Yes.
h
got it.
so that is basically just a random string in 
value
that i need to "check" in my own golang app
e
Correct.
h
to say.. HEY you are allowed
gotcha...
now i understand 😄
the docs doesn't say anything about this 😄
e
Good note, I will pass it on to our tech writing team to look at including this.
h
oh, a lot of the docs could use some love sometimes :P
i have been jumping back and forth between examples on github.. to docs
to understand everything
e
Yes. We recently added new members to the documentation team, hopefully you will start to see improvements very soon!
h
nice
i guess that is under the series A extension from last year?
part of growth and such 😄
e
🙂
h
oka i could go down the rabbit h ole right now with the hooks... but it's also late and i want to sleep kekw
i've got more questions.. but i guess i should try setup a hook first
Jeff, could you maybe also put a suggestion for the tech writers? on e.g. https://www.ory.sh/docs/guides/integrate-with-ory-cloud-through-webhooks#request-authentication We see examples of kratos config. Those small snippets are "confusing" to exactly understand where to put. Would be nice to know if it's need to be at:
Copy code
login:
  before:
    hooks:
      - hook: web_hook
  after:
    hooks:
      - hook: web_hook
etc. I just tried added in the example from the docs, failed validating kratos config. i def was missing some options that is required. 🙂
2 Views
Open in Slack
PreviousNext
Powered by