When using Ory's self-service login flow, if a user provides incorrect credentials, the system redirects back to the login page with the

?flow=<flow_id>

query parameter. This behavior is necessary for several reasons: 1. State Management: The

flow_id

is used to maintain the state of the login process. It allows Ory to track the current state of the login attempt, including any validation errors or messages that need to be displayed to the user. 2. Error Handling: By appending the

flow_id

, Ory can provide detailed feedback about what went wrong during the login attempt. This includes messages about missing fields or incorrect credentials, which are associated with the specific flow. 3. Security: The flow mechanism helps in managing CSRF tokens and other security-related aspects of the login process. Disabling this behavior is not recommended as it is integral to how Ory manages self-service flows. The flow ID is essential for ensuring that the login process is handled securely and correctly. For more information on how Ory handles login flows and validation, you can refer to the [Ory Kratos Login Form Validation documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-login#login-form-validation). If you have further questions or need more detailed guidance, you might want to explore the [Ory Kratos documentation](https://www.ory.sh/docs/kratos) for additional insights.