Hello Please help me and clear up these questions is it possible to send SMS with OTP during registration in self-hosted Kratos? is there official support for an SMS template for registration codes in self-hosted Kratos?

You could check this guide https://www.ory.sh/docs/kratos/self-hosted/email-http. And although I didn't find a quide on how to set-up sms delivery on self-hosted Kratos I checked the schema of Kratos config - you can find the configuration options in that schema.

it looks like it is possible to sent OTP only via email and not via SMS during registration in self-hosting Can you confirm that?

Not absolutely sure but you could also set-up Kratos to call your properietary service's endpoint whenever an email needs to be sent - for example on registration in your case. In your proprietary service you can have an integration with an SMS provider and trigger the SMS sending. Basically the request configuration here but change it to call your service and trigger SMS sending from there.

@ancient-orange-15810 - I could be wrong but AFAIK there is no way to connect that process to write the “verified” flag on the phone, and no way to administratively set the “verified” flag. So if you want to Kratos to only allow login from a verified phone you can’t do it right now.

thanks you🙏

@full-book-15949 Can you elaborate on what you exactly meant? We were discussing getting the verification code to the user via SMS and Email. This can be done however you want as you can send either sms or email from your proprietary system. Just hook up Kratos to send the message template to your system. The user will still go through the verification flow themselves. Also how we have set it up is that we keep the account verification status on our proprietary system and on login we make a webhook call to our system to check whether user is allowed to login or not. We also keep account close reason status (used when we need to close an account with a specific reason) on our system and the login webhook call also checks whether the account is closed or not.

@ancient-orange-15810 Thanks for clarifying. What I meant specifically is that to my knowledge you can’t use Kratos’s built-in “verifiable_addresses” via SMS. Are you able to share anything about your webhook configuration and how you keep things in sync between kratos db and external data source? We’re going to end up implementing something similar prior to launch

When account is registered in Kratos we utilize Kratos webhooks to also create the account in our proprietary system. We have multiple account verification states - account can be verified by user, an admin can mark the verification as skipped or admin can verify the account manually. The proprietary verification status of the account is checked at every login again via Kratos webhook. Example of a Kratos webhook we use:

- hook: web_hook
  config:
    url: <proprietary system api endpoint>
    method: POST
    body: base64://<base 64 encoded request body>
    response:
      parse: true // We can return custom Kratos errors to FO and also edit the identity depending on the response from the endpoint
      ignore: false // The endpoint can interrupt Kratos flows
    auth:
      type: api_key
      config:
        name: <custom header name>
        value: <custom header value>
        in: header

We only need the Kratos identity id in our proprietary system and we also deliver the proprietary system's user id to be stored Kratos' identity. We also utilize debezium connector for postgres to sync some data from Kratos db to proprietary system db (but not the other way around).