To configure Ory Kratos for different environments, you have several options: ### Using Environment Variables The most common approach is to use environment variables to override configuration values in your

kratos.yml

file. This allows you to maintain a single configuration file while customizing values per environment:

bash export SELFSERVICE_FLOWS_SETTINGS_UI_URL=<https://prod.example.com/settings>

Nested paths in the configuration are mapped by using underscores between levels. For example,

selfservice.flows.settings.ui_url

becomes

SELFSERVICE_FLOWS_SETTINGS_UI_URL

[Configure Ory Kratos](https://www.ory.sh/docs/kratos/configuring). ### Using the Ory CLI For a more structured approach, especially when moving between local development and Ory Network: 1. Export configuration from one environment:

bash    ory get identity-config --project <project-id> --workspace <workspace-id> --format yaml > identity-config.yaml

2. Import configuration to another environment:

bash    ory update identity-config --project <project-id> --workspace <workspace-id> --file config.yaml

This is particularly useful for moving configurations between self-hosted Kratos and Ory Network [Ory Identities CLI](https://www.ory.sh/docs/guides/cli/identity-cli). ### Using Ory Patch for Specific Changes For targeted configuration changes between environments, use the

ory patch

command:

bash ory patch identity-config --project <project-id> --workspace <workspace-id> \   --replace '/selfservice/methods/totp/enabled=false'

This allows you to adjust specific keys without overwriting the entire configuration [Configure projects with Ory CLI](https://www.ory.sh/docs/guides/cli/config-with-cli). ### Development Mode For local development, you can use the

--dev

flag when starting Kratos:

bash kratos serve --dev

This disables certain security features (like SameSite cookie restrictions) to make development easier [kratos serve](https://www.ory.sh/docs/kratos/cli/kratos-serve#kratos-serve). ### Multiple Configuration Files Kratos also supports loading multiple configuration files, which can be useful for environment-specific overrides:

bash kratos -c base-config.yml -c dev-overrides.yml serve

Values are loaded in the order provided, with later files overwriting values from previous ones. Remember that for production environments, you should avoid using the

--dev

flag and ensure proper security configurations are in place.

For self-hosted Ory Kratos, you have several options to manage environment-based configurations: ### 1. Environment Variables Environment variables take precedence over config file values and are ideal for environment-specific settings:

bash export SELFSERVICE_FLOWS_SETTINGS_UI_URL=<https://your-environment-specific-url.com/settings>

Nested paths are mapped using underscores, so

selfservice.flows.settings.ui_url

becomes

SELFSERVICE_FLOWS_SETTINGS_UI_URL

[Configure Ory Kratos](https://www.ory.sh/docs/kratos/configuring). ### 2. Multiple Configuration Files You can use multiple configuration files with the

-c

flag, loading a base configuration and then environment-specific overrides:

bash kratos -c base-config.yml -c production-overrides.yml serve

Values from later files override earlier ones, allowing for layered configurations. ### 3. Configuration File Formats Kratos supports JSON, YAML, and TOML formats for configuration files. You can name your configuration files

kratos.(json|yml|yaml|toml)

to enable automatic validation and code completion in IDEs [Configure Ory Kratos](https://www.ory.sh/docs/kratos/configuring). ### 4. Ory CLI for Configuration Management For self-hosted instances, the Ory CLI is particularly useful for configuration management:

bash # Export configuration from a self-hosted instance ory get identity-config --project <project-id> --workspace <workspace-id> --format yaml > identity-config.yaml  # Import configuration to another environment ory update identity-config --project <project-id> --workspace <workspace-id> --file config.yaml

This approach is especially helpful when moving between development, staging, and production environments [Ory Identities CLI](https://www.ory.sh/docs/guides/cli/identity-cli). ### 5. Specific Configuration Examples for Self-Hosted For specific components like mail courier templates, you can use environment-specific paths:

yaml courier:   template_override_path: /conf/courier-template-${ENV}

Where

${ENV}

is an environment variable set to

dev

,

staging

, or

prod

. For custom email templates in different environments:

yaml courier:   templates:     verification:       valid:         email:           body:             html: file:///templates/${ENV}/verification.html             plaintext: file:///templates/${ENV}/verification.txt

These approaches give you flexibility to manage configurations across different environments while maintaining a consistent deployment process for your self-hosted Ory Kratos instances.