Before registration hooks in Ory Identities are actions that run when a user starts the registration flow, before the actual registration process takes place. These hooks allow you to implement custom logic or integrations that execute at the beginning of the registration process. ### When Before Registration Hooks Run Before registration hooks are triggered when a registration flow starts, allowing you to perform actions or validations before the user completes their registration [Ory Actions in Identities](https://www.ory.sh/docs/kratos/hooks/configure-hooks#action-triggers). ### Use Cases You can use before registration hooks for various purposes, such as: - Restricting registration to specific IP addresses (e.g., only allowing registrations from your internal network) - Implementing invite-only registration by checking if certain criteria are met - Adding additional security checks - Verifying that a user's email address is associated with a valid domain - Custom validation logic ### Configuration You can configure before registration hooks in your Ory Identities configuration. Here's an example of how to configure a before registration hook:

yaml selfservice:   flows:     registration:       before:         hooks:           - hook: hook_name             config:               # hook-specific configuration

### Hook Execution Order The execution order of hooks follows a specific pattern: -

before

hooks run when the user starts a flow -

after

hooks run when the user submits or completes the flow - When an authentication method specifies hooks, it overrides the default hooks for the flow [Trigger Precedence](https://www.ory.sh/docs/kratos/hooks/configure-hooks#trigger-precedence) explains this in more detail. For more comprehensive information about hooks in general, including all available hook types and configuration options, you can refer to the [Hook Documentation](https://www.ory.sh/docs/kratos/hooks/configure-hooks).

Based on the knowledge sources provided, there isn't specific information about what the response should be for a "successful" before registration hook. The documentation focuses on hook configuration, triggers, and use cases, but doesn't explicitly detail the expected response format or structure for a successful before registration hook. What we do know from the documentation is: 1. Before registration hooks run when a user starts the registration flow 2. They can be used for purposes like restricting registration to specific IPs or implementing invite-only registration 3. They can add additional security checks However, the knowledge sources don't contain information about the specific response format that a before registration hook should return when it executes successfully. If you need detailed information about the expected response format for before registration hooks, you might want to check the Ory developer documentation or API reference that specifically covers hook response formats, or reach out to Ory support for more specific guidance. Would you like me to provide information about other aspects of registration hooks that are covered in the knowledge sources?

I'll provide additional information about registration hooks based on the knowledge sources. ### Registration Hook Types Ory Identities supports both "before" and "after" registration hooks: - Before registration hooks: Run when a user starts the registration flow - After registration hooks: Run when a user successfully registers in the system [Ory Actions in Identities](https://www.ory.sh/docs/kratos/hooks/configure-hooks#action-triggers) ### After Registration Hooks After registration hooks can be configured for specific authentication methods: - Password: For email/username and password registration - OIDC: For social sign-in registration - WebAuthn: For passwordless registration [Ory Actions in Identities](https://www.ory.sh/docs/kratos/hooks/configure-hooks#action-triggers) ### Common After Registration Hooks 1. Session Hook: Issues a session after successful registration

yaml    selfservice:      flows:        registration:          after:            password:              hooks:                - hook: session            oidc:              hooks:                - hook: session

This is particularly important for OIDC flows to prevent users from having to log in again after registration [Registration](https://www.ory.sh/docs/kratos/self-service/flows/user-registration#successful-registration) 2. Show Verification UI Hook: Redirects users to verify their email after registration

yaml    selfservice/flows/registration/after/password/hooks=[{"hook": "show_verification_ui"}]    selfservice/flows/registration/after/oidc/hooks=[{"hook": "show_verification_ui"}]    selfservice/flows/registration/after/webauthn/hooks=[{"hook": "show_verification_ui"}]

[Login and registration webhooks and actions](https://www.ory.sh/docs/identities/sign-in/actions#show-verification-after-successful-registration) 3. Web Hooks: Call external services when users register - Can integrate with services like Mailchimp, Segment, Hubspot - Can be used for additional validation [Login and registration webhooks and actions](https://www.ory.sh/docs/identities/sign-in/actions#customize-login-and-registration-behavior) ### Important Note About Hook Order When using multiple hooks, the order matters. For example, if you're using both a web hook and the session hook, the web hook should come before the session hook:

yaml password:   hooks:   - config:       body: <https://storage.googleapis.com/bac-gcs-production/bar.jsonnet>       can_interrupt: false       method: POST       response:         ignore: false         parse: false       url: <https://webhook.site/foo>     hook: web_hook   - hook: session

If the session hook comes first, it may overwrite other hooks that run after it, preventing them from executing properly [Github Issue #361](https://github.com/ory/network/issues/361). ### Flow-Interrupting Webhooks You can use flow-interrupting webhooks to add validation to registration flows, allowing you to control who can sign up based on criteria like: - Email domain matching - IP address validation - Invite code verification [Login and registration webhooks and actions](https://www.ory.sh/docs/identities/sign-in/actions#customize-login-and-registration-behavior) This gives you fine-grained control over the registration process. ### Webhook Configuration in Ory Console When creating webhooks in the Ory Console, you need to select which authentication method the webhook applies to. If you want the webhook to fire for all flows, you need to create separate webhooks for each authentication method (password, OIDC, WebAuthn) rather than selecting "All" [Github Issue #361](https://github.com/ory/network/issues/361).