You can get identity details in Ory Kratos using several methods: ### Using the Admin API You can retrieve identity details using the Admin API endpoint:

GET /admin/identities/{id}

This endpoint returns an identity by its ID. You can optionally include credentials (e.g., social sign-in connections) in the response by using the

include_credential

query parameter [Kratos API Reference](https://www.ory.sh/docs/kratos/reference/api). ### Using the CLI #### With

kratos

CLI:

kratos identities get <id-0 [id-1 ...]> [flags]

Example:

kratos identities get 12345-67890-abcdef

You can include credentials with the

--include-credentials

flag:

kratos identities get <id> --include-credentials oidc

[Kratos Identities Get](https://www.ory.sh/docs/kratos/cli/kratos-identities-get#kratos-identities-get) #### With

ory

CLI:

ory get identity [id-1] [id-2] [id-n] [flags]

Example to get identities with recovery email addresses at a specific domain:

ory get identity $(ory ls identities --format json | jq -r 'map(select(.recovery_addresses[].value | endswith("@ory.sh"))) | .[].id')

[Ory Get Identity](https://www.ory.sh/docs/cli/ory-get-identity#ory-get-identity) ### Using the Go SDK

go package main  import (  "context"  "fmt"  "os"   ory "<http://github.com/ory/client-go|github.com/ory/client-go>" )  var oryAuthedContext = context.WithValue(context.Background(), ory.ContextAccessToken, os.Getenv("ORY_API_KEY"))  func main() {  configuration := ory.NewConfiguration()  configuration.Servers = []ory.ServerConfiguration{   {    URL: "https://<your-ory-project-slug>.<http://projects.oryapis.com|projects.oryapis.com>",   },  }  apiClient := ory.NewAPIClient(configuration)    getIdentity, r, err := apiClient.IdentityApi.GetIdentity(oryAuthedContext, "identity-id").Execute()  if err != nil {   fmt.Fprintf(os.Stderr, "Error when calling `IdentityApi.GetIdentity`: %v\n", err)   fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)  }  fmt.Fprintf(os.Stdout, "Identity details: %v\n", getIdentity.Traits) }

[Ory Identity Management Go SDK](https://www.ory.sh/docs/kratos/sdk/go#identity-api) ### Including Social Sign-in Provider Tokens If you need to retrieve social sign-in provider tokens, you can include the OIDC credential:

ory get identity "$identity_id" --project "$PROJECT_ID" -i oidc --format yaml

Or with cURL:

curl --request GET -sL \   --header "Content-Type: application/json" \   --header "Authorization: Bearer {ORY_API_KEY}" \   'https://$<http://PROJECT_SLUG.projects.oryapis.com/admin/identities/<identity_id>?include_credential=oidc|PROJECT_SLUG.projects.oryapis.com/admin/identities/<identity_id>?include_credential=oidc>'

[Get Social Sign-in Provider Tokens](https://www.ory.sh/docs/kratos/social-signin/get-tokens) These methods allow you to retrieve detailed information about identities in your Ory Kratos system.

@chilly-king-10285 how can an identity get a detail himself?

In Ory Kratos, users (identities) can retrieve their own details through self-service flows. Here's how an identity can get their own details: ## For Browser-Based Applications When a user is logged in, their identity details are typically included in the session information. This happens in several self-service flows: 1. After Login: When a user successfully logs in, the response includes the identity details:

json {   "session": {     "identity": {       "id": "8a7755df-1aac-4477-a53c-3f16fa059113",       "schema_id": "default",       "traits": {         "email": "<mailto:user@example.com|user@example.com>"       },       "verifiable_addresses": [         {           "id": "95139fe8-3360-4b08-adf6-4cc9b4555d86",           "value": "<mailto:user@example.com|user@example.com>",           "verified": false,           "via": "email",           "status": "pending"         }       ]     }   } }

[Login Flow Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-login#api-clients) 2. After Registration: Similar to login, successful registration returns identity details:

json {   "identity": {     "id": "d8baf63b-7ce6-4275-82b9-9ac6d97e5037",     "schema_id": "default",     "traits": {       "email": "<mailto:user@example.com|user@example.com>"     },     "verifiable_addresses": [       {         "id": "87defb49-ad69-461c-b5f6-56c1ec39dd39",         "value": "<mailto:user@example.com|user@example.com>",         "verified": false,         "via": "email"       }     ]   } }

[Registration Flow Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-registration#client-side-browser-clients) 3. Settings Flow: When a user accesses their settings, they can view and update their profile information:

curl -s -X GET \     -H "Authorization: Bearer $sessionToken" \     -H "Accept: application/json" \     <https://playground.projects.oryapis.com/self-service/settings/api>

[Settings Flow Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-settings#client-side-browser-clients) ## For API Clients API clients can use the session token to retrieve identity information: 1. Whoami Endpoint: Use the session token to get the current identity details:

curl -s -H "Authorization: Bearer svX8bE9HTiVpMr7r55TtKtcOkLRhAq1a" \   <https://playground.projects.oryapis.com/sessions/whoami>

[Whoami Endpoint Example](https://www.ory.sh/docs/kratos/self-service/flows/user-login#api-clients) 2. Settings Flow API: Retrieve profile information using the settings flow:

curl -s -X GET \     -H "Accept: application/json" \     -H "Authorization: bearer $sessionToken" \     "<https://playground.projects.oryapis.com/self-service/settings/flows?id=$flowId>"

[Settings Flow Payloads](https://www.ory.sh/docs/kratos/self-service/flows/user-settings#settings-flow-payloads) The response includes the identity's profile information, verifiable addresses, and recovery addresses, depending on the configuration and the identity schema. Note that users can only access their own identity information through these self-service flows when they have a valid session. The system ensures users can only see their own data, unlike admin APIs which can access any identity's details.