Yes, with Ory Network, it is possible to allow login through two completely different domains to the same Ory project, but there are important considerations and specific settings required: ### 1. Multibrand / Multiple Custom Domains Feature Ory Network supports adding multiple custom domains to a single project via the Multibrand feature. This allows you to configure different custom UI base URLs and cookie domains for each domain. For example, you could have: -

<http://ory.domain1.com|ory.domain1.com>

(custom domain 1) -

<http://ory.domain2.com|ory.domain2.com>

(custom domain 2) Each can have its own UI base URL and cookie domain settings. This setup is managed in the Ory Console under Branding → Theming. You can serve different UI views and issue session cookies scoped to each domain. However, note that browser cookies are isolated per domain, so users will have separate sessions on each domain and will need to authenticate separately on each one, even if they use the same account credentials. This is a browser security limitation, not an Ory-specific one. OpenID Connect can be used for SSO, but session isolation per domain still applies [Multiple custom domains](https://www.ory.sh/docs/kratos/bring-your-own-ui/configure-ory-to-use-your-ui#multiple-custom-domains). ### 2. How to Set Up - Add Custom Domains: In the Ory Console, go to Branding → Custom domains and add each domain you want to use. You will need to set up a CNAME record with your DNS provider for each domain [Set up custom domains](https://www.ory.sh/docs/guides/custom-domains). - Configure Cookie Domains: The session cookie will be scoped to the root domain of each CNAME you set up. This ensures that the session is valid for the domain and its subdomains. - Configure UI Base URLs: For each custom domain, you can set a different UI base URL in the theming section. - CORS Settings: If you are using SPAs, configure CORS origins for each domain as needed. ### 3. Limitations - Session Isolation: Each domain will have its own session due to browser cookie policies. Users must log in separately on each domain. - Redirects: As of now, configuring browser redirects per custom domain is a known limitation. Redirects are relative to the project URL, not the custom UI base URL, so you may need to handle dynamic redirects in your application code until per-domain redirect configuration is available [Configure browser redirects per custom domain](https://github.com/ory/network/issues/374). ### 4. Example Use Case If you have

<http://store1.com|store1.com>

and

<http://store2.com|store2.com>

, you can set up: | Website | Custom Domain | Cookie Domain | Custom UI Base URL | |-------------|-------------------|--------------|------------------------| | store1.com | ory.store1.com | store1.com | store1.com/auth | | store2.com | ory.store2.com | store2.com | store2.com/self-service| Each store will have its own login page and session, but both are managed by the same Ory project [Multiple custom domains](https://www.ory.sh/docs/kratos/bring-your-own-ui/configure-ory-to-use-your-ui#multiple-custom-domains). --- Summary: Yes, you can allow login through two completely different domains to the same Ory project by using the Multibrand feature to add multiple custom domains, configure cookie domains, and set up UI base URLs for each. Each domain will have its own session due to browser security restrictions. For detailed steps, see the Ory documentation on [Multiple custom domains](https://www.ory.sh/docs/kratos/bring-your-own-ui/configure-ory-to-use-your-ui#multiple-custom-domains) and [Set up custom domains](https://www.ory.sh/docs/guides/custom-domains).

Based on the available knowledge sources, the ability to add multiple custom domains to a single Ory Network project is tied to the Multibrand feature. This feature allows you to add more than one custom domain per project, but it is not enabled by default. The documentation states: > With the Multibrand feature enabled for your workspace, you can add multiple custom domains to each Ory Network project... Interested in the Multibrand feature for your Ory Network project? [We're here to help!](https://www.ory.sh/contact) [Multiple custom domains](https://www.ory.sh/docs/kratos/bring-your-own-ui/configure-ory-to-use-your-ui#multiple-custom-domains) This suggests that, by default, even on production plans, you are limited to one custom domain per project unless you specifically request access to the Multibrand feature by contacting Ory. Therefore, if you see the message “Your plan is restricted to 1 custom domain per project. Please get in touch if you need more,” it means that your current plan (including the standard production plan) does not include multiple custom domains by default. You need to contact Ory to enable this capability for your project. The documentation does not specify if there are production plans where this is included automatically, so you should reach out to Ory for more details.