https://www.ory.sh/ logo
Join Slack
Powered by
<Kratos 1.3.0 release notes> say this: &gt; Please...
# ory-selfhosting
m
Kratos 1.3.0 release notes say this:
Please note that the 
via
parameter is deprecated when performing SMS 2FA. It will be removed in a future version. If the parameter is not included in the request, the user will see all their phone/email addresses from which to perform the flow.
But all examples show 
identity.schema.json
like this:
Copy code
phone_number: {
          type: "string",
          format: "tel",
          title: "Your phone number",
          minLength: 3,
          "<http://ory.sh/kratos|ory.sh/kratos>": {
            credentials: {
              code: {
                identifier: true,
                via: "sms",
              },
              // ...
            },
          },
        },
So, what is the correct way if not using 
via
?
s
The identity schema should be using 
via
. The deprecation notice is talking about the 
via
request parameter on the request creating login flows: https://www.ory.sh/docs/reference/api#tag/frontend/operation/createBrowserLoginFlow
m
Thanks, another question regarding 
identity.schema.json
- all examples for sending code (either passwordless login via email or sms, or mfa code login) have this kind of structure:
Copy code
phone_number: {
          type: "string",
          format: "tel",
          title: "Your phone number",
          minLength: 3,
          "<http://ory.sh/kratos|ory.sh/kratos>": {
            credentials: {
              code: {
                identifier: true,
                via: "sms",
              },
              // ...
            },
          },
        },
My question is - is 
credentials.code.identifier: true
required in this case? Is it possible to have OTP code sent to sms without it being an identifier? For passwordless login I guess it doesn’t make sense, but for MFA where user logs in with their username:password, maybe it would be possible for phoneNumber and/or email to not have to be identifiers? Not sure if what I am asking makes sense 😅 What I want to achieve is for emails/phone numbers to not have to be unique,. Only username has to be unique, but two users can have the same email.
s
Yes, it should be possible to not use the phone number/email as an identifier. Just remove the key.
m
And the OTP code login would still work?
s
No for that it has to be unique, how would we know which user to log in?
Open in Slack
PreviousNext
Powered by