Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hello,

We’re looking at supporting a concept of anonymous users in our app (i.e. allowing access to the app, with an identity in ory but without the user needing to go through a registration process) - this would be basically the same as Firebase’s <https://firebase.google.com/docs/auth/web/anonymous-auth|anonymous auth>

Basic requirements would be
• Our web client would be able to create an anonymous identity in Kratos, which is authenticated by a secret which the browser stores in local storage - and will at that point create an user id stored in Kratos and would be able to generate a token to interact with our APIs.
    ◦ This identity would have to have a trait which explicitly flags it as anonymous so we can only allow certain operations which use it
• If / when a user registers an account with us for real this identity is linked with (and gets the anonymous user’s id) so that any operations that have been done while they aren’t logged in are linked with the new account
Has anyone done this with Ory network before / is there an idea of what any design patterns to allow this?