Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Missing csrf token while customizing the login. Need help on this.

Can you share your exact error and your config please?

-
  id: "evoke:login-flow:anonymous"
  upstream:
    preserve_host: false
    url: "<https://dev.playground.com:9949/auth/v1/login/browser>"
  match:
    url: "<http://dev.playground.com:4455/>"
    methods:
      - GET
  authenticators:
    -
      handler: anonymous
  authorizer:
    handler: allow
  mutators:
    -
      handler: noop
-
  id: "evoke:login-ui:anonymous"
  upstream:
    preserve_host: true
    url: "<https://dev.playground.com>"
  match:
    url: "<http://dev.playground.com:4455/login>"
    methods:
      - GET
  authenticators:
    -
      handler: anonymous
  authorizer:
    handler: allow
  mutators:
    -
      handler: noop

```
login:
  ui_url: <http://dev.playground.com:4455/login>```


I could able to get the flow in <https://dev.playground.com> but cookie (csrf token) not added to browser.

Can you see a `set-cookie` header in the response?

yes i have seen in the oauth_keeper docker logs

but when redirected to configured ui_url , i could not see the cookie.