Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

~Hi <@U010HRLSQRX>, currently we have a half baked solution, where we have an identity system that produces JWT tokens and refresh tokens and rely on the backend-for-frontend for each app (app per user type in this case customer/broker/lender/office) to know how to authorize each request each.

However we have decided we want to secure our actual APIs behind the BFFs and switch to Kratos as we want a single sign on with all the secure cookies.

So I need to understand if the Ory stack is going to cater and how it would be best designed for the following.~

• ~Our customers can login to the customers app.~