Hey everyone We already manage many users with Kratos. It works great so far. Now we want to connect a service via OIDC to the users inside our Kratos instance. Is it correct, that Kratos cannot be a OIDC provider and it cannot connect to Hydra which offers the users via OIDC? What other options we have?

Hi @User Kratos supports hooking up OIDC providers (including Hydra). However, with Hydra you would need to implement some code to make it work. But for general, sign in with google, facebook etc. it is supported out of the box.

Hi @User Thank you for the quick feedback. I think I asked my question wrong, so I draw a quick diagram to express myself better.

https://www.ory.sh/docs/kratos/guides/sign-in-with-github-google-facebook-linkedin Maybe check out these docs

message has been deleted

Yes you can become an OIDC provider through Hydra. As Hydra does not have it's own user management, any identity provider (including Kratos) can be used. This integration is however not available out of the box (yet). You have to build it, which definitely is possible. There is some more context in this issue: https://github.com/ory/kratos/issues/273 Specifically this branch, which however is a bit outdated: https://github.com/ory/kratos-selfservice-ui-node/tree/hydra-integration/contrib/hydra

Thanks for your reply. Also this is interesting: https://github.com/ory/hydra/discussions/2873