Hi i've set up ory on my systems happy with it. Now I'm wondering for people developing the frontend SPA on their own local environment how do I give them access in a safe way to protected API's?

@User Run the Ory system with local configs (thus have different configs for local and production) and have the frontend team integrate the APIs locally then just swap out the baseURL path from local to your production baseURL on the frontend when deploying

The API is rather large, and running them locally would be a problem. So now I have to figure out some unprotected port forward to the service.

Maybe you can query the api through a secure network, such as a proxy. But just remember when querying a service like Kratos in such an obscure way without the correct configurations will end up with lots of problems such as cookie, cors and csrf issues.

I'm building maps with protected data. Maps are rather large..hard to just copy over to a frontend dev. I've just solved such csrf issues now and want a local environment for devs to test with and access api's through secure proxyies. being close as close as possible to the real solution.

Hey @User Did Alanos tip work for you? I think this could be interesting to add to the docs, thats why I am asking 🙂