Hello we re wondering if there is there a way to get the ide Ory Community #talk-kratos

Hello, we're wondering if there is there a way to ...

important-fall-74969

02/22/2022, 11:09 AM

Hello, we're wondering if there is there a way to get the identity credentials for a user (logged in) when initialising the self service flows in our frontend app? When the user navigates to the account settings page we would like to check the credentials to view what login methods have been enabled (password and/or social sign in). Or is this only available through the

adminGetIdentity

call and passing in the

id

? We call

initializeSelfServiceSettingsFlowForBrowsers

(or

getSelfServiceSettingsFlow

if we have the flowId) but we can't see the credentials as part of the response.

chilly-vr-43427

02/23/2022, 1:34 PM

you need the session cookie or token to get the identity details

important-fall-74969

02/23/2022, 2:29 PM

Thanks! Do you mean we need to pass in the session cookie or token to the

initializeSelfServiceSettingsFlowForBrowsers

getSelfServiceSettingsFlow

call? We get the identity back from the calls but it doesn't include the

credentials

of that identity. The user is logged in so the session cookie is already set.

chilly-vr-43427

02/23/2022, 2:30 PM

but

credentials

are what you are passing in to get the identity right?

important-fall-74969

02/23/2022, 2:35 PM

We're not passing in anything when calling

kratos.initializeSelfServiceSettingsFlowForBrowsers

. But we have set

withCredentials

in the below configuration.

Copy code

export const kratos = new V0alpha2Api(
  new Configuration({
    basePath: process.env.VUE_APP_ORY_KRATOS_URL || '<http://127.0.0.1:4433/>',
    baseOptions: {
      withCredentials: true,
    },
  }),
);

chilly-vr-43427

02/23/2022, 2:37 PM

thats initializing the flow, which doesn't depend on passing the session cookie

chilly-vr-43427

02/23/2022, 2:38 PM

initializing a flow is a stateless call

chilly-vr-43427

02/23/2022, 2:38 PM

the session cookie authenticates a user

important-fall-74969

02/23/2022, 2:40 PM

Right ok. So is it when we call

toSession

(to see if the user is logged in) we should pass in the session cookie to be able to get the

identity

with the

credentials

included back?

chilly-vr-43427

02/23/2022, 2:40 PM

yes

chilly-vr-43427

02/23/2022, 2:41 PM

you'll get the

identity

details for the user. What credentials are you referring about?

important-fall-74969

02/23/2022, 2:42 PM

I'm talking about the credentials listing what sign in methods the user has enabled.

oidc

password

for example.

important-fall-74969

02/23/2022, 2:43 PM

We do get the identity back but it doesn't include that list

chilly-vr-43427

02/23/2022, 2:44 PM

can you post your

identity

object?

chilly-vr-43427

02/23/2022, 2:45 PM

the methods are enabled in the config. why do you expect them to be part of the identity?

important-fall-74969

02/23/2022, 3:10 PM

because the

credentials

are part of the

Identity

interface, although optional. We wanted to check them in our frontend app to see what login methods have been enabled for that user (password and/or social sign in) 🙂 but seems like it might not be possible.

chilly-vr-43427

02/23/2022, 3:16 PM

I dob't think its possible to configure the methods per user. It's global config

damp-salesclerk-26574

02/23/2022, 3:24 PM

I think it’s more that the user chooses whether to log in with github or google or email (or all) and it would be good to see which one(s) they have chosen to use.

10 Views

Open in Slack

Previous Next