numerous-energy-92403
01/25/2022, 3:31 AMSERVE_PUBLIC_BASE_URL
should be set to when you are using Oathkeeper and JWT and when you are using cookie without it? The most frustrating thing about working with Kratos is understand when "public" actually means public to the world...or just means "public" API. That keeps biting me in the butt, and it needs to STOP! Can someone lay it out for me finally once and for all?proud-plumber-24205
01/25/2022, 2:52 PMThe URL where the endpoint is exposed at. This domain is used to generate redirects, form URLs, and more.⢠https://www.ory.sh/kratos/docs/reference/configuration/ Here is an example, you do a login redirect, the browser gets redirected back to whatever value you specified under
selfservice.flows.login.ui_url
. The user now fills in their details. You in the background have a form pointing to whatever kratos is giving you (e.g. <http://auth.example.com/self-service/login?flow=af09e010-ea81-4597-9fd9-5012ec8aa278|auth.example.com/self-service/login?flow=af09e010-ea81-4597-9fd9-5012ec8aa278>
) this is calculated by kratos using the serve.public.base_url
.
Cookie domains are set using the session.cookie.domain
config. This value can be overridden when using domain_aliasing
. https://www.ory.sh/kratos/docs/guides/multi-domain-cookies
Public also does mean public (to the world), meaning that it is safe to expose on your server. Is there something in the documentation that is making this confusing?numerous-energy-92403
01/25/2022, 2:56 PMdocker-compose
installation that has worked great, but I am unable to get mutators to actually activate and create JWT tokens under ANY condition inside Kubernetes. Is there a reference implementation of this being done by anybody anywhere?proud-plumber-24205
01/26/2022, 5:03 PMnumerous-energy-92403
01/26/2022, 5:05 PMca_certificates
file in a custom Alpine-based Docker image build for Kratos and Oathkeeper, so the calls could be made without resorting to insecure flags....magnificent-energy-493
numerous-energy-92403
01/29/2022, 11:02 PMmagnificent-energy-493