Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hi,
I am doing the integration with google and have an issue that kratos doesn’t add session in cookie.

1. I get callback

“method”: “GET”,
“path”: “/self-service/methods/oidc/callback/google”,

2. Kratos issued the session

  “msg”: “Identity authenticated successfully and was issued an Ory Kratos Session Cookie.“,

3. Kratos redirects to

   “set-cookie”: “csrf_token_bb320f781b1ef1c3254360b522675c790959cc41544a6e89f9e6589160fcb15c=AjhoSIMxeQCQAqN/B0g5Itc9aqHXj8ylwNEIcTLuTHU=; Path=/;
   “location”: “https://..
   “status”: 303
d”,
    “status_code”: 401

those parts are from kratos logs in the same order

This issue happens only when I do test in Chrome Incognito mode and have to login in google. After Google shows me the consent screen - I enter login/password. Then Google asks me to confirm in my mobile app the login and here the result :disappointed:

If I’ve already been logged in google — everything works fine