https://www.ory.sh/ logo
b

brainy-winter-45330

01/06/2022, 6:02 PM
Is it possible for admins to store data on users but not allow the user to update that data?
m

magnificent-energy-493

01/06/2022, 9:49 PM
I think you are looking for this feature: https://github.com/ory/kratos/issues/117
b

brainy-winter-45330

01/06/2022, 10:09 PM
No, I don't want it immutable. What I'd like to do is have an admin configure some data on users. We use OPA for authz, which isn't the most user friendly experience for admins. I'd like to set an initial OPA policy that says something like "allow any user to do X when the user's foo == bar" and where "foo" is data from Kratos.
That way we can create a GUI for admins to store key value pairs in Kratos for user related info and have it affect authz.
s

straight-nail-66947

01/07/2022, 7:13 AM
b

brainy-winter-45330

01/07/2022, 9:40 PM
That sounds exactly like what I'm looking for.
Thanks
2 Views