Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

After I create an identity, how do I initialize his password?

you are probably looking for <https://www.ory.sh/kratos/docs/admin/managing-users-identities#invite-a-user>

In our scenario, passwords are set by administrators, not users themselves

This scene is not supported for now, is it?

you then either have to wait for <https://github.com/ory/kratos/pull/1963>
or use the recovery flow as an administrator

hope you are aware of the security problems that come with admins knowing passwords though :sweat_smile:

Our primary scenario is the private cloud, so administrators have maximum access

not only access, but also passwords could leak to bash history, logs, ... and have to be safely transferred (i.e. not slack, email, ...)
just a friendly reminder to remember pitfalls there

Thank you for your reminder

Our scenario is relatively simple. In a private cloud environment, the administrator manages users and delivers accounts

Then a common user logs in to the system using the delivered account and password

We then integrate permission-related controls with keto’s capabilities