https://www.ory.sh/ logo
Join Slack
Powered by
I am digging in to the <tutorial> and my previous ...
# ory-network
m
I am digging in to the tutorial and my previous work with the admin API and had an issue. I am now getting this error from the Admin API when creating an identity:
Copy code
{
  "error": {
    "code": 400,
    "status": "Bad Request",
    "request": "97ff1065-9980-92fc-8d70-e96a5dcc9cd6",
    "reason": "Unable to find JSON Schema ID: default",
    "message": "The request was malformed or contained invalid parameters"
  }
}
Seems simple enough to solve by inputting the correct name. However I cannot find the new default name in the web UI. Can someone tell me what the value for this is?
p
Hi @User You need to specify exactly the ID of the schema you are using. We can quickly go through an example using cURL:
Copy code
➜  ~ curl -H "Accept: application/json" https://<project_slug>.<http://projects.oryapis.com/api/kratos/public/schemas|projects.oryapis.com/api/kratos/public/schemas> | jq 
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   530  100   530    0     0   1444      0 --:--:-- --:--:-- --:--:--  1440
[
  {
    "id": "<preset://email>",
    "schema": {
      "$id": "<https://schemas.ory.sh/presets/kratos/identity.email.schema.json>",
      "$schema": "<http://json-schema.org/draft-07/schema#>",
      "title": "Person",
      "type": "object",
      "properties": {
        "traits": {
          "type": "object",
          "properties": {
            "email": {
              "type": "string",
              "format": "email",
              "title": "E-Mail",
              "<http://ory.sh/kratos|ory.sh/kratos>": {
                "credentials": {
                  "password": {
                    "identifier": true
                  },
                  "totp": {
                    "account_name": true
                  }
                },
                "recovery": {
                  "via": "email"
                },
                "verification": {
                  "via": "email"
                }
              },
              "maxLength": 320
            }
          },
          "required": [
            "email"
          ],
          "additionalProperties": false
        }
      }
    }
  }
]
I can see the 
id
of my schema is 
<preset://email>
To now create an identity we can do
Copy code
➜  ~ curl -X POST -H "Accept: application/json" -H "Authorization: Bearer ory_pat_<token>" https://<project_slug>.<http://projects.oryapis.com/api/kratos/admin/identities|projects.oryapis.com/api/kratos/admin/identities> --data '{"schema_id": "<preset://email>", "traits":{"email":"<mailto:bob1234@example.com|bob1234@example.com>"}}' | jq
{
  "id": "fa26083d-77c7-4c1e-afec-ba9c91dd699d",
  "schema_id": "<preset://email>",
  "schema_url": "https://<project_slug>.<http://projects.oryapis.com/api/kratos/public/schemas/cHJlc2V0Oi8vZW1haWw|projects.oryapis.com/api/kratos/public/schemas/cHJlc2V0Oi8vZW1haWw>",
  "state": "active",
  "state_changed_at": "2022-03-08T09:25:32.549155347Z",
  "traits": {
    "email": "<mailto:bob1234@example.com|bob1234@example.com>"
  },
  "verifiable_addresses": [
    {
      "id": "92a54da2-2ab7-4483-a66f-e413cc815f4d",
      "value": "<mailto:bob1234@example.com|bob1234@example.com>",
      "verified": false,
      "via": "email",
      "status": "pending",
      "created_at": "2022-03-08T09:25:32.562564Z",
      "updated_at": "2022-03-08T09:25:32.562564Z"
    }
  ],
  "recovery_addresses": [
    {
      "id": "a670062f-24d7-4cc6-a639-62cf38527e28",
      "value": "<mailto:bob1234@example.com|bob1234@example.com>",
      "via": "email",
      "created_at": "2022-03-08T09:25:32.571982Z",
      "updated_at": "2022-03-08T09:25:32.571982Z"
    }
  ],
  "created_at": "2022-03-08T09:25:32.553524Z",
  "updated_at": "2022-03-08T09:25:32.553524Z"
}
m
Is there logout documentation that is relatively current? The 
ToSession
method returns a *Session object but that does not include what appears to be needed. The documentation is looking for a SessionToken but that field is not on the struct.
p
You can call the logout endpoint by passing along the session cookie (you required it to call the toSession)
m
Can you be a bit more specific? The version of the API I have I believe is this: https://github.com/ory/client-go/blob/master/docs/V0alpha2Api.md. this method this one seem most correct, yet neither accepts a session cookie in the same way login does. I'd expect to reuse the 
app.session
entity from the login at logout, but that does not appear to be possible. Can you provide a concrete example of what to do based on the login workflow. Also are the docs I shared the best place for devs try to keep up with the cloud SDK? Thank you!
p
Hey @User I might have misunderstood you. Are you retrieving a cookie like in the tutorial? If so you would need to redirect the user to the logout endpoint which will use the cookie in the browser. If you are logging the user in through a native go application (e.g. cli) which is a non-browser application, then you will need to store the token somewhere after logging in.
m
Are you retrieving a cookie like in the tutorial?
Yes. I expected the Session to have a 
SessionToken
field which would be trivial to pass to any of methods available on the SDK version I am using (alpha.116)
The app is a Go web application that is just HTML/CSS on the FE
Following along with the login tutorial it maintains a session and cookie private field. I expected the 
session
value to contain something I could use to logout but it appears more is needed?
Copy code
// check if we have a session
		session, _, err := app.ory.V0alpha2Api.ToSession(request.Context()).Cookie(cookies).Execute()
		if (err != nil && session == nil) || (err == nil && !*session.Active) {
			// this will redirect the user to the managed Ory Login UI
			http.Redirect(writer, request, "/.ory/api/kratos/public/self-service/login/browser", http.StatusSeeOther)
			return
		}
		app.cookies = cookies
		app.session = session
Specifically the 
session
is this https://github.com/ory/client-go/blob/master/docs/Session.md. What field can I use to support logout and what method should I use from the 
client-go
package
Or is there another way to do this? It'd be great to update the Login tutorial with how to logout using the same code example.
p
We only expose the session token to non-browser based applications and a session cookie to browser based applications. You will need to include the cookie to a logout request https://www.ory.sh/docs/kratos/self-service/flows/user-logout#self-service-logout-for-server-side-browser-applications https://github.com/ory/client-go/blob/master/docs/V0alpha2Api.md#CreateSelfServiceLogoutFlowUrlForBrowsers
Yes we are in the process of adding more guides to show logout / verification/ recovery / settings etc.
m
Alright this is great. Thanks @User I really appreciate this.
p
It's np 🙂
m
Unrelated but (now a blocker) I create a single user for testing using the admin CLI. Upon creating a new user record, following the verify URL, setting a password, I now get 401 Unauthorized when they login. It is a test user so its always the same name and password. What might be the reason for this? I ask because no reason comes back from the API http response
I believe I tracked down the issue. I am using this library for session mgmt - https://github.com/alexedwards/scs/pulls and 3rd party cookies are no longer being written.
6 Views
Open in Slack
PreviousNext
Powered by