Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Quick Q: Our current system creates identities using the admin api (we don't let people register). These newly created identities have an associated tenant ID. Can I store the tenant ID in the cookie Kratos creates? If so, how would I get this ID into the token? Through a custom identity field that I fill when creating the identity manually? This is so we can pluck that tenant ID out on our backend and scope requests. Thanks in advance.

Hi <@U035YNB6XH8>
I don't believe this is possible, what you can do however is:
1. Store the tenant ID in the identity traits (careful if the tenant ID is supposed to be secret).
2. Link the tenant ID with the Kratos Identity ID in your Database

Hi <@U01MTU9E4CF>

This is a bit off topic. Can I not allow registrations?

I'm assuming you mean in the cloud.

Registration is allowed by default at the moment. I believe there is an open issue for disabling registration which we will tackle in the near future