https://www.ory.sh/ logo
Join Slack
Powered by
:wave: Greetings! Ory kratos self hosted instance ...
# ory-selfhosting
b
👋 Greetings! Ory kratos self hosted instance ,version: v0.7.1-alpha.1 Trying to 
revoke_active_sessions
after settings flow Configuration :
Copy code
settings:
      ui_url: <https://app.v1.dev.test.build/self-service/recovery>
      privileged_session_max_age: 20m
      required_aal: aal1
      after:
        default_browser_return_url: <https://app.v1.dev.test.build/login>
        hooks:
          - hook: revoke_active_sessions
While build i am getting below errors and i am not able to figure out that whats going wrong with the configuration
Copy code
kratos-kratos-1                      | 
kratos-kratos-1                      | The configuration contains values or keys which are invalid:
kratos-kratos-1                      | selfservice.flows.settings.after.hooks: [map[hook:revoke_active_sessions]]
kratos-kratos-1                      |                                         ^-- doesn't validate with "#/definitions/selfServiceHooks"
kratos-kratos-1                      | 
kratos-kratos-1                      | The configuration contains values or keys which are invalid:
kratos-kratos-1                      | selfservice.flows.settings.after.hooks.0: map[hook:revoke_active_sessions]
kratos-kratos-1                      |                                           ^-- anyOf failed
kratos-kratos-1                      | 
kratos-kratos-1                      | The configuration contains values or keys which are invalid:
kratos-kratos-1                      | selfservice.flows.settings.after.hooks.0: map[hook:revoke_active_sessions]
kratos-kratos-1                      |                                           ^-- doesn't validate with "#/definitions/selfServiceWebHook"
kratos-kratos-1                      | 
kratos-kratos-1                      | The configuration contains values or keys which are invalid:
kratos-kratos-1                      | selfservice.flows.settings.after.hooks.0: map[hook:revoke_active_sessions]
kratos-kratos-1                      |                                           ^-- validation failed
kratos-kratos-1                      | 
kratos-kratos-1                      | The configuration contains values or keys which are invalid:
kratos-kratos-1                      | selfservice.flows.settings.after.hooks.0.config: <nil>
kratos-kratos-1                      |                                                  ^-- one or more required properties are missing
kratos-kratos-1                      | 
kratos-kratos-1                      | The configuration contains values or keys which are invalid:
kratos-kratos-1                      | selfservice.flows.settings.after.hooks.0.hook: revoke_active_sessions
kratos-kratos-1                      |                                                ^-- value must be "web_hook"
Thank you 🙂
s
not every hook is allowed everywhere, why would you run this after settings??
b
After password update user is redirected to login page but because of 
ory_kratos_session
exist in cookie user get logged-in directly 👀
s
b
Hi @steep-lamp-91158 Thanks for quick response and resources, although i have tried with 
privileged_session_max_age
to 1m but still after 1m i am getting the user identity with same session 🤔
s
i am getting the user identity with same session
what do you mean by that? after 1m the session is not considered privileged anymore, but it is still a valid session
b
Okay gotcha! could you please help me with how can I re-authenticate user after password update?
s
to do it every time, set the 
privileged_session_max_age
to 0
then the session is never privileged
b
Okay! let me try. Thanks!
13 Views
Open in Slack
PreviousNext
Powered by