https://www.ory.sh/ logo
Join Slack
Powered by
Hey, is it possible to have Kratos running on a sp...
# ory-selfhosting
w
Hey, is it possible to have Kratos running on a specific domain, and also allow for e.g. http://localhost:3000 to be an allowed url? I have added it to public.cors.allowed_origins and selfservice.allowed_return_urls, but still receive cors error
m
You did include port in allowed origins right?
w
Here is my current config
Copy code
ciphers:
  algorithm: xchacha20-poly1305
cookies:
  domain: test.example.domain
  path: /
  same_site: Lax
courier:
  smtp: {}
hashers:
  algorithm: bcrypt
  bcrypt:
    cost: 8
identity:
  default_schema_id: default
  schemas:
  - id: default
    url: file:///etc/config/identity.default.schema.json
log:
  format: text
  leak_sensitive_values: true
  level: debug
selfservice:
  allowed_return_urls:
  - https://*.test.example.domain
  - <https://my-app.test.example.domain>
  - <https://selfservice.test.example.domain>
  - <http://selfservice.test.example.domain>
  - <http://localhost:3000>
  - <http://localhost:3001>
  default_browser_return_url: <https://my-app.test.example.domain>
  flows:
    error:
      ui_url: <http://my-app.test.example.domain/error>
    login:
      after:
        default_browser_return_url: <https://my-app.test.example.domain/>
      lifespan: 10m
      ui_url: <https://my-app.test.example.domain/>
    logout:
      after:
        default_browser_return_url: <http://my-app.test.example.domain/>
    recovery:
      enabled: false
      ui_url: <http://my-app.test.example.domain/recovery>
    registration:
      after:
        password:
          hooks:
          - hook: session
      lifespan: 10m
      ui_url: <http://my-app.test.example.domain/registration>
    settings:
      privileged_session_max_age: 15m
      ui_url: <http://my-app.test.example.domain/settings>
    verification:
      after:
        default_browser_return_url: <http://my-app.test.example.domain/>
      enabled: false
      ui_url: <http://my-app.test.example.domain/verification>
serve:
  admin:
    port: 4434
  public:
    base_url: <https://kratos.test.example.domain>
    cors:
      allowed_headers:
      - Authorization
      - Cookie
      - Content-Type
      - X-Session-Token
      allowed_methods:
      - POST
      - GET
      - PUT
      - PATCH
      - DELETE
      allowed_origins:
      - <https://test.example.domain>
      - https://*.test.example.domain
      - <http://localhost:3000>
      - <http://localhost:3001>
      enabled: true
      exposed_headers:
      - Content-Type
      - Set-Cookie
    port: 4433
m
Hey @wooden-solstice-76862 Check out this troubleshooting document: https://www.ory.sh/docs/troubleshooting/csrf
Open in Slack
PreviousNext
Powered by