Hi folks, is there any future plans for login flows to also support identity modification using webhooks? Or are you open to PRs?

Hi Galih, I don’t think it the right way to modify identity in login flow. There is registration/profile for this. Can you please provide an example there you can show such need?

We are currently building systems that build on an ETL pipeline sourced from the government's education data center to a Postgres database (let's call this database A). Currently our identities lives in a different database (database B). User metadata updates are quite frequent and includes cases like teacher school transfers, employee promotions, personal data updates, student graduations, etc.. We do have a login/registration webhook that has access to database A. The webhook retrieves data from database A using the user's email, and then sends the latest relevant traits and metadata to the Kratos update identity API. It actually works fine for now, but i just thought making login flows support identity modification would make stuff a little more neat by saving a few roundtrips 😄

Thanks for the example @fierce-farmer-49570

You are probably looking for this feature: https://www.ory.sh/docs/guides/integrate-with-ory-cloud-through-webhooks#modify-identities

According to the docs, modifying the identity is currently only possible during the registration and settings flows, while I want the traits & metadata sync/update to happen on login flows as well @gentle-thailand-50068

Ah, I see. If your usecase involves regular updates to the data, you should consider storing it in a real database. Kratos is not a database and is not intended for this kind of usage.

I see, so your suggestion is to consider keeping the users' metadata on separate databases/tables instead of duplicating them into Kratos's identity table?

We have a best practices document here: https://www.ory.sh/docs/kratos/manage-identities/best-practices