Why Ory Kratos
Ory Kratos is a headless identity server — registration, login, 2FA, account recovery, profile management. No UI lock-in. Bring your own frontend, Kratos handles the identity logic.
Quick Start with Docker
git clone https://github.com/ory/kratos.git
cd kratos
docker compose -f quickstart.yml up
Self-Service Flows
# Initialize registration flow
curl -s http://localhost:4433/self-service/registration/api | jq .
# Submit registration
curl -X POST http://localhost:4433/self-service/registration?flow=FLOW_ID \
-H 'Content-Type: application/json' \
-d '{"method": "password", "traits": {"email": "user@example.com"}, "password": "securepassword"}'
# Login
curl -s http://localhost:4433/self-service/login/api | jq .flow
curl -X POST http://localhost:4433/self-service/login?flow=FLOW_ID \
-d '{"method": "password", "identifier": "user@example.com", "password": "securepassword"}'
Identity Schema
{
"$id": "https://example.com/user.schema.json",
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "User",
"type": "object",
"properties": {
"traits": {
"type": "object",
"properties": {
"email": {
"type": "string",
"format": "email",
"title": "Email",
"ory.sh/kratos": {
"credentials": {"password": {"identifier": true}},
"verification": {"via": "email"},
"recovery": {"via": "email"}
}
},
"name": {"type": "string", "title": "Full Name"}
},
"required": ["email"]
}
}
}
Key Features
- Headless — API-first, bring your own UI
- Self-service flows — registration, login, recovery, verification, settings
- MFA — TOTP, WebAuthn, lookup secrets
- Social login — Google, GitHub, Apple, OIDC
- Webhooks — trigger on any identity event
- Open source — Apache 2.0
Ory Ecosystem
| Component | Purpose |
|---|---|
| Kratos | Identity management |
| Hydra | OAuth2/OIDC server |
| Keto | Authorization (Zanzibar) |
| Oathkeeper | API gateway/proxy |
Resources
Need to extract identity data, user metrics, or auth configs? Check out my Apify tools or email spinov001@gmail.com for custom solutions.
Top comments (0)