Git Product home page Git Product logo

ory-hydra-with-kratos-idp's Introduction

Ory Hydra and Kratos

Logo

About Project

This project is a containerized setup for running ORY Kratos and ORY Hydra locally for development and testing purposes.

Usage

  1. Clone this repository to your local machine.
git clone https://github.com/konstantin-evo/ory-hydra-with-kratos-idp.git
  1. Navigate to the project directory.
  2. Starting ORY Kratos
docker-compose -f docker-compose-kratos.yml up -d
  1. Starting ORY Hydra
docker-compose -f docker-compose-hydra.yml up -d

After running the application, the services will be available on the following ports:

Port Description
4433 Kratos public URL
4434 Kratos admin URL
4444 Hydra public URL
4445 Hydra admin URL
4455 Kratos UI: Kratos sign up, sign in, logout

Configuration

  1. docker-compose-kratos.yml:
  • Sets up services related to ORY Kratos, including migrations and UI.
  • Defines volumes for SQLite database and configuration files.
  1. docker-compose-hydra.yml:
  • Sets up services related to ORY Hydra, including migrations and API endpoints.
  • Defines volumes for SQLite database and configuration files.
  1. kratos.yml (inside the config folder):
  • Configuration file for ORY Kratos service.
  • Specifies database connection, cookie settings, identity schemas, SMTP settings, and OAuth2 provider URL.
  1. hydra.yml (inside the config folder):
  • Configuration file for ORY Hydra service.
  • Specifies database connection, CORS settings, public and admin endpoints, identity schemas, and OAuth2 provider settings.
  1. identity.schema.json (inside the config/kratos folder):
  • JSON schema defining the structure of identity data expected by ORY Kratos.
  • Includes properties like email with validation rules.

Each configuration file plays a crucial role in setting up and customizing the behavior of the ORY Kratos and ORY Hydra services, including database connections, API endpoints, security settings, and identity schemas. These files are essential for running the project locally and managing user authentication and authorization processes.

Postman collection

All necessary requests are available in the Ory Hydra - Kratos API.postman_collection.json collection.

Below are a few basic requests along with descriptions to help you get started quickly:

  1. Create Client in Hydra

This request creates a client in Hydra, allowing you to authenticate and obtain tokens for API access.

- Endpoint: `http://localhost:4445/admin/clients`
- Method: POST
- Headers:
    - Content-Type: application/json
    - Accept: application/json
- Body:
{
  "grant_types": [
    "authorization_code",
    "refresh_token"
  ],
  "redirect_uris": [
    "http://127.0.0.1:8080/callback"
  ],
  "response_types": [
    "code",
    "id_token"
  ],
  "scope": "openid offline",
  "token_endpoint_auth_method": "none"
}
  1. Authenticate and Get Authorization Code

Redirects to the authorization endpoint to authenticate and obtain an authorization code.

- Endpoint: `http://127.0.0.1:4444/oauth2/auth`
- Method: GET
- Parameters:
    - client_id: Your client ID
    - redirect_uri: Redirect URI after authentication
    - response_type: code
    - scope: offline openid
- Headers:
    - Accept: application/json
  1. Exchange Authorization Code for Access Token

Exchanges the obtained authorization code for an access token.

- Endpoint: `http://127.0.0.1:4444/oauth2/token`
- Method: POST
- Headers:
    - Content-Type: application/x-www-form-urlencoded
    - Accept: application/json
- Body:
grant_type=authorization_code
&client_id=YourClientID
&code=AuthorizationCode
&redirect_uri=http://127.0.0.1:5555/callback
  1. Introspect Token

Validates and introspects the access token.

- Endpoint: `http://localhost:4445/admin/oauth2/introspect`
- Method: POST
- Headers:
    - Content-Type: application/x-www-form-urlencoded
    - Accept: application/json
- Body:
token=YourAccessToken
&scope=offline openid
  1. Create Identity in Kratos

Creates a user identity in Kratos with the specified credentials.

- Endpoint: `http://127.0.0.1:4434/admin/identities`
- Method: POST
- Headers:
    - Content-Type: application/json
    - Accept: application/json
    - Authorization: Bearer YourAPIKey
- Body:
{
  "schema_id": "default",
  "traits": {
    "email": "[email protected]"
  },
  "credentials": {
    "password": {
      "config": {
        "hashed_password": "$2a$12$xBWtJ38zTL.5GB661P/MN.PfMrAaWbEwci5y2fUE9bR4dF/GRUxdm"
      }
    }
  }
}

These basic requests cover client setup, authentication, token management, token introspection, and user identity creation in Hydra and Kratos APIs. Adjust the parameters and endpoints as needed for your specific application.

ory-hydra-with-kratos-idp's People

Contributors

konstantin-evo avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.