You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently any user in Kratos can login through and OAuth2Client in Hydra, making it difficult to distinguish which clients are allowed to be used for user logins and to limit which applications a user can login to.
We need to add an endpoint that a Kratos login blocking webhook can target that check if the login request is originating from a Hydra OAuth2Client. If this is the case, our backend will query Keto to check if the subject (user) is allowed to login through that OAuth2Client.
The text was updated successfully, but these errors were encountered:
Currently any user in Kratos can login through and OAuth2Client in Hydra, making it difficult to distinguish which clients are allowed to be used for user logins and to limit which applications a user can login to.
We need to add an endpoint that a Kratos login blocking webhook can target that check if the login request is originating from a Hydra OAuth2Client. If this is the case, our backend will query Keto to check if the subject (user) is allowed to login through that OAuth2Client.
The text was updated successfully, but these errors were encountered: