Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!
This release addresses further important security updates in the base Docker Images. We also resolved all issues related to ARM support on both Linux and macOS and fixed a bug that prevent the binary from compiling on FreeBSD.
This release also makes use of our new build architecture which means that the Docker Images names have changed. We removed the "scratch" images as we received frequent complaints about them. Additionally, all Docker Images have now, per default, SQLite support built-in. If you are relying on the SQLite images, update your Docker Pull commands as follows:
- docker pull oryd/kratos:{version}-sqlite
+ docker pull oryd/kratos:{version}
Additionally, all passwords now have to be at least 8 characters long, following recommendations from Microsoft and others.
In v0.8.1-alpha.1 we failed to include all the exciting things that landed, so we'll cover them now!
Enjoy this release!
Add missing sample app paths to oathkeeper config (#2058) (a527db4):
Add "welcome,registration,login,verification" and "**.png" to the paths oathkeeper forwards to self service ui.
After release hooks (56c2e61)
Goreleaser after hook (c763f2b)
Goreleaser config (7099af2):
Release hook (90bd769)
docker pull oryd/kratos:v0.8.2-alpha.1
docker pull oryd/kratos:v0
docker pull oryd/kratos:v0.8
docker pull oryd/kratos:v0.8.2
Artifacts can be verified with cosign using this public key.
This maintenance release important security updates for the base Docker Images (e.g. Alpine). Additionally, several hiccups with the new ARM support have been resolved and the binaries are now downloadable for all major platforms. Please note that passwords now have to be at least 8 characters long, following recommendations from Microsoft and others.
Enjoy this release!
To celebrate this change, we cleaned up the ways you install Ory software, and will roll this out to all other projects soon:
There is now one central brew / bash curl repository:
-brew install ory/kratos/kratos
+brew install ory/tap/kratos
-bash <(curl https://raw.githubusercontent.com/ory/kratos/master/install.sh)
+bash <(curl https://raw.githubusercontent.com/ory/meta/master/install.sh) kratos
Add error.id to invalid cookie/token settings flow (#1919) (73610d4), closes #1888
Adds missing webauthn authentication method (#1914) (44892f3)
Allow use of relative URLs in config (#1754) (5f73bb0), closes #1446
Bodget docs commit (f9d2f82)
Build docs on release (2cf137a)
Include text label for link email field (07a1dbb), closes #1909
Panic on webhook with nil body (#1890) (4bf1825), closes #1885
Paths (8c852c7)
Require minimum length of 8 characters password (#2009) (bb5846e):
Kratos follows NIST Digital Identity Guidelines - 5.1.1.2 Memorized Secret Verifiers and password policy says
Passwords must have a minimum length of 8 characters and all characters (unicode, ASCII) must be allowed.
Set dockerfile (c860b99)
Skip docs publishing for pre releases (eb6d8cd)
Speed up git clone (d3e4bde)
Update docs after release (850be90)
Update sdk orb (94e12e6)
Use bcrypt for password hashing in example (a9196f2)
Use new ory installation method (09cfc7e)
Add Content-Type
to recommended CORS allowed headers (#2015) (dd890ab)
Add subdomain configuration in csrf page (#1896) (681750f):
Add some instructions as to how kratos can be configured to work across subdomains.
Remove unintended characters in subdomain section in csrf page (#1897) (dfb9007)
Add alpine dockerfile (587eaee)
Add new goreleaser build chain (#1932) (cf1714d):
This patch adds full compatibility with ARM architectures, including Apple Silicon (M1). We additionally added cryptographically signed signatures verifiable using cosign for both binaries as well as docker images.
Add quickstart mimicking hosted ui (813fb4c)
Add x-total-count to paginated pages (b633ec3)
Advanced e-mail templating support (#1859) (54b97b4), closes #834 #925
Allow wildcard domains for redirect_to checks (#1528) (349cdcf), closes #943:
Support wildcard domains in redirect_to checks.
cmd: Add OIDC credential include (#2017) (1482844):
With this change, the kratos identities get
CLI can additionally fetch OIDC credentials.
Configurable health endpoints access logging (#1934) (1301f68):
This PR introduces a new boolean configuration parameter that allows turning off logging of health endpoints requests in the access log. The implementation is basically a rip-off from Ory Hydra and the configuration parameter is the same:
serve.public.request_log.disable_for_health
serve.admin.request_log.disable_for_health
The default value is false.
Make admin recovery to work without emails #1419 (#1750) (db00e85)
Content-Type
to recommended CORS allowed headers (#2015)docker pull oryd/kratos:v0.8.1-alpha.1
docker pull oryd/kratos:v0
docker pull oryd/kratos:v0.8
docker pull oryd/kratos:v0.8.1
Artifacts can be verified with cosign using this public key.
Resolves issues in the quickstart.
273785a5 autogen(docs): generate and format documentation 928f6564 autogen(docs): generate cli docs 639e8415 autogen: add v0.8.0-alpha.2 to version.schema.json a307deb6 autogen: pin v0.8.0-alpha.3 release commit 7e091469 autogen: pin v0.8.0-alpha.3 release commit d0470095 fix: resolve quickstart issues (#1900)
docker pull oryd/kratos:v0-sqlite
docker pull oryd/kratos:v0.8-sqlite
docker pull oryd/kratos:v0.8.0-sqlite
docker pull oryd/kratos:v0.8.0-alpha.3-sqlite
docker pull oryd/kratos:latest-sqlite
docker pull oryd/kratos:v0
docker pull oryd/kratos:v0.8
docker pull oryd/kratos:v0.8.0
docker pull oryd/kratos:v0.8.0-alpha.3
Resolves an issue in the SDK release pipeline.
fb5a5233 autogen(docs): generate and format documentation 833f14f8 autogen(docs): update milestone document 87923d09 autogen: add v0.8.0-alpha.1 to version.schema.json 21789297 autogen: pin v0.8.0-alpha.2 release commit 76403d8e ci: bump sdk orb
docker pull oryd/kratos:v0-sqlite
docker pull oryd/kratos:v0.8-sqlite
docker pull oryd/kratos:v0.8.0-sqlite
docker pull oryd/kratos:v0.8.0-alpha.2-sqlite
docker pull oryd/kratos:latest-sqlite
docker pull oryd/kratos:v0
docker pull oryd/kratos:v0.8
docker pull oryd/kratos:v0.8.0
docker pull oryd/kratos:v0.8.0-alpha.2
Resolves further issues in the SDK and release pipeline.
97734553 autogen(docs): generate and format documentation 83062ecb autogen: add v0.7.5-alpha.1 to version.schema.json 8b0d1ee6 autogen: pin v0.7.6-alpha.1 release commit
docker pull oryd/kratos:v0-sqlite
docker pull oryd/kratos:v0.7-sqlite
docker pull oryd/kratos:v0.7.6-sqlite
docker pull oryd/kratos:v0.7.6-alpha.1-sqlite
docker pull oryd/kratos:latest-sqlite
docker pull oryd/kratos:v0
docker pull oryd/kratos:v0.7
docker pull oryd/kratos:v0.7.6
docker pull oryd/kratos:v0.7.6-alpha.1
docker pull oryd/kratos:latest
Primarily resolves issues in the SDK pipeline.
b0929b04 autogen(docs): generate and format documentation 5d618344 autogen(docs): generate and format documentation 71dcfcaa autogen(docs): update milestone document 20edaaa2 autogen: add v0.7.4-alpha.1 to version.schema.json 3a741a5e autogen: pin v0.7.5-alpha.1 release commit e612c97c chore: update docusaurus template 7d47d053 ci: add test runner for SDKs (#1732)
docker pull oryd/kratos:v0-sqlite
docker pull oryd/kratos:v0.7-sqlite
docker pull oryd/kratos:v0.7.5-sqlite
docker pull oryd/kratos:v0.7.5-alpha.1-sqlite
docker pull oryd/kratos:latest-sqlite
docker pull oryd/kratos:v0
docker pull oryd/kratos:v0.7
docker pull oryd/kratos:v0.7.5
docker pull oryd/kratos:v0.7.5-alpha.1
docker pull oryd/kratos:latest
This release adds the GitHub-app provider, improves SQL instrumentation, resolves an expired flow bug, and resolves documentation issues.
f44e7af6 autogen(docs): generate and format documentation c7a019fc autogen(docs): generate and format documentation 5044ba90 autogen(docs): generate and format documentation f5d9d0ec autogen(docs): generate and format documentation 9ec8bf57 autogen(docs): generate and format documentation daa4d5d3 autogen(docs): regenerate and update changelog f4c00f4c autogen(docs): regenerate and update changelog b6a10330 autogen(docs): regenerate and update changelog b344b605 autogen(docs): regenerate and update changelog cc6c1c3d autogen(docs): regenerate and update changelog 785d930a autogen(docs): update milestone document 0da20065 autogen(docs): update milestone document 9fbc78c1 autogen(docs): update milestone document 246b7dad autogen(docs): update milestone document 4f05d64e autogen(openapi): Regenerate openapi spec and internal client 93bbde8f autogen(openapi): Regenerate openapi spec and internal client e7a237af autogen: add v0.7.3-alpha.1 to version.schema.json 67ff8a94 autogen: pin v0.7.4-alpha.1 release commit 6fe79da9 chore: update docusaurus template e14d1fc7 chore: update repository templates (#1680) c2c5a588 chore: update repository templates (#1701) 64c9b766 ci: bump goreleaser (#1730) a9134192 ci: bump goreleaser orb (#1728) 2b749d39 docs: add e2e quickstart a44089a5 docs: browser redirects (#1700) 9021805c docs: mark logout_url always available 79c132c5 docs: minor improvements (#1707) fb1fe8c4 feat(oidc): github-app provider (#1711) 9e6fbdd0 feat: making use of the updated instrumentedsql version (#1723) 6152363c fix: corret sdk annotations for enums 6ea56785 fix: do not panic if cookiemanager returns a nil cookie 394a8de9 fix: respect return_to in expired flows (#1697) 05312203 test(session): resolve incorrect assertion
docker pull oryd/kratos:v0-sqlite
docker pull oryd/kratos:v0.7-sqlite
docker pull oryd/kratos:v0.7.4-sqlite
docker pull oryd/kratos:v0.7.4-alpha.1-sqlite
docker pull oryd/kratos:latest-sqlite
docker pull oryd/kratos:v0
docker pull oryd/kratos:v0.7
docker pull oryd/kratos:v0.7.4
docker pull oryd/kratos:v0.7.4-alpha.1
docker pull oryd/kratos:latest
b9a2bfd4 autogen(docs): generate and format documentation dd2e826d autogen(docs): generate and format documentation 2cb678c8 autogen(docs): generate and format documentation f928ac15 autogen(docs): generate and format documentation b863a829 autogen(docs): generate and format documentation ca152002 autogen(docs): generate and format documentation 2f488ab5 autogen(docs): generate and format documentation 6bb5aa7c autogen(docs): generate and format documentation c7352db8 autogen(docs): generate and format documentation 60d848d1 autogen(docs): generate cli docs 6d56917e autogen(docs): regenerate and update changelog 78269d14 autogen(docs): regenerate and update changelog 57f27311 autogen(docs): regenerate and update changelog 1bfd22bd autogen(docs): regenerate and update changelog ceb1fb16 autogen(docs): regenerate and update changelog c9fb0d4b autogen(docs): regenerate and update changelog 4259a0c3 autogen(docs): regenerate and update changelog b4dfa2b6 autogen(docs): regenerate and update changelog af98e2e1 autogen(docs): regenerate and update changelog f7393d5e autogen(docs): regenerate and update changelog 1aaf6c07 autogen(docs): regenerate and update changelog 814a9c01 autogen(docs): update milestone document 4ce03f25 autogen(docs): update milestone document 80c2fbeb autogen(docs): update milestone document c1180702 autogen(docs): update milestone document 4822a306 autogen(docs): update milestone document b6215a04 autogen(docs): update milestone document 513d527c autogen(docs): update milestone document 1ba6c4ac autogen(docs): update milestone document ad49e5dd autogen(docs): update milestone document 3eb87bc4 autogen(docs): update milestone document 6eb540f4 autogen(docs): update milestone document 11bdc4a8 autogen(docs): update milestone document cc34996b autogen: add v0.7.1-alpha.1 to version.schema.json 16787fc2 autogen: pin v0.7.2-alpha.1 release commit b5ad53ec autogen: pin v0.7.3-alpha.1 release commit 158cf374 chore: adjust CODEOWNERS 1a912c6b chore: update docusaurus template 8ab3c2fc chore: update docusaurus template (#1607) 6d80d12e chore: update docusaurus template (#1622) 2fcfdff9 chore: update repository templates (#1608) e995cc60 chore: update repository templates (#1640) 6b582784 docs: Fixes incorrect yaml identation (#1641) dc32720d docs: Update docker.md - Outdated information (#1627) 09c403e5 docs: change model to schema (#1639) bbeb6132 docs: fix func naming for Logout flow (#1676) 9bc2fd08 docs: fix stub error example (#1642) 641eba67 docs: identity traits are visible to user (#1621) bae1847e docs: make qickstart URLs consistent (playground vs. localhost) (#1626) 51b13117 feat: allow multiple webhook body sources (#1606) 1cf61cde feat: require verified address (#1355) f6b3aa45 fix(docs): ensure config reference is updated da214b29 fix(sdk): use proper annotation for genericError (#1611) 05256232 fix: add new message when refresh parameter is true (#1560) 639a7dd5 fix: add session in spa registration if session cook is configured (#1657) 85337bf6 fix: facebook sign in regression (#1689) b21bd224 fix: http context memory leak 149101ed fix: outdated label (#1681) 45c28d99 fix: register argon2 CLI commands properly (#1592) cdb30bb6 fix: remove session cookie on logout (#1587) a6672554 fix: skip prompt on discord authorization by default (#1594) db54a1bd fix: static parameter for warning message in config.baseURL(...) (#1673) 64c90bf5 fix: update csrf token cookie name (#1601) de5fb3e5 fix: use eager preloading for list identites endpoint (#1588)
docker pull oryd/kratos:v0-sqlite
docker pull oryd/kratos:v0.7-sqlite
docker pull oryd/kratos:v0.7.3-sqlite
docker pull oryd/kratos:v0.7.3-alpha.1-sqlite
docker pull oryd/kratos:latest-sqlite
docker pull oryd/kratos:v0
docker pull oryd/kratos:v0.7
docker pull oryd/kratos:v0.7.3
docker pull oryd/kratos:v0.7.3-alpha.1
docker pull oryd/kratos:latest
f557328d autogen(docs): generate and format documentation 608c9198 autogen(docs): generate and format documentation 52434d39 autogen(docs): generate and format documentation de22a1ca autogen(docs): generate cli docs eb11e428 autogen(docs): regenerate and update changelog dacd5ccc autogen(docs): regenerate and update changelog 16ed9434 autogen(docs): regenerate and update changelog 16fb20e6 autogen(docs): regenerate and update changelog 9bd8d019 autogen(docs): regenerate and update changelog 603ca408 autogen(docs): regenerate and update changelog 1c84205d autogen(docs): update milestone document e2f6ca46 autogen(docs): update milestone document 18448ff0 autogen(docs): update milestone document 696fd685 autogen(docs): update milestone document 8cb65bdd autogen(docs): update milestone document a040a0dd autogen: add v0.7.0-alpha.1 to version.schema.json 4fe76af1 autogen: pin v0.7.1-alpha.1 release commit e8aebce3 chore: format c2a1b6df docs: add instruction for creating user (#1541) e5ea5fee docs: clarify flags in schema which are not available in config file 0bfac67a docs: fix formatting of Email and Phone Verification Flow tab content (#1536) b25bae7f docs: fix typo (#1543) 547788de docs: fix typo (#1544) cc7ed4b5 docs: update csrf pitfall flow section (#1558) fe5056e1 fix: automatic tagging for node ui aedbb5a2 fix: bump kratos ui image for quickstart 3cfd7845 fix: cleanup lint errors and add doc to x (#1545) 8d4f3ff2 fix: correct meta schema 835fb312 fix: do not reset link method (#1573) 36bbd434 fix: do not set csrf cookies on /sessions/whoami (#1580) 6af76387 fix: export extensionschemas (#1553) 6612c5f6 fix: generate CSRF token on validation creation (#1549) ba5ca642 fix: identity extension meta schema (#1554) c6145dbf fix: remove domain alias config constraint (#1542) b07927cd fix: resolve wrong openapi types 0217737f fix: update identity state openapi spec 6c13c2be fix: use legacy ssl in quickstart config 3a85a33a test: longer wait time for e2e boot
docker pull oryd/kratos:v0-sqlite
docker pull oryd/kratos:v0.7-sqlite
docker pull oryd/kratos:v0.7.1-sqlite
docker pull oryd/kratos:v0.7.1-alpha.1-sqlite
docker pull oryd/kratos:latest-sqlite
docker pull oryd/kratos:v0
docker pull oryd/kratos:v0.7
docker pull oryd/kratos:v0.7.1
docker pull oryd/kratos:v0.7.1-alpha.1
docker pull oryd/kratos:latest