studio/sbbb
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(ory): configure Kratos oauth2 provider, session cookie domain, and flows

Browse Source 
- Add oauth2_provider.url pointing to hydra-admin so login_challenge
  params are accepted (fixes People OIDC login flow)
- Scope session cookie to parent DOMAIN_SUFFIX so admin.* subdomains
  share the session (fixes redirect loop on kratos-admin-ui)
- Add allowed_return_urls for admin.*, enable recovery flow, add error
  and recovery ui_url entries
- Fix KRATOS_PUBLIC_URL port in login-ui deployment (4433 → 80)
This commit is contained in:
Sienna Meridian Satterwhite
2026-03-03 11:31:00 +00:00
parent 6cc60c66ff
commit b19e553f54
2 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
base/ory/login-ui-deployment.yaml
View File

@@ -22,7 +22,7 @@ spec:
protocol: TCP
env:
- name: KRATOS_PUBLIC_URL
value: "http://kratos-public.ory.svc.cluster.local:4433"
value: "http://kratos-public.ory.svc.cluster.local:80"
- name: KRATOS_BROWSER_URL
value: "https://auth.DOMAIN_SUFFIX/kratos"
- name: HYDRA_ADMIN_URL