A field was modified that updates one or more credentials-related settings

larandersson · May 25, 2020, 11:52am

Hi,

I’m trying to update an identiy using the PUT /identties/{id} endpoint with the latest release of Kratos ( v0.3.0-alpha.1). For example:

curl -v -X PUT http://localhost:4434/identities/ff687251-e35d-42a1-b568-60a53927e37b -d "{\"id\":\"ff687251-e35d-42a1-b568-60a53927e37b\",\"traits\":{\"firstName\":\"John\",\"lastName\":\"Doe\",\"language\":\"English\"},\"traits_schema_id\":\"default\"}"
    < HTTP/1.1 403 Forbidden
    < Content-Type: application/json
    < Date: Mon, 25 May 2020 11:32:57 GMT
    < Content-Length: 363
    <
    {"error":{"code":403,"status":"Forbidden","reason":"A field was modified that updates one or more credentials-related settings. This action was blocked because an unprivileged method was used to execute the update. This is either a configuration issue or a bug and should be reported to the system administrator.","message":"The requested action was forbidden"}}

Not really sure what’s going on here. As far as I can see, I’m not trying to update anything credentials related?

vinckr · May 26, 2020, 1:28pm

Hey larandersson,
can you share a bit more of your configuration maybe?

I am just getting started with Kratos myself, but maybe I am able to reproduce the issue.

larandersson · May 26, 2020, 1:34pm

The only relevant piece of configuration that applies here is the identity schema, as far as I know, and here it is:
{
“$id”: “https://example.com/registration.schema.json”,
“$schema”: “http://json-schema.org/draft-07/schema#”,
“title”: “Person”,
“type”: “object”,
“properties”: {
“email”: {
“type”: “string”,
“format”: “email”,
“ory.sh/kratos”: {
“credentials”: {
“password”: {
“identifier”: true
}
},
“verification”: {
“via”: “email”
}
}
},
“firstName”: {
“type”: “string”
},
“lastName”: {
“type”: “string”
},
“phoneNumber”: {
“type”: “string”
},
“mobileNumber”: {
“type”: “string”
},
“timeZone”: {
“type”: “string”
},
“language”: {
“type”: “string”
}
}
}

There is no other configuration options that would affect the operation of trying to update an identity, as far as I can tell from available documentation.

larandersson · May 27, 2020, 10:58am

I submitted issue 435 on GitHub.

hackerman · May 27, 2020, 10:58am

I’ll be replying over there