Angular with Firebase as frontend and Hasura as backend. What do i need from Ory?

ORY Oathkeeper
#1

Hello,
im a little confused about all these products from ory. Actually i have a relative simple setup:
Im using Firebase in Angular for Login/Register to get a JWToken with customclaims “[email protected]” and “X-Hasura-User-Roles=user” which Hasura needs to authorize the request.

Serverside i’m also using Caddy as proxy for Letsencrypt-Certificates in front of Hasura.

Now i want to get rid of Firebase for Authentication and want to replace it with i think OathKeeper.

What i need is the following:
An API to login/register/password-reset/etc to get an JWT-Token with custom claims to handle requests to hasura.

Am i right that it would be as following:
Login/Register with an API from OathKeeper which gives me back a cookie.
The Hasura-Requests from the frontend then are made with this cookie to OathKeeper, which are forwarded with a JWT to Hasura?

And can i use Caddy in this scenario in front of OathKeeper?

I am a bit confused if this is the right direction.

Thanks in advance for a short help!!!

#2

Hey,

OauthKeeper is just a proxy and does not store users & credentials.

If you want to manage Identity-Lifecycle (login/register/pass reset) then you should use Kratos for that.

You can use OauthKeeper (in conjunction with Kratos) to check if user is authenticated and if so propagate the required header to your protected services)

So:

  • User register & login to Kratos (which maintain credentials in its own DB)
  • Put OauthKeeper in front of Kratos to check auth state and propagate the auth header you need for your services.

Best.

1 Like