Following Kratos Quickstart without Oathkeeper

Is it possible to follow the quickstart tutorial at the latest pre-release without the dependency of Oathkeeper?

I’m trying to roll on my own without Oathkeeper, but I can’t seem to get over the No authorization token was found from SecureApp. My request(s) doesn’t even seem to reach Kratos. Am I doing something wrong? Or is it just designed to be that way?

If I try to call the public API endpiont of Kratos directly from the browser, something odd pops up in the logs.

INFO[0000] Config file loaded successfully.              path=/home/shine/dev/go/src/
INFO[0000] Software quality assurance features are enabled. Learn more at: 
INFO[0000] Starting the public httpd on:   
INFO[0000] Starting the admin httpd on:    
INFO[0061] started handling request                      method=GET name="public#" remote="" request=/.ory/kratos/public/browser/login
INFO[0061] completed handling request                    method=GET name="public#" remote="" request=/.ory/kratos/public/browser/login status=404 text_status="Not Found" took="160.067µs"

This is using the kratos configuration defined for the Quickstart tutorial. The only change I made to the configuration is sed -i -e 's/4455/3000/' to point to the SecureApp running at port 3000.

Is the request supposed to go to public# Or am I doing something wrong?

No, unfortunately not.

Oh, damn. Now I have all the more reason to look forward to the next release where Oathkeeper is going to be decoupled from the Kratos Quickstart tutorial :slight_smile:


If you sign up to the newsletter you’ll receive an email when it’s published.

I’m already following the repository :slight_smile:

1 Like

Just to clarify, does this also apply to integrating Kratos with other applications without following the quickstart?

I mean, I’m trying to integrate Kratos into an existing application that already works; replacing the existing authentication module with Kratos. Is that possible or is Oathkeeper a hard dependency ( at least for now; until the next release )?

I was hoping that Kratos could be a drop-in replacement for the existing authentication module.

I tried bypassing Oathkeeper and making calls directly to Kratos but it only throws HTTP 404 at me.

If I tried making a call to the public Kratos path /.ory/kratos/public/self-service/browser/flows/login via Oathkeeper ( ), it works; the redirection et al. happens just fine. But if I change that request to call Kratos directly ( ), then I get thrown HTTP 404 .

Is that by design or am I doing something wrong?

Please wait for the release! I know it has been taking a lot of time but we’re very close and working with master/unstable will just cause a lot of trouble!