Following Kratos Quickstart without Oathkeeper

ORY Kratos
#1

Is it possible to follow the quickstart tutorial at the latest pre-release without the dependency of Oathkeeper?

I’m trying to roll on my own without Oathkeeper, but I can’t seem to get over the No authorization token was found from SecureApp. My request(s) doesn’t even seem to reach Kratos. Am I doing something wrong? Or is it just designed to be that way?

If I try to call the public API endpiont of Kratos directly from the browser, something odd pops up in the logs.

INFO[0000] Config file loaded successfully.              path=/home/shine/dev/go/src/github.com/ory/kratos/contrib/quickstart/kratos/email-password/.kratos.yml
INFO[0000] Software quality assurance features are enabled. Learn more at: https://www.ory.sh/docs/ecosystem/sqa 
INFO[0000] Starting the public httpd on: 0.0.0.0:4433   
INFO[0000] Starting the admin httpd on: 0.0.0.0:4434    
INFO[0061] started handling request                      method=GET name="public#http://127.0.0.1:3000/.ory/kratos/public/" remote="127.0.0.1:47108" request=/.ory/kratos/public/browser/login
INFO[0061] completed handling request                    method=GET name="public#http://127.0.0.1:3000/.ory/kratos/public/" remote="127.0.0.1:47108" request=/.ory/kratos/public/browser/login status=404 text_status="Not Found" took="160.067µs"

This is using the kratos configuration defined for the Quickstart tutorial. The only change I made to the configuration is sed -i -e 's/4455/3000/' to point to the SecureApp running at port 3000.

Is the request supposed to go to public#http://127.0.0.1:3000? Or am I doing something wrong?

#2

No, unfortunately not.

#3

Oh, damn. Now I have all the more reason to look forward to the next release where Oathkeeper is going to be decoupled from the Kratos Quickstart tutorial :slight_smile:

#4

:slight_smile:

If you sign up to the newsletter you’ll receive an email when it’s published.

#5

I’m already following the repository :slight_smile:

1 Like
#6

Just to clarify, does this also apply to integrating Kratos with other applications without following the quickstart?

I mean, I’m trying to integrate Kratos into an existing application that already works; replacing the existing authentication module with Kratos. Is that possible or is Oathkeeper a hard dependency ( at least for now; until the next release )?

I was hoping that Kratos could be a drop-in replacement for the existing authentication module.

#8

I tried bypassing Oathkeeper and making calls directly to Kratos but it only throws HTTP 404 at me.

If I tried making a call to the public Kratos path /.ory/kratos/public/self-service/browser/flows/login via Oathkeeper ( 127.0.0.1:4455 ), it works; the redirection et al. happens just fine. But if I change that request to call Kratos directly ( 127.0.0.1:4433 ), then I get thrown HTTP 404 .

Is that by design or am I doing something wrong?

#9

Please wait for the release! I know it has been taking a lot of time but we’re very close and working with master/unstable will just cause a lot of trouble!