Hello!
I’m new to Kratos a need an advice.
I have a case where each user of the system can be part of a organisation and can have a role in it (admin, normal member, etc).
I thought that I should add this in identity schema as traits:
"staff": {
"type": "array",
"items": {
"type": "object",
"properties": {
"org": {
"type": "string",
"pattern": "^[a-z0-9_-]+$",
"minLength": 1
},
"role": {
"type": "string",
"enum": ["admin", "member"]
}
}
}
}
However, when I use selfservice node app to register such user, the kratos registration flow asks for these role fields in the form. Of course, I do not want to ask a registering user to specify their role and in which org, I want to do this in the backend code.
I could perhaps remove the staff fields from the set of required fields, but I am afraid this is just hiding the problem visually, and I am opening some sort of security hole here - the kratos api server expects to be given this information.
Should I mess with the fields required by the self service flows? I guess I shouldn’t. But then - how should I add these pieces of information to user data? I am clearly missing something here. Help!
