I’ve been exploring the Ory stack to try to build some boilerplate identity/authorization flows for cloud-native / microservices systems, and have been very impressed with the thought that has gone into all the services! I’ve had a few successful trials with Hydra and Keto, but have run into a few issues that I’m struggling to resolve with Kratos - namely with the CSRF tokens and their host associations.
I’ve put together a sample repository that can be used to reproduce my issues, but namely I’ve used my own microservices tool, Architect, to generate and execute the docker-compose to spin up the stack and give everything a resolvable hostname. For simplicity, I’ve elected not to use oathkeeper as the proxy and instead am trying to figure out what hostnames to assign to the ui-node and kratos respectively such that they interact properly with
COOKIE security mode on the ui-node. The repository and detailed reproduction instructions are in the repo:
Would someone be able to help be figure out what hosts I can assign to each service (namely kratos and the ui-node) such that CSRF checks will pass?
Thanks in advance,