Version: v0.4

Setting up Account Recovery and Password Reset

To set up account recovery, your Identity JSON Schema must have an email in its traits and add

{
"ory.sh/kratos": {
"recovery": {
"via": "email"
}
}
}

to it, for example:

{
"$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json",
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Person",
"type": "object",
"properties": {
"traits": {
"type": "object",
"properties": {
"email": {
"type": "string",
"format": "email",
"title": "E-Mail",
"minLength": 3,
+ "ory.sh/kratos": {
+ "recovery": {
+ "via": "email"
+ }
+ }
}
}
}
}
}

Account recovery currently supports sending out a recovery link to an email address. For this to work, you must have the courier SMTP connection configured in your ORY Kratos Config File (kratos serve -c /home/kratos/.kratos.yml):

# ORY Kratos Config File
+courier:
+ smtp:
+ connection_uri: smtps://username:password@smtp-server:1234/
# ...

You also need to enable account recovery and have the link strategy enabled:

selfservice:
strategies:
link:
# Defaults to true, so left out. If you explicitly want to disable this strategy,
# set the value to `false`.
#
# enabled: true
flows:
# login ...
# registration...
+ recovery:
+ enabled: true
+ ui_url: http://127.0.0.1:4455/recovery
# ...

That all that's needed! For more information on implementing the UI and details about the payloads, head over to the Account Recovery Documentation!

Last updated on by aeneasr