Skip to main content
Version: Next

Milestones and Roadmap

v0.8.0-alpha.1#

This milestone does not have a description.

Bug#

Something is not working.

Issues#

  • Unmable to use Auth0 as a generic OIDC provider (kratos#609)
  • Refresh Sessions Without Having to Log In Again (kratos#615) - @hackerman
  • Fetching a settings request after error is missing identity data (kratos#689) - @hackerman
  • Typescript ErrorContainer type is incorrect (kratos#782)
  • Feature Request: Have access to username in email templates (kratos#925)
  • Implement email TTL for non-working/non-existant emails (kratos#944) - @hackerman
  • panic: a handle is already registered for path '/self-service/recovery/methods/link' (kratos#1068)
  • Recovery link doesn't log out existing users (kratos#1077)

Feat#

New feature or request.

Issues#

Docs#

Affects documentation.

Issues#

  • Document that identity information (traits, etc) are available to token holders and backend systems (kratos#43) - @hackerman
  • Config JSON Schema needs example values (kratos#179) - @hackerman
  • Please clarify docs to specify that a reverse proxy is required for public usage due to lack of TLS support (kratos#791)

Rfc#

A request for comments to discuss and share ideas.

Issues#

Blocking#

Blocks milestones or other issues or pulls.

Issues#

v0.7.0-alpha.1#

This milestone does not have a description.

Bug#

Something is not working.

Issues#

  • Investigate why smtps fails but smtp does not (kratos#781) - @hackerman
  • Reloading config values does not work (kratos#804) - @hackerman
  • Account Recovery API flow requires CSRF cookie (kratos#1141) - @hackerman
  • Do not create system errors on duplicate credentials when linking oidc providers (kratos#694)
  • handle 409 error in settings flow (kratos#1107)
  • Receive the verification email every time when I update my password (kratos#1221)
  • No email validation for /verify and /recovery page. email queue is backlogged with invalid emails. (kratos#1285)

Feat#

New feature or request.

Issues#

Rfc#

A request for comments to discuss and share ideas.

Issues#

  • Prevent accidental leak of PII when Copy & Pasting of Flow URLs which include Flow IDs (kratos#1282) - @hackerman

v0.6.0-alpha.1#

This milestone does not have a description.

Bug#

Something is not working.

Issues#

  • Sending JSON to complete oidc/password strategy flows causes CSRF issues (kratos#378)
  • Password reset emails sent twice by each of the two kratos pods in my cluster (kratos#652)
  • Building From Source fails (kratos#711)
  • Quickstart is failing to mount volume kratos.yml when SELinux is enabled using Podman (kratos#831) - @hackerman
  • Add randomized constant time to every login request (kratos#832)
  • Kratos Admin API return 409 when createIdentity is called simultaneously (kratos#861) - @Patrik
  • make sdk is broken (kratos#950) - @hackerman
  • CLI navigation reference is broken (kratos#951)

Pull Requests#

  • Implement FIDO2/MFA and refactor flow payloads and identity credentials and authenticators (kratos#921) - @hackerman
  • Umbrella PR for Ory Kratos v0.6 with MFA and improved flows (#961) (kratos#1012) - @hackerman

Feat#

New feature or request.

Issues#

  • Support remote argon2 execution (kratos#357) - @hackerman
  • Feature request: adjustable thresholds on how many times a password has been in a breach according to haveibeenpwned (kratos#450)
  • Add return_to after logout (kratos#702) - @Patrik
  • Write CLI helper for recommending Argon2 parameters (kratos#723) - @Patrik
  • Add possibility to configure the "claims" query parameter in the auth_url of OIDC providers to request individial id_token claims (kratos#735)
  • Replace viper with Koanf (kratos#894) - @hackerman
  • Support dynamic return_to address on verification flow (kratos#1123)

Pull Requests#

Docs#

Affects documentation.

Issues#

Pull Requests#

Rfc#

A request for comments to discuss and share ideas.

Issues#

Blocking#

Blocks milestones or other issues or pulls.

Issues#

Pull Requests#

Last updated on by aeneasr