Release Notes March 2022
Ory Cloud is making a huge leap forward. With this release, we are proud to introduce 1:1 API and configuration compatibility between Ory Cloud and self-hosting Ory components.
We are excited to announce that Ory Cloud now has the full feature capabilities you know from self-hosting Ory components, including:
- Webhooks
- Custom E-Mail templates
- Social Sign In
- Password policies
- Disabling registration
And we have more exciting features in store for you to discover! Including importing users, performing passwordless flows, being able to manage Ory Cloud Projects from the Ory CLI, and more!
CLI
Ory's CLI is now able to manage Ory Cloud Projects easily. Let's say you want to disable registration:
ory patch project <project-id> \
--replace '/services/identity/config/selfservice/methods/password/enabled=false'
Webhooks
You can now configure webhooks for Ory Cloud projects. This feature is currently only available through the API / CLI.
Social sign-in
You can now enable social sign-in with Google, Facebook, Microsoft and GitHub in Ory Cloud Console! You can find the feature in your Dashboard >> Social Sign-in.
We will continue to add social sign-in providers to Console. In the meantime, you can also add whichever provider you need or prefer through a Generic Provider, also via the UI. This will work for any provider that is OpenID Connect compliant.
Revoke Sessions on Recovery
It is now possible to revoke all sessions of a user when the user recovers their account. This feature is currently only available through the API / CLI.
Password Policies
It is now possible to configure your password policy. For example, you can set the minimum length of passwords, disable the identifier/password similarity check, and configure the policy preventing the use of known leaked passwords. This feature is currently only available through the API / CLI.
Passwordless
Ory now supports passwordless registration and login using WebAuthn (TouchID, FaceID, YubiKey, ...)! To try out passwordless WebAuthn, enable it using the Ory CLI:
ory patch project <project-id> \
--add '/services/identity/config/selfservice/methods/webauthn/enabled=true' \
--add '/services/identity/config/selfservice/methods/webauthn/config/passwordless=true'
This feature is currently only available through the API / CLI.
SDKs
We are moving towards a unified Ory SDK which is already available for most programming languages. In the future, all cloud and self-hosted services will use the unified Ory SDK to interact with their APIs.
Please update your SDKs from kratos-client
to ory-client
Importing Identities
Ory now supports importing identities with credentials (e.g. passwords or social sign in connections).
Technical Advisories
Technical advisories help you navigate regressions or breaking changes. Please read them with care.
URL Pattern Changes
There are exciting new features in the pipeline for Ory Cloud! In particular, we are introducing 1:1 compatibility between Ory Cloud and Ory Self-Hosted. APIs, SDKs, and configuration will have full compatibility between the two variants. Features exclusive to Ory Cloud (e.g. billing, team invites) will remain untouched.
As part of this change, we have restructured the API routing. And all "legacy"
routes will continue to work. In particular, the prefixes /api/kratos
have
been stripped. What was
https://<project>.projects.oryapis.com/api/kratos/public/...
https://<project>.projects.oryapis.com/api/kratos/admin/...
previously is now
https://<project>.projects.oryapis.com/...
https://<project>.projects.oryapis.com/admin/...
All future services, such as permissioning, will be exposed at the same level. This change introduces full compatibility between the "self-hosted" and Ory Cloud SDKs, which will soon merge into one global Ory SDK.
While old SDKs will continue to work, some integrations may rely on the paths to identify the request as an Ory request. If you are checking for these URLs, please be advised that this will no longer work.
Please be aware that some of our own tooling is also affected by this change. Therefore, please update:
- The NPM package
@ory/integrations
to version>= v0.2.5
- The Ory CLI to version
>= v0.1.25
- The Ory SDK to version
>= v0.0.1-alpha.130
Social Sign In Regression
In case you already set up Social Sign In, please update your application's redirect URLs:
- https://<project>.projects.oryapis.com/api/kratos/public/self-service/methods/oidc/callback/<provider-id>
+ https://<project>.projects.oryapis.com/self-service/methods/oidc/callback/<provider-id>