-
|
I have a weird use case where an identifier (username/email) as well as password are required to login outside of the website where OIDC is not available. Is there any supported, non-hacky way to use sign-up via OIDC, but require the user to also give a password? This would be done on the website, and the identifier/password can be used elsewhere. I don't think this is a thing (or if it is, not recommended), but I thought I'd ask anyway. Thanks 🙂 |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Hello, in Ory Kratos 0.8 (to be released soon) we have added a list of authentication methods to the session. If a user signs in using oidc, you could redirect him to the login endpoint to request login again (with e.g. a password). In the session, there is a reference of the methods used. So yes, this should be possible but it will require a bit of work on your end (in your application) to check the session and initiate the appropriate steps (e.g. redirect to login). |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for the swift responses and keep up the good work 😃 |
Beta Was this translation helpful? Give feedback.
Hello, in Ory Kratos 0.8 (to be released soon) we have added a list of authentication methods to the session. If a user signs in using oidc, you could redirect him to the login endpoint to request login again (with e.g. a password). In the session, there is a reference of the methods used. So yes, this should be possible but it will require a bit of work on your end (in your application) to check the session and initiate the appropriate steps (e.g. redirect to login).