ory-account-experience/kratos.yml

version: v0.11.1

dsn: memory

oauth2_provider:
  url: "http://hydra:4445"

serve:
  public:
    base_url: http://e1r2p1.clusters.42paris.fr:4433/
    cors:
      enabled: true
  admin:
    base_url: http://kratos:4434/

selfservice:
  default_browser_return_url: http://e1r2p1.clusters.42paris.fr:4455
  allowed_return_urls:
    - http://e1r2p1.clusters.42paris.fr:4455

  methods:
    password:
      enabled: true
    totp:
      config:
        issuer: Kratos
      enabled: true
    lookup_secret:
      enabled: true
    link:
      enabled: true
    code:
      enabled: true

  flows:
    error:
      ui_url: http://e1r2p1.clusters.42paris.fr:4455/error

    settings:
      ui_url: http://e1r2p1.clusters.42paris.fr:4455/settings
      privileged_session_max_age: 15m
      required_aal: highest_available

    recovery:
      enabled: true
      ui_url: http://e1r2p1.clusters.42paris.fr:4455/recovery
      use: code

    verification:
      enabled: true
      ui_url: http://e1r2p1.clusters.42paris.fr:4455/verification
      use: code
      after:
        default_browser_return_url: http://e1r2p1.clusters.42paris.fr:4455

    logout:
      after:
        default_browser_return_url: http://e1r2p1.clusters.42paris.fr:4455/login

    login:
      ui_url: http://e1r2p1.clusters.42paris.fr:4455/login
      lifespan: 10m

    registration:
      lifespan: 10m
      ui_url: http://e1r2p1.clusters.42paris.fr:4455/registration
      after:
        password:
          hooks:
            - hook: session

log:
  level: debug
  format: text
  leak_sensitive_values: true

secrets:
  cookie:
    - PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
  cipher:
    - 32-LONG-SECRET-NOT-SECURE-AT-ALL

ciphers:
  algorithm: xchacha20-poly1305

hashers:
  algorithm: bcrypt
  bcrypt:
    cost: 8

identity:
  default_schema_id: default
  schemas:
    - id: default
      url: file:///etc/config/kratos/identity.schema.json

courier:
  smtp:
    connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true