๐๏ธ Social sign-in `redirect_uri_mismatch` error (OTA-092022-01)
This problem affects projects created before September 2022 that use a custom domain. For newly added social sign-in providers,
๐๏ธ Invalid courier URL
If you get an error that points you to this document, it means that your email configuration (SMTP URL) is incorrect. The most
๐๏ธ CSRF troubleshooting
When you get 401 Unauthorized or 400 Bad Request responses when your application sends requests to Ory Identities APIs, it is
๐๏ธ Actions troubleshooting
This document describes common issues with Ory Actions and how to solve them.
๐๏ธ Wrong domain in magic links
After updating their custom domain, some users reported an error that caused the verification emails to come with magic links
๐๏ธ 72 character limit for BCrypt hashed secrets
BCrypt hashed passwords and secrets have a 72 character limit. This is a limitation of the BCrypt algorithm and the Golang BCrypt
๐๏ธ Social sign-in troubleshooting
'redirect_uri' mismatch
๐๏ธ Troubleshooting iframes
Iframes can pose a significant security risk for authentication services due to many attack vectors such as clickjacking, iframe
๐๏ธ OAuth2 JWT Profile
If you're experiencing issues on Ory Network related to the required audience for the
๐๏ธ OIDC requires `redirect_uri`
Starting no sooner than August 1st, 2024, Ory Network will enforce the inclusion of redirect_uri in OpenID Connect flow
๐๏ธ WebAuthn / PassKeys SecurityError
Relying party ID mismatch
๐๏ธ Troubleshooting
This is an index of the different troubleshooting guides.
๐๏ธ Identity Provider Integration Settings
Overview
๐๏ธ SDK V1 upgrade guide
We are excited to announce the release of version 1.0 of Ory's Software Development Kits (SDKs) for all major languages. As part
๐๏ธ OAuth2 first aid
Spec-compliant OAuth 2.0 and OpenID Connect is hard. Let's take a look how to resolve certain issues.
๐๏ธ Logout not working
Sometimes, calling /oauth2/sessions/logout doesn't behave as expected, for example:
๐๏ธ Client auth fails
There are multiple ways of authenticating OAuth 2.0 Clients at the /oauth2/token: