diff --git a/docs/ecosystem/changelog.mdx b/docs/ecosystem/changelog.mdx index 618e0c01e3..053ce086a4 100644 --- a/docs/ecosystem/changelog.mdx +++ b/docs/ecosystem/changelog.mdx @@ -27,8 +27,8 @@ Read the changelog for Ory Network at [changelog.ory.com](https://changelog.ory. ## Roadmap -Ory is actively being developed. If you are interested in a particular project, it's best to check out the -[open issues & pull requests ](#milestones-issues-pull-requests) for that project. +Ory is actively being developed. If you are interested in a particular project, it's best to check out the open issues & pull +requests for that project. Please note that our roadmap is **subject to change**. This means that development is considering feedback both from the Open Source community as well as Ory Network users. diff --git a/docs/guides/cli/15_config-identity-service.mdx b/docs/guides/cli/15_config-identity-service.mdx index c6d7d32ea8..16f68d1f8f 100644 --- a/docs/guides/cli/15_config-identity-service.mdx +++ b/docs/guides/cli/15_config-identity-service.mdx @@ -15,7 +15,7 @@ environment to self-hosted Ory Kratos Identity Server instances. This feature is useful for fluently moving your local setup to the cloud, or for working on the configuration and testing different settings in the safety of the local development environment. -To work with the Ory Identities, you must have an active project. Use the [CLI](./config-with-cli#create-ory-cloud-project) or the +To work with the Ory Identities, you must have an active project. Use the [CLI](./10_config-with-cli.mdx) or the [Ory Console](https://console.ory.sh/) to create one. ## Export configuration from Ory Network @@ -24,8 +24,7 @@ To get your project's Ory Identities configuration, run this command: :::info -You must be signed in to an Ory Network account to perform this action. Read -[this document](./cli-basics#use-cli-with-existing-cloud-account) to learn more. +You must be signed in to an Ory Network account to perform this action. Read [this document](./05_cli-basics.mdx) to learn more. ::: diff --git a/docs/guides/cli/16_configure-oauth2-service.mdx b/docs/guides/cli/16_configure-oauth2-service.mdx index 9b872d01a3..03719087a8 100644 --- a/docs/guides/cli/16_configure-oauth2-service.mdx +++ b/docs/guides/cli/16_configure-oauth2-service.mdx @@ -15,8 +15,8 @@ environment to self-hosted Ory Hydra OAuth2 Server instances. This feature is useful for fluently moving your local setup to the cloud, or for working on the configuration and testing different settings in the safety of the local development environment. -To work with the Ory OAuth2 and OpenID, you must have an active project. Use the [CLI](./config-with-cli#create-ory-cloud-project) -or the [Ory Console](https://console.ory.sh/) to create one. +To work with the Ory OAuth2 and OpenID, you must have an active project. Use the [CLI](10_config-with-cli.mdx) or the +[Ory Console](https://console.ory.sh/) to create one. ## Export configuration from Ory Network @@ -24,8 +24,7 @@ To get your project's Ory OAuth2 and OpenID configuration, run this command: :::info -You must be signed in to an Ory Network account to perform this action. Read -[this document](./cli-basics#use-cli-with-existing-cloud-account) to learn more. +You must be signed in to an Ory Network account to perform this action. Read [this document](05_cli-basics.mdx) to learn more. ::: diff --git a/docs/guides/cli/17_configure-permission-service.mdx b/docs/guides/cli/17_configure-permission-service.mdx index 4b835cf98e..020844d3e0 100644 --- a/docs/guides/cli/17_configure-permission-service.mdx +++ b/docs/guides/cli/17_configure-permission-service.mdx @@ -15,8 +15,8 @@ to self-hosted Ory Keto instances. This feature is useful for fluently moving your local setup to Ory Network, or for working on the configuration and testing different settings in the safety of the local development environment. -To work with the Ory Permissions, you must have an active project. Use the [CLI](./config-with-cli#create-ory-cloud-project) or -the [Ory Console](https://console.ory.sh/) to create one. +To work with the Ory Permissions, you must have an active project. Use the [CLI](10_config-with-cli.mdx) or the +[Ory Console](https://console.ory.sh/) to create one. ## Export configuration from Ory Network @@ -24,8 +24,7 @@ To get your project's Ory Permissions configuration, run this command: :::info -You must be signed in to an Ory Network account to perform this action. Read -[this document](./cli-basics#use-cli-with-existing-cloud-account) to learn more. +You must be signed in to an Ory Network account to perform this action. Read [this document](05_cli-basics.mdx) to learn more. ::: diff --git a/docs/guides/custom-domains.mdx b/docs/guides/custom-domains.mdx index 89cf087939..124743df24 100644 --- a/docs/guides/custom-domains.mdx +++ b/docs/guides/custom-domains.mdx @@ -35,7 +35,7 @@ Note that the slug in the above screenshot **is an example**. You will have your The Cookie Domain is the domain cookies will be scoped to. Ory Network will issue the session cookie to this domain. This means, that the cookie is available on this domain and all subdomains. In most cases you want this to be root domain of the CNAME record -you set up. See the [Cookie configuration document](https://www.ory.com/kratos/docs/guides/configuring-cookies) and +you set up. See the [Cookie configuration document](./../kratos/guides/configuring-cookies.mdx) and [this Stack Overflow answer](https://stackoverflow.com/a/23086139). :::warning @@ -287,6 +287,6 @@ configured the custom domain `ory.your-custom-domain.com`, you should also confi :::tip To learn how to set up a custom SMTP server on the Ory Network, read -[Send emails using your SMTP server](./../kratos/emails-sms/01_sending-emails-smtp.mdx#send-emails-using-your-smtp-server). +[Send emails using your SMTP server](./../kratos/emails-sms/sending-emails-smtp#your-own-server). ::: diff --git a/docs/hydra/concepts/before-oauth2.mdx b/docs/hydra/concepts/before-oauth2.mdx index ad65618c57..e49f64616e 100644 --- a/docs/hydra/concepts/before-oauth2.mdx +++ b/docs/hydra/concepts/before-oauth2.mdx @@ -9,7 +9,7 @@ applications to access user data. :::info Good to know If you are looking for a system that implements registration, login, password reset, social sign in, profile management, 2fa, and -more, check out [Ory Identities](https://www.ory.com/identity-authentication) first! +more, check out [Ory Identities](https://www.ory.com/docs/identities) first! ::: diff --git a/docs/hydra/guides/custom-ui-oauth2.mdx b/docs/hydra/guides/custom-ui-oauth2.mdx index 655b17a640..b0186c2a4b 100644 --- a/docs/hydra/guides/custom-ui-oauth2.mdx +++ b/docs/hydra/guides/custom-ui-oauth2.mdx @@ -16,8 +16,9 @@ Network. Before you start, prepare your environment: - [Install Ory CLI](../../guides/cli/installation). -- Create an account and project in the Ory Network. Use [Ory CLI](../../guides/cli/05_cli-basics.mdx#create-ory-cloud-project) or - go to the [Ory Console](https://console.ory.sh/). +- Create an account and project in the Ory Network. Use + [Ory CLI](../../guides/cli/05_cli-basics.mdx#create-a-new-workspace-and-project) or go to the + [Ory Console](https://console.ory.sh/). - [Create an API Key](../../concepts/personal-access-token.mdx) and save it in a safe place for later use. ## Create OAuth2 client in Ory Network diff --git a/docs/hydra/guides/oauth2-clients.mdx b/docs/hydra/guides/oauth2-clients.mdx index c0199cac50..9de5b81c38 100644 --- a/docs/hydra/guides/oauth2-clients.mdx +++ b/docs/hydra/guides/oauth2-clients.mdx @@ -204,7 +204,7 @@ import dynamicCreateTs from '!!raw-loader!../../../code-examples/sdk/typescript/ -See [API documentation](../../reference/api#tag/oAuth2/operation/createOidcDynamicClient). +See [API documentation](../../reference/api#tag/oidc/operation/createOidcDynamicClient). @@ -230,7 +230,7 @@ import dynamicGetTs from '!!raw-loader!../../../code-examples/sdk/typescript/src -See [API documentation](../../reference/api#tag/oAuth2/operation/getOidcDynamicClient). +See [API documentation](../../reference/api#tag/oidc/operation/getOidcDynamicClient). @@ -254,7 +254,7 @@ import dynamicUpdateTs from '!!raw-loader!../../../code-examples/sdk/typescript/ -See [API documentation](../../reference/api#tag/oAuth2/operation/setOidcDynamicClient). +See [API documentation](../../reference/api#tag/oidc/operation/setOidcDynamicClient). @@ -278,7 +278,7 @@ import dynamicDeleteTs from '!!raw-loader!../../../code-examples/sdk/typescript/ -See` [API documentation](../../reference/api#tag/oAuth2/operation/deleteOidcDynamicClient). +See` [API documentation](../../reference/api#tag/oidc/operation/deleteOidcDynamicClient). diff --git a/docs/hydra/guides/oauth2-webhooks.mdx b/docs/hydra/guides/oauth2-webhooks.mdx index fe9362794e..f51256e441 100644 --- a/docs/hydra/guides/oauth2-webhooks.mdx +++ b/docs/hydra/guides/oauth2-webhooks.mdx @@ -123,8 +123,8 @@ Ory will perform a POST request with a JSON payload towards your endpoint. ``` `session` represents the OAuth2 session, along with the data that was passed to the -[Accept Consent Request](../../hydra/reference/api#operation/acceptConsentRequest) in the `id_token` field (only applicable to -Authorization code flows). +[Accept Consent Request](../../hydra/reference/api#tag/oAuth2/operation/acceptOAuth2ConsentRequest) in the `id_token` field (only +applicable to Authorization code flows). `request` contains information from the OAuth client's request to the token endpoint. @@ -215,7 +215,7 @@ You cannot override the token subject. By default, all custom claims are mirrored under the `ext` claim in the token. To flatten custom claims directly into the top level token instead of nesting them under `ext`, use the following -[configuration](../../oauth2-oidc/jwt-access-token#adding-custom-claims-to-top-level). +[configuration](../../oauth2-oidc/jwt-access-token.mdx#add-custom-claims-to-top-level). ### Refresh token diff --git a/docs/hydra/self-hosted/05_go.mdx b/docs/hydra/self-hosted/05_go.mdx index 884627e83b..f15f06ace3 100644 --- a/docs/hydra/self-hosted/05_go.mdx +++ b/docs/hydra/self-hosted/05_go.mdx @@ -257,103 +257,3 @@ func main() { } ``` - -### Fake TLS termination - -You can set Ory Hydra to HTTPS mode without actually accepting TLS connections, visit the -[Preparing for Production](../../hydra/self-hosted/production#tls-termination) document to learn more. The following code example -shows how to configure Ory Hydra to fake a TLS termination: - -```go -package main - -import ( - "context" - "fmt" - "net/http" - - client "github.com/ory/hydra-client-go" -) - -func main() { - - tlsTermClient := new(http.Client) - rt := WithHeader(tlsTermClient.Transport) - rt.Set("X-Forwarded-Proto", "https") - tlsTermClient.Transport = rt - - config := client.NewConfiguration() - config.Servers = []client.ServerConfiguration{ - { - URL: "https://hydra.localhost:4444", // Public API URL - }, - } - config.HTTPClient = tlsTermClient - c := client.NewAPIClient(config) - fmt.Println(c.PublicApi.RevokeOAuth2Token(context.Background()).Token("some_token").Execute()) - - // ... -} - -type withHeader struct { - http.Header - rt http.RoundTripper -} - -func WithHeader(rt http.RoundTripper) withHeader { - if rt == nil { - rt = http.DefaultTransport - } - - return withHeader{Header: make(http.Header), rt: rt} -} - -func (h withHeader) RoundTrip(req *http.Request) (*http.Response, error) { - for k, v := range h.Header { - req.Header[k] = v - } - - return h.rt.RoundTrip(req) -} - -``` - -### Skip TLS verification - -When using self-signed certificates we need to skip the TLS verification and accept all certificates. In production deployments, -you would use a certificate signed by a trusted CA. The following code example shows how to configure Ory Hydra to skip the TLS -verification: - -```go -package main - -import ( - "context" - "crypto/tls" - "fmt" - "net/http" - - client "github.com/ory/hydra-client-go" -) - -func main() { - skipTLSClient := &http.Client{ - Transport: &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, - }, - Timeout: 10, - } - config := client.NewConfiguration() - config.Servers = []client.ServerConfiguration{ - { - URL: "https://hydra.localhost:4444", // Public API URL - }, - } - config.HTTPClient = skipTLSClient - c := client.NewAPIClient(config) - fmt.Println(c.PublicApi.RevokeOAuth2Token(context.Background()).Token("some_token").Execute()) - - // ... -} - -``` diff --git a/docs/identities/get-started/account-recovery.mdx b/docs/identities/get-started/account-recovery.mdx index 1c8ff9667e..bf5335a2db 100644 --- a/docs/identities/get-started/account-recovery.mdx +++ b/docs/identities/get-started/account-recovery.mdx @@ -236,7 +236,7 @@ If the address is malformed, or well-formed but not registered as a recovery add probing the system to discover which addresses are registered. - If the address is a valid email address but not registered as a recovery address for this user, and the configuration value `selfservice.flows.recovery.notify_unknown_recipients` is enabled, an email will be sent to this address with this wording (this - can be [customized](../../kratos/emails-sms/sending-emails-smtp#send-emails-using-an-http-server)): + can be [customized](../../kratos/emails-sms/05_custom-email-templates.mdx)): > Hi, > > you (or someone else) entered this email address when trying to recover access to an account. diff --git a/docs/identities/model/manage-identity-schema.mdx b/docs/identities/model/manage-identity-schema.mdx index 71459b0c12..dbaf23f190 100644 --- a/docs/identities/model/manage-identity-schema.mdx +++ b/docs/identities/model/manage-identity-schema.mdx @@ -65,7 +65,7 @@ ory patch identity-config {your-project-id} \ Identity schemas are immutable to prevent inconsistencies in the data. This means, that you cannot update an existing schema. However, you can use the existing schema as a template to create a new schema. Simply follow the steps in -[Creating custom schemas](#creating-custom-schemas) and select the current schema as a template. +[Create custom schema](#create-custom-schema) and select the current schema as a template. It's recommended to manage identity schemas in version control. Learn more about [managing Ory Network configuration in git](../../guides/gitops). diff --git a/docs/keto/concepts/15_subjects.mdx b/docs/keto/concepts/15_subjects.mdx index 5f9beb978e..be7da438ab 100644 --- a/docs/keto/concepts/15_subjects.mdx +++ b/docs/keto/concepts/15_subjects.mdx @@ -67,6 +67,6 @@ tcp/22#access@c5b6454f-f79c-4a6d-9e1b-b44e04b56009 ``` The application must map every incoming request to a subject string that represents the attributes of the request. Ory Permissions -replies with a positive [check response](./25_api-overview.mdx#check-relation-tuple) depending on the string equality of the +replies with a positive [check response](./25_api-overview.mdx#check-relationships) depending on the string equality of the requested subject representing the attributes with the known relationships. Ory Permissions doesn't know how to interpret any information stored in relationships. The application must pre-process and map the value to the corresponding UUID. diff --git a/docs/keto/examples/olymp-file-sharing.mdx b/docs/keto/examples/olymp-file-sharing.mdx index 00e17a4fed..1728cad064 100644 --- a/docs/keto/examples/olymp-file-sharing.mdx +++ b/docs/keto/examples/olymp-file-sharing.mdx @@ -27,7 +27,7 @@ ec788a82-a12e-45a4-b906-3e69f78c94e4#owner@demeter To prepare for an important meeting with the user `athena`, `demeter` wants to share the file with fertile grounds with `athena` so that they can both read it. Therefore, he opens the "Olymp Library" and is presented with a list of all files he owns. The application will internally request all [objects](../concepts/10_objects.mdx) (file IDs) with the owner `demeter` by using the -[list-API](../concepts/25_api-overview.mdx#list-relation-tuples). The response will contain the object +[list-API](../concepts/25_api-overview.mdx#list-relationships). The response will contain the object `ec788a82-a12e-45a4-b906-3e69f78c94e4`, which the application maps to the file in question. The user `demeter` will then ask the application to share the file with `athena`. The application will translate that request into @@ -57,7 +57,7 @@ which returns the expansion tree The "Olymp Library" can then display this information to `demeter`. When `athena` wants to get the file containing fertile grounds, the application uses the -[check-API](../concepts/25_api-overview.mdx#check-relation-tuple) to verify that `athena` has access to the file before it returns +[check-API](../concepts/25_api-overview.mdx#check-relationships) to verify that `athena` has access to the file before it returns the file. This will allow `demeter` to revoke `athena`'s access at any point by deleting the corresponding relationship. This diagram illustrates the relationships in this example: diff --git a/docs/keto/quickstart.mdx b/docs/keto/quickstart.mdx index 2bdfcafa5e..9992992c61 100644 --- a/docs/keto/quickstart.mdx +++ b/docs/keto/quickstart.mdx @@ -91,7 +91,7 @@ keto check "*" view videos /cats/2.mp4 We already discussed that this request should be denied, but it's always good to see this in action. Now `cat lady` wants to change some view permissions of `/cats/1.mp4`. For this, the video service application has to show all -users that are allowed to view the video. It uses Keto's [expand-API](./concepts/25_api-overview.mdx#expand-subject-set) to get +users that are allowed to view the video. It uses Keto's [expand-API](./concepts/25_api-overview.mdx#expand-subject-sets) to get these data: ```shell diff --git a/docs/kratos/bring-your-own-ui/20_configure-ory-to-use-your-ui.mdx b/docs/kratos/bring-your-own-ui/20_configure-ory-to-use-your-ui.mdx index 1b9f47320d..8fcc48b7a9 100644 --- a/docs/kratos/bring-your-own-ui/20_configure-ory-to-use-your-ui.mdx +++ b/docs/kratos/bring-your-own-ui/20_configure-ory-to-use-your-ui.mdx @@ -13,7 +13,7 @@ Configuration URL, go to , and copy the ::: -By default, self-service flows use [Ory Account Experience](./01_overview.mdx#why-should-i-use-ory-account-experience). In the +By default, self-service flows use [Ory Account Experience](./01_overview.mdx#when-to-use-the-ory-account-experience). In the default setup, the system uses relative paths to point to the appropriate UI for every screen. The relative links that point to the Ory Account Experience follow the `/ui/{flow_name}` format. diff --git a/docs/kratos/emails-sms/05_custom-email-templates.mdx b/docs/kratos/emails-sms/05_custom-email-templates.mdx index 9ad1806fe5..2c542899dd 100644 --- a/docs/kratos/emails-sms/05_custom-email-templates.mdx +++ b/docs/kratos/emails-sms/05_custom-email-templates.mdx @@ -441,7 +441,7 @@ Bitte geben Sie den folgenden Code ein, um Ihr Konto wiederherzustellen: :::tip You can use Sprig functions in the nested templates. For security reasons, some functions are disabled in the Ory Network. -[Click here to see the list of disabled functions.](#spring-disabled) +[See the list of disabled functions here.](#creating-templates) ::: diff --git a/docs/kratos/guides/zero-trust-iap-proxy-identity-access-proxy.mdx b/docs/kratos/guides/zero-trust-iap-proxy-identity-access-proxy.mdx index d3e314acb8..efa26fdeb2 100644 --- a/docs/kratos/guides/zero-trust-iap-proxy-identity-access-proxy.mdx +++ b/docs/kratos/guides/zero-trust-iap-proxy-identity-access-proxy.mdx @@ -230,7 +230,7 @@ authenticators: #### Allowed Authorizer -The [Allowed Authenticator](../../oathkeeper/pipeline/authz#allowed) simply allows all users to access the URL. Since we don't +The [Allowed Authenticator](../../oathkeeper/pipeline/authz.md#allow) simply allows all users to access the URL. Since we don't have Role-based access control (RBAC) or an Access Control list (ACL) in place for this example, this will be enough. ```yaml title="contrib/quickstart/oathkeeper/oathkeeper.yml" diff --git a/docs/kratos/manage-identities/15_customize-identity-schema.mdx b/docs/kratos/manage-identities/15_customize-identity-schema.mdx index e02bedd0cc..c616c8fa6c 100644 --- a/docs/kratos/manage-identities/15_customize-identity-schema.mdx +++ b/docs/kratos/manage-identities/15_customize-identity-schema.mdx @@ -1016,7 +1016,7 @@ log in. The email address however represents a unique identifier and personally identifiable information (PII). An attacker could for example check if the email address `john.doe@gmail.com` is registered at for example an adult website and use that information for -blackmail (see [Account Enumeration Attacks](../concepts/security.mdx#account-enumeration-attacks)). +blackmail. The same considerations apply to using a phone number as the primary registration & login identifier. diff --git a/docs/kratos/self-service/flows/account-recovery-password-reset.mdx b/docs/kratos/self-service/flows/account-recovery-password-reset.mdx index 9bf8a09804..3cb5df3b9f 100644 --- a/docs/kratos/self-service/flows/account-recovery-password-reset.mdx +++ b/docs/kratos/self-service/flows/account-recovery-password-reset.mdx @@ -164,8 +164,8 @@ address the user provides when registering their account. Other fields inside th phone number to receive the code via an SMS. If a user has multiple recovery addresses and the `choose_recovery_address` feature flag is -[enabled](../../../identities/get-started/account-recovery.mdx#enable-the-feature-flag-choose_recovery_address-unlocks-sending-a-recovery-code-via-sms), -the process is as follows: +[enabled](../../../identities/get-started/account-recovery.mdx#enable-users-to-choose-email-or-sms-recovery-method), the process +is as follows: 1. The user enters any of their registered addresses to begin the recovery flow. 1. A masked list of their recovery addresses is displayed. Up to 10 addresses are shown. diff --git a/docs/kratos/self-service/flows/verify-email-account-activation.mdx b/docs/kratos/self-service/flows/verify-email-account-activation.mdx index cccb9231fa..93bdecbe2a 100644 --- a/docs/kratos/self-service/flows/verify-email-account-activation.mdx +++ b/docs/kratos/self-service/flows/verify-email-account-activation.mdx @@ -443,12 +443,12 @@ import CodeLinkComparison from "./_common/code-link-comparison.mdx" ## Showing the verification flow after settings, registration or login To show the verification flow directly after the user has registered, see the -[registration documentation](../../../identities/sign-in/actions.mdx#show-verification-after-successful-registration). +[registration documentation](../../../actions/require-verified-address.mdx#verification-on-sign-up). -For settings, see the [settings documentation](./user-settings.mdx#show-verification-after-updating-a-verifiable-address). +For settings, see the [settings documentation](user-settings.mdx#show-verification-form-after-updating-a-verifiable-address). And for login, see the -[login customization documentation](../../../identities/sign-in/actions.mdx#show-verification-after-login-if-address-is-not-verified-yet). +[login customization documentation](../../../actions/require-verified-address.mdx#require-verification-on-login). ## Code examples diff --git a/docs/kratos/session-management/05_session-management.mdx b/docs/kratos/session-management/05_session-management.mdx index 7a5d129ec4..fb573b6f66 100644 --- a/docs/kratos/session-management/05_session-management.mdx +++ b/docs/kratos/session-management/05_session-management.mdx @@ -83,7 +83,7 @@ allows users to log out from their account on different devices or terminate ses malicious activity. Sessions revoked by users are not deleted from the system. Instead, they become inactive. Only administrators can delete sessions -using the [administrative endpoints](#administrative-session-management). +using the [administrative endpoints](#administrative). :::info @@ -130,7 +130,7 @@ To allow users to revoke all sessions other than the currently active one, use t [revoke sessions API](../../reference/api#tag/frontend/operation/disableMyOtherSessions). Sessions revoked by users are not deleted from the system. Instead, they become inactive. -Only administrators can delete sessions [using the administrative endpoints](#administrative-session-management). +Only administrators can delete sessions [using the administrative endpoints](#administrative). :::info diff --git a/docs/polis/guides/configuring-saml-sso.mdx b/docs/polis/guides/configuring-saml-sso.mdx index ce74658bb1..1387f2fba1 100644 --- a/docs/polis/guides/configuring-saml-sso.mdx +++ b/docs/polis/guides/configuring-saml-sso.mdx @@ -48,8 +48,8 @@ Here is how Sentry does the SAML SSO configuration for their customers. ![The SAML SSO settings](../_assets/sso/sentry-metadata.png) -To create an [SSO connection with Ory Polis](../sso-flow/#2-sso-connection-api), you must pass the tenant identifier, product -name, and XML metadata. So your settings page UI must display a form to capture the XML Metadata. +To create an [SSO connection with Ory Polis](../sso-flow/index.mdx), you must pass the tenant identifier, product name, and XML +metadata. So your settings page UI must display a form to capture the XML Metadata. Typically, an Administrator user with a higher privilege does the SAML SSO configuration for their tenant. diff --git a/docs/polis/guides/frameworks/remix.mdx b/docs/polis/guides/frameworks/remix.mdx index e43f9a2241..3e8134b1be 100644 --- a/docs/polis/guides/frameworks/remix.mdx +++ b/docs/polis/guides/frameworks/remix.mdx @@ -184,8 +184,8 @@ app/auth.jackson.server.ts: https://github.com/boxyhq/jackson-remix-auth/blob/ma ### Resource routes to handle OAuth 2.0 and SSO Connections -Next, create the api files for [OAuth 2.0 flow](../../..../../sso-flow/#3-oauth-20-flow) and -[SSO Connection](../../..../../sso-flow/#2-sso-connection-api): +Next, create the api files for [OAuth 2.0 flow](../../..../../sso-flow/index.mdx#oauth-20-flow) and +[SSO Connection](../../..../../sso-flow/#sso-connection-api): ```bash app/routes $ mkdir api && cd api @@ -407,8 +407,8 @@ export const loader: LoaderFunction = async ({ request, params }) => { ## Add an SSO Connection -[Add a SAML SSO connection](../../..../../sso-flow/#21-add-connection) for [mocksaml.com](https://mocksaml.com). You can start the -app and call the connection API as shown below: +[Add a SAML SSO connection](../../..../../sso-flow/index.mdx#add-connection) for [mocksaml.com](https://mocksaml.com). You can +start the app and call the connection API as shown below:
Below adds a SAML SSO connection for https://mocksaml.com diff --git a/docs/polis/sso-flow/example-flow.mdx b/docs/polis/sso-flow/example-flow.mdx index 0022623993..f750047420 100644 --- a/docs/polis/sso-flow/example-flow.mdx +++ b/docs/polis/sso-flow/example-flow.mdx @@ -14,7 +14,7 @@ Let's see how SSO works in this case. ## Configure the SSO connection -First as the application developer, you'll need to [add](./index.mdx#21-add-connection) the SSO connections for CRM and HRM. This +First as the application developer, you'll need to [add](./index.mdx#add-connection) the SSO connections for CRM and HRM. This will be saved (marked as SAML Metadata and OIDC Metadata in the below diagram) within Ory Polis and later used to orchestrate the IdP login. @@ -31,7 +31,7 @@ Ory Polis uses the Authorization Code flow as outlined by the numbered steps bel In the case of OIDC, the response contains the authorization code that is used by Ory Polis to obtain token and userprofile from the OIDC IdP. Ory Polis generates a short lived code and stores the user profile against it. 4. The authorization code generated in the previous step is sent to the client app. -5. The client [`exchanges`](./index.mdx#32-code-exchange) the code for token and uses it to query the - [`userInfo`](./index.mdx#33-profile-request) endpoint of Ory Polis to get the complete user profile. +5. The client [`exchanges`](./index.mdx#code-exchange) the code for token and uses it to query the + [`userInfo`](./index.mdx#profile-request) endpoint of Ory Polis to get the complete user profile. ![SSO Flow](../_assets/sso-flow.png) diff --git a/docs/polis/sso-providers/generic-saml.mdx b/docs/polis/sso-providers/generic-saml.mdx index 8277e54d96..0342834639 100644 --- a/docs/polis/sso-providers/generic-saml.mdx +++ b/docs/polis/sso-providers/generic-saml.mdx @@ -8,7 +8,7 @@ sidebar_label: Generic SAML 2.0 Provider This guide explains the settings you’d need to use to configure SAML with your Identity Provider. Once this is set up you should get an XML metadata file that should then be configured using the Ory Polis -[API (or calling the API controller connection method if using Ory Polis NPM)](../sso-flow/index.mdx#21-add-connection). +[API (or calling the API controller connection method if using Ory Polis NPM)](../sso-flow/index.mdx#add-connection). > Please do not add a trailing slash at the end of the URLs. diff --git a/vercel.json b/vercel.json index 6551821f5c..0c1bee0c15 100644 --- a/vercel.json +++ b/vercel.json @@ -1226,6 +1226,11 @@ "source": "/docs/kratos/bring-your-own-ui/custom-ui-ory-elements", "destination": "/docs/getting-started/integrate-auth/nextjs-app-router-quickstart", "permanent": true + }, + { + "source": "/docs/migrate-to-ory", + "destination": "/docs/migrate-to-ory/migrate", + "permanent": false } ] }