Skip to content

feat: added first draft for identity schema selection #2270

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

feat: added first draft for identity schema selection #2270

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7d4f5af
added first draft for identity schema selection
deepakprabhakara Aug 8, 2025
c1ec310
fixed link
deepakprabhakara Aug 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
97 changes: 97 additions & 0 deletions docs/identities/model/identity-schema-selection.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
---
id: identity-schema-selection
title: Identity Schema Selection
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
title: Identity Schema Selection
title: Identity schema selection

sentence casing always when in doubt

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
title: Identity Schema Selection
title: Select identity schemas

---

```mdx-code-block
import Tabs from "@theme/Tabs"
import TabItem from "@theme/TabItem"
```

# Identity schema selection for self-service registration and login flows

Ory Kratos now supports selecting an identity schema during **registration** and **login** self-service flows by specifying a
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Ory Kratos now supports selecting an identity schema during **registration** and **login** self-service flows by specifying a
Ory Kratos now supports selecting an identity schema during registration and login self-service flows by specifying a

please use bold formatting only when talking about specific UI elements.

you can also give an LLM the README as context (or parts of it) to follow our style: https://github.com/ory/docs?tab=readme-ov-file#bolding-code-formatting

query parameter. This gives administrators more control over which schemas are used and allows multi-tenant or multi-profile
setups with distinct identity models.

This feature is available in **Ory Kratos OEL** for now and will be available in Ory Network soon.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
This feature is available in **Ory Kratos OEL** for now and will be available in Ory Network soon.

I am not sure if we should have this here, because we will 100% forget to update it later on.

Instead can we use a reusable text snippet like this one, that says something like "this feature is in preview, please reach out if you are interested" or something like that - for features that are not released in all versions of Ory yet.
IDK how you feel about this @unatasha8, there is probably a number of ways we can solve this.


## Overview

- Users or integrators can choose which schema to use by appending the `identity_schema` query parameter when initiating
registration or login flows.
- Only schemas explicitly marked as selectable via `selfservice_selectable: true` in the configuration will be accepted.
- If no schema is selected, the default schema is used (this is the existing behavior).

## How to Use
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
## How to Use
## How to use


### Registration Example
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
### Registration Example
### Registration example


**Browser flow:**
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if you want a "small" headline you can use h5, no bolding please


```
GET /self-service/registration/browser?identity_schema=schema-a
```

**API flow:**
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above


```
GET /self-service/registration/api?identity_schema=schema-a
```

### Login Example

**Browser flow:**
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above


```
GET /self-service/login/browser?identity_schema=schema-a
```

**API flow:**
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above


```
GET /self-service/login/api?identity_schema=schema-a
```

## Configuration

You must define which schemas are available for self-service selection by using the `selfservice_selectable` flag in your identity
schema configuration.

### Example Configuration
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
### Example Configuration
### Example configuration


```yaml
identity:
default_schema_id: default
schemas:
- id: default
url: file://./schemas/default.schema.json
selfservice_selectable: true

- id: schema-a
url: file://./schemas/schema-a.schema.json
selfservice_selectable: true

- id: schema-internal
url: file://./schemas/internal.schema.json
selfservice_selectable: false # This one cannot be selected by end users
```

Only schemas where `selfservice_selectable: true` will be selectable via the `identity_schema` parameter.

## Behavior Summary

- If a schema is listed and marked as selectable, it can be used in registration/login.
- If a schema is not listed or not marked as selectable, it cannot be used via query param.
- If no `identity_schema` is passed, the default schema (`default_schema_id`) is used.

## Migration Notes
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
## Migration Notes
## Migration notes

is this something we should include in all "feature" documents? @unatasha8 maybe we should come up with some template for new feature documents that engineering can use. Then these guides all look uniform.
I dont think we had a section for migration notes in any guide before, but then it does make sense to include it in a standard template maybe? or should we move this to the troubleshooting section?


- This feature is **non-breaking**. Existing flows using the default schema are unaffected.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- This feature is **non-breaking**. Existing flows using the default schema are unaffected.
- This feature is non-breaking. Existing flows using the default schema are unaffected.

- You only need to update configuration if you want to expose multiple schemas for selection.
- Schemas used internally (e.g., for admins or machine users) can remain non-selectable.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Schemas used internally (e.g., for admins or machine users) can remain non-selectable.
- Schemas used internally can remain non-selectable, for example for admin or machine users.


## Related Docs

- [Manage Identity Schema](./manage-identity-schema)
- [Customizing Identity Schemas](../../kratos/manage-identities/customize-identity-schema)
Comment on lines +94 to +97
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
## Related Docs
- [Manage Identity Schema](./manage-identity-schema)
- [Customizing Identity Schemas](../../kratos/manage-identities/customize-identity-schema)

I think this is good but I would like to solve it at once for all documents and not manually for every doc - we would also have to change hundreds of old docs with this.
the way I want to go about this is to add a tag to every document via LLM and then have a custom components that selects appropriate related docs by tag.

we can try this out soon, wdyt @unatasha8 ?

1 change: 1 addition & 0 deletions src/sidebar.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -448,6 +448,7 @@ const kratos: SidebarItemsConfig = [
"kratos/manage-identities/managing-users-identities-metadata",
"identities/model/manage-identity-schema",
"kratos/manage-identities/customize-identity-schema",
"identities/model/identity-schema-selection",
"kratos/manage-identities/best-practices",
],
},
Expand Down
Loading