Browser redirect flows is missing recovery redirect option in documentation + as configuration

Open RubenWerdmuller opened this issue 2 years ago • 0 comments

Preflight checklist

[X] I could not find a solution in the existing issues, docs, nor discussions.
[X] I agree to follow this project's Code of Conduct.
[X] I have read and am following this repository's Contribution Guidelines.
[X] I have joined the Ory Community Slack.
[X] I am signed up to the Ory Security Patch Newsletter.

Ory Network Project

No response

Describe the bug

The recovery flow default_browser_return_url doesn't work as expected.

Using the latest front-end SDK and after filling in this variable for the recovery in the Kratos configuration, the redirect goes to the settings page. This is expected to happen after filling in the recovery code that is received through e-mail.

The documentation is also missing information about redirecting after the recovery flows.

Reproducing the bug

Setup a regular Kratos project, including courier, with a next.js front-end that uses the kratos client SDK
Use the following config, and test the redirect_url after finishing the recovery flow and inputting the code

Relevant log output

No response

Relevant configuration

flows:
        error:
          ui_url: http://localhost:3000/error

        settings:
          required_aal: aal1
          ui_url: http://localhost:3000/settings
          privileged_session_max_age: 15m

        recovery:
          enabled: true
          ui_url: http://localhost:3000/recovery-code
          use: code
          notify_unknown_recipients: false
          after:
            default_browser_return_url: http://localhost:3000/recovery-new-password

        verification:
          enabled: true
          ui_url: http://localhost:3000/verification
          after:
            default_browser_return_url: http://localhost:3000/

        logout:
          after:
            default_browser_return_url: http://localhost:3000/login

        login:
          ui_url: http://localhost:3000/login
          lifespan: 10m
          after:
            password:
              hooks:
                - hook: require_verified_address

        registration:
          lifespan: 10m
          ui_url: http://localhost:3000/registration

Version

latest

On which operating system are you observing this issue?

None

In which environment are you deploying?

None

Additional Context

No response

Oct 26 '23 12:10 RubenWerdmuller