Ory website screenshot

Ory

Ory is an open source identity infrastructure platform providing OAuth2 and OpenID Connect (Hydra), identity and user management (Kratos), permissions and authorization (Keto), and a reverse proxy with policy enforcement (Oathkeeper).

4 APIs 0 Features
AuthenticationAuthorizationIdentityOAuth2OpenID ConnectOpen Source

APIs

Ory Hydra

Ory Hydra is an OAuth 2.0 and OpenID Connect server. It implements OAuth 2.0 authorization, OpenID Connect Core 1.0, and OpenID Connect Discovery for issuing and managing access...

Ory Kratos

Ory Kratos is an identity and user management system. It handles registration, login, multi-factor authentication, account recovery, verification, profile management, and identi...

Ory Keto

Ory Keto is a permission and authorization server inspired by Google Zanzibar. It provides relationship-based access control (ReBAC), role-based access control (RBAC), and acces...

Ory Oathkeeper

Ory Oathkeeper is an identity and access proxy that authenticates, authorizes, and mutates incoming HTTP(S) requests using configurable access rules backed by Hydra, Kratos, and...

Collections

Pricing Plans

Ory Plans Pricing

4 plans

PLANS

Rate Limits

Ory Rate Limits

8 limits

RATE LIMITS

FinOps

Ory Finops

FINOPS

Resources

🔗
LinkedIn
LinkedIn
🔗
Website
Website
🔗
Documentation
Documentation
👥
GitHubOrganization
GitHubOrganization
📰
Blog
Blog
🔗
MCPServer
MCPServer

Sources

Raw ↑
opencollection: 1.0.0
info:
  name: Ory Oathkeeper API
items:
- info:
    name: api
    type: folder
  items:
  - info:
      name: Lists Cryptographic Keys
      type: http
    http:
      method: GET
      url: '{{baseUrl}}/.well-known/jwks.json'
    docs: This endpoint returns cryptographic keys that are required to, for example, verify signatures of ID Tokens.
  - info:
      name: Access Control Decision API
      type: http
    http:
      method: GET
      url: '{{baseUrl}}/decisions'
    docs: '> This endpoint works with all HTTP Methods (GET, POST, PUT, ...) and matches every path prefixed with /decisions.


      This endpoint mirrors the proxy capability of ORY Oathkeeper''s proxy functionality but instead of forwarding the

      request to the upstream server, returns 200 (request should be allowed), 401 (unauthorized), or 403 (forbidden)

      status codes. This endpoint can be used to integrate with other API Proxies like Ambassador, Kong, Envoy, and many more.'
  - info:
      name: List All Rules
      type: http
    http:
      method: GET
      url: '{{baseUrl}}/rules'
      params:
      - name: limit
        value: ''
        type: query
        description: The maximum amount of rules returned.
      - name: offset
        value: ''
        type: query
        description: The offset from where to start looking.
    docs: 'This method returns an array of all rules that are stored in the backend. This is useful if you want to get a full

      view of what rules you have currently in place.'
  - info:
      name: Retrieve a Rule
      type: http
    http:
      method: GET
      url: '{{baseUrl}}/rules/:id'
      params:
      - name: id
        value: ''
        type: path
    docs: Use this method to retrieve a rule from the storage. If it does not exist you will receive a 404 error.
- info:
    name: metadata
    type: folder
  items:
  - info:
      name: Check HTTP Server Status
      type: http
    http:
      method: GET
      url: '{{baseUrl}}/health/alive'
    docs: 'This endpoint returns a HTTP 200 status code when Ory Oathkeeper is accepting incoming

      HTTP requests. This status does currently not include checks whether the database connection is working.


      If the service supports TLS Edge Termination, this endpoint does not require the

      `X-Forwarded-Proto` header to be set.


      Be aware that if you are running multiple nodes of this service, the health status will never

      refer to the cluster state, only to a single instance.'
  - info:
      name: Check HTTP Server and Database Status
      type: http
    http:
      method: GET
      url: '{{baseUrl}}/health/ready'
    docs: 'This endpoint returns a HTTP 200 status code when Ory Oathkeeper is up running and the environment dependencies
      (e.g.

      the database) are responsive as well.


      If the service supports TLS Edge Termination, this endpoint does not require the

      `X-Forwarded-Proto` header to be set.


      Be aware that if you are running multiple nodes of Ory Oathkeeper, the health status will never

      refer to the cluster state, only to a single instance.'
  - info:
      name: Return Running Software Version.
      type: http
    http:
      method: GET
      url: '{{baseUrl}}/version'
    docs: 'This endpoint returns the version of Ory Oathkeeper.


      If the service supports TLS Edge Termination, this endpoint does not require the

      `X-Forwarded-Proto` header to be set.


      Be aware that if you are running multiple nodes of this service, the version will never

      refer to the cluster state, only to a single instance.'
bundled: true