docker-sso/kratos/.kratos.yml

serve:
  public:
    base_url: http://auth.server.lan/.ory/kratos/public/
    port: 4433
    cors:
      enabled: true
      allowed_origins:
        - http://server.lan
        - http://*.server.lan
        - http://*.dev.server.lan
      allowed_methods:
        - POST
        - GET
        - PUT
        - PATCH
        - DELETE
  admin:
    base_url: http://kratos:4434/

selfservice:
  default_browser_return_url: http://auth.server.lan/
  whitelisted_return_urls:
    - http://auth.server.lan/
    - http://auth.server.lan/auth/hydra/login

  methods:
    password:
      enabled: true

  flows:

    error:
      ui_url: http://auth.server.lan/error

    settings:
      ui_url: http://auth.server.lan/settings

    verification:
      ui_url: http://auth.server.lan/verification
      enabled: false

    recovery:
      ui_url: http://auth.server.lan/recovery
      enabled: false

    logout:
      after:
        default_browser_return_url: http://auth.server.lan/auth/login

    login:
      ui_url: http://auth.server.lan/auth/login

    registration:
      ui_url: http://auth.server.lan/auth/registration
      after:
        password:
          hooks:
            -
              hook: session

log:
  level: debug
  leak_sensitive_values: true

hashers:
  argon2:
    parallelism: 1
    memory: 131072
    iterations: 2
    salt_length: 16
    key_length: 16

identity:
  default_schema_url: file:///etc/config/kratos/identity.schema.json

courier:
  smtp:
    connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true


session:
  cookie:
    persistent: true
    #same_site: None
    domain: server.lan
  lifespan: 1h
First working version 4 years ago			`serve:`
			`public:`
			`base_url: http://auth.server.lan/.ory/kratos/public/`
			`port: 4433`
			`cors:`
			`enabled: true`
			`allowed_origins:`
			`- http://server.lan`
			`- http://*.server.lan`
			`- http://*.dev.server.lan`
			`allowed_methods:`
			`- POST`
			`- GET`
			`- PUT`
			`- PATCH`
			`- DELETE`
			`admin:`
			`base_url: http://kratos:4434/`

			`selfservice:`
			`default_browser_return_url: http://auth.server.lan/`
			`whitelisted_return_urls:`
			`- http://auth.server.lan/`
			`- http://auth.server.lan/auth/hydra/login`

			`methods:`
			`password:`
			`enabled: true`

			`flows:`

			`error:`
			`ui_url: http://auth.server.lan/error`

			`settings:`
			`ui_url: http://auth.server.lan/settings`

			`verification:`
			`ui_url: http://auth.server.lan/verification`
			`enabled: false`

			`recovery:`
			`ui_url: http://auth.server.lan/recovery`
			`enabled: false`

			`logout:`
			`after:`
			`default_browser_return_url: http://auth.server.lan/auth/login`

			`login:`
			`ui_url: http://auth.server.lan/auth/login`

			`registration:`
			`ui_url: http://auth.server.lan/auth/registration`
			`after:`
			`password:`
			`hooks:`
			`-`
			`hook: session`

			`log:`
			`level: debug`
			`leak_sensitive_values: true`

			`hashers:`
			`argon2:`
			`parallelism: 1`
			`memory: 131072`
			`iterations: 2`
			`salt_length: 16`
			`key_length: 16`

			`identity:`
			`default_schema_url: file:///etc/config/kratos/identity.schema.json`

			`courier:`
			`smtp:`
			`connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true`


			`session:`
			`cookie:`
			`persistent: true`
			`#same_site: None`
			`domain: server.lan`
			`lifespan: 1h`