Phone verification not working
blackshady opened this issue · comments
Preflight checklist
- I could not find a solution in the existing issues, docs, nor discussions.
- I agree to follow this project's Code of Conduct.
- I have read and am following this repository's Contribution Guidelines.
- I have joined the Ory Community Slack.
- I am signed up to the Ory Security Patch Newsletter.
Ory Network Project
No response
Describe the bug
When attempting to create a verification flow for phone numbers using the self-service API, despite configuring the kratos.yml file to utilize an SMS gateway for verification, the API still returns email attributes in the UI node instead of phone number attributes. This occurs even after following the documentation and configuring the system to use SMS verification. As a result, the intended functionality of phone number verification is not achieved.
Reproducing the bug
- Configure the
kratos.yml
file to use an SMS gateway for phone number verification. - Attempt to create a verification flow for phone numbers using the API endpoint {{kratos_URL}}/self-service/verification/api.
- Observe that the UI node returns email attributes instead of phone number attributes.
Relevant log output
No response
Relevant configuration
Here is my `identity.schema.json` file
{
"$id": "https://schemas.ory.sh/presets/kratos/quickstart/phone-password/identity.schema.json",
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Person",
"type": "object",
"properties": {
"traits": {
"type": "object",
"properties": {
"name": {
"type": "object",
"required": [
"last",
"first"
],
"properties": {
"first": {
"title": "First Name",
"type": "string"
},
"last": {
"title": "Last Name",
"type": "string"
}
}
},
"phone": {
"type": "string",
"format": "tel",
"title": "Phone number",
"minLength": 3,
"ory.sh/kratos": {
"credentials": {
"password": {
"identifier": true
}
},
"verification": {
"via": "sms"
}
}
}
},
"required": ["phone"],
"additionalProperties": false
}
}
}
Version
v1.1.0
On which operating system are you observing this issue?
Linux
In which environment are you deploying?
Docker
Additional Context
No response
We have also run into this issue - it does not seem possible to create a verification flow for a phone number (our identity schema has both email and phone number traits).
Perhaps it's necessary to add a via=phone_number
parameter or similar to the create verification flow API endpoint, which would allow apps to specify which trait to verify?
This is especially an issue because it is not possible to redirect to a verification flow from settings after setting the user's phone number for server-side rendered apps. From the docs:
Showing the verification form after a settings update is currently only supported on native or SPA clients.