Qodex.ai

Get Login Flow

GET {{baseUrl}}/self-service/login/flows?id=<string>

This endpoint returns a login flow's context with, for example, error details and other information.

Browser flows expect the anti-CSRF cookie to be included in the request's HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail.

If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint:

pseudo-code example
router.get('/login', async function (req, res) {
const flow = await client.getLoginFlow(req.header('cookie'), req.query['flow'])

res.render('login', flow)
})

This request may fail due to several reasons. The error.id can be one of:

session_already_available: The user is already signed in. self_service_flow_expired: The flow is expired and you should request a new one.

More information can be found at Ory Kratos User Login and User Registration Documentation.

Request Params

KeyDatatypeRequiredDescription
idstring(Required) The Login Flow ID

The value for this parameter comes from flow URL Query parameter sent to your application (e.g. /login?flow=abcde). |

HEADERS

KeyDatatypeRequiredDescription
CookiestringHTTP Cookies

When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected. | | Accept | string | | |

RESPONSES

status: OK

{&quot;id&quot;:&quot;\u003cuuid\u003e&quot;,&quot;type&quot;:&quot;\u003cstring\u003e&quot;,&quot;expires_at&quot;:&quot;\u003cdateTime\u003e&quot;,&quot;issued_at&quot;:&quot;\u003cdateTime\u003e&quot;,&quot;request_url&quot;:&quot;\u003cstring\u003e&quot;,&quot;ui&quot;:{&quot;action&quot;:&quot;\u003cstring\u003e&quot;,&quot;method&quot;:&quot;\u003cstring\u003e&quot;,&quot;nodes&quot;:[{&quot;type&quot;:&quot;img&quot;,&quot;group&quot;:&quot;default&quot;,&quot;attributes&quot;:{&quot;name&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;password&quot;,&quot;disabled&quot;:&quot;\u003cboolean\u003e&quot;,&quot;node_type&quot;:&quot;a&quot;,&quot;autocomplete&quot;:&quot;one-time-code&quot;,&quot;label&quot;:{&quot;id&quot;:&quot;\u003clong\u003e&quot;,&quot;text&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;error&quot;,&quot;context&quot;:{}},&quot;onclick&quot;:&quot;\u003cstring\u003e&quot;,&quot;onload&quot;:&quot;\u003cstring\u003e&quot;,&quot;pattern&quot;:&quot;\u003cstring\u003e&quot;,&quot;required&quot;:&quot;\u003cboolean\u003e&quot;,&quot;value&quot;:{&quot;description&quot;:&quot;The input&#39;s value.&quot;,&quot;nullable&quot;:true}},&quot;messages&quot;:[{&quot;id&quot;:&quot;\u003clong\u003e&quot;,&quot;text&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;error&quot;,&quot;context&quot;:{}},{&quot;id&quot;:&quot;\u003clong\u003e&quot;,&quot;text&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;info&quot;,&quot;context&quot;:{}}],&quot;meta&quot;:{&quot;label&quot;:{&quot;id&quot;:&quot;\u003clong\u003e&quot;,&quot;text&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;error&quot;,&quot;context&quot;:{}}}},{&quot;type&quot;:&quot;a&quot;,&quot;group&quot;:&quot;webauthn&quot;,&quot;attributes&quot;:{&quot;name&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;submit&quot;,&quot;disabled&quot;:&quot;\u003cboolean\u003e&quot;,&quot;node_type&quot;:&quot;input&quot;,&quot;autocomplete&quot;:&quot;one-time-code&quot;,&quot;label&quot;:{&quot;id&quot;:&quot;\u003clong\u003e&quot;,&quot;text&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;success&quot;,&quot;context&quot;:{}},&quot;onclick&quot;:&quot;\u003cstring\u003e&quot;,&quot;onload&quot;:&quot;\u003cstring\u003e&quot;,&quot;pattern&quot;:&quot;\u003cstring\u003e&quot;,&quot;required&quot;:&quot;\u003cboolean\u003e&quot;,&quot;value&quot;:{&quot;description&quot;:&quot;The input&#39;s value.&quot;,&quot;nullable&quot;:true}},&quot;messages&quot;:[{&quot;id&quot;:&quot;\u003clong\u003e&quot;,&quot;text&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;success&quot;,&quot;context&quot;:{}},{&quot;id&quot;:&quot;\u003clong\u003e&quot;,&quot;text&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;info&quot;,&quot;context&quot;:{}}],&quot;meta&quot;:{&quot;label&quot;:{&quot;id&quot;:&quot;\u003clong\u003e&quot;,&quot;text&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;info&quot;,&quot;context&quot;:{}}}}],&quot;messages&quot;:[{&quot;id&quot;:&quot;\u003clong\u003e&quot;,&quot;text&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;info&quot;,&quot;context&quot;:{}},{&quot;id&quot;:&quot;\u003clong\u003e&quot;,&quot;text&quot;:&quot;\u003cstring\u003e&quot;,&quot;type&quot;:&quot;success&quot;,&quot;context&quot;:{}}]},&quot;state&quot;:{&quot;description&quot;:&quot;State represents the state of this request:\n\nchoose_method: ask the user to choose a method to sign in with\nsent_email: the email has been sent to the user\npassed_challenge: the request was successful and the login challenge was passed.&quot;},&quot;active&quot;:&quot;password&quot;,&quot;created_at&quot;:&quot;\u003cdateTime\u003e&quot;,&quot;oauth2_login_challenge&quot;:&quot;\u003cstring\u003e&quot;,&quot;oauth2_login_request&quot;:{&quot;challenge&quot;:&quot;\u003cstring\u003e&quot;,&quot;client&quot;:{&quot;access_token_strategy&quot;:&quot;\u003cstring\u003e&quot;,&quot;allowed_cors_origins&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;],&quot;audience&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;],&quot;authorization_code_grant_access_token_lifespan&quot;:&quot;\u003cstring\u003e&quot;,&quot;authorization_code_grant_id_token_lifespan&quot;:&quot;\u003cstring\u003e&quot;,&quot;authorization_code_grant_refresh_token_lifespan&quot;:&quot;\u003cstring\u003e&quot;,&quot;backchannel_logout_session_required&quot;:&quot;\u003cboolean\u003e&quot;,&quot;backchannel_logout_uri&quot;:&quot;\u003cstring\u003e&quot;,&quot;client_credentials_grant_access_token_lifespan&quot;:&quot;\u003cstring\u003e&quot;,&quot;client_id&quot;:&quot;\u003cstring\u003e&quot;,&quot;client_name&quot;:&quot;\u003cstring\u003e&quot;,&quot;client_secret&quot;:&quot;\u003cstring\u003e&quot;,&quot;client_secret_expires_at&quot;:&quot;\u003clong\u003e&quot;,&quot;client_uri&quot;:&quot;\u003cstring\u003e&quot;,&quot;contacts&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;],&quot;created_at&quot;:&quot;\u003cdateTime\u003e&quot;,&quot;frontchannel_logout_session_required&quot;:&quot;\u003cboolean\u003e&quot;,&quot;frontchannel_logout_uri&quot;:&quot;\u003cstring\u003e&quot;,&quot;grant_types&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;],&quot;implicit_grant_access_token_lifespan&quot;:&quot;\u003cstring\u003e&quot;,&quot;implicit_grant_id_token_lifespan&quot;:&quot;\u003cstring\u003e&quot;,&quot;jwks&quot;:{&quot;description&quot;:&quot;OAuth 2.0 Client JSON Web Key Set  Client&#39;s JSON Web Key Set [JWK] document, passed by value. The semantics of the jwks parameter are the same as the jwks_uri parameter, other than that the JWK Set is passed by value, rather than by reference. This parameter is intended only to be used by Clients that, for some reason, are unable to use the jwks_uri parameter, for instance, by native applications that might not have a location to host the contents of the JWK Set. If a Client can use jwks_uri, it MUST NOT use jwks. One significant downside of jwks is that it does not enable key rotation (which jwks_uri does, as described in Section 10 of OpenID Connect Core 1.0 [OpenID.Core]). The jwks_uri and jwks parameters MUST NOT be used together.&quot;},&quot;jwks_uri&quot;:&quot;\u003cstring\u003e&quot;,&quot;jwt_bearer_grant_access_token_lifespan&quot;:&quot;\u003cstring\u003e&quot;,&quot;logo_uri&quot;:&quot;\u003cstring\u003e&quot;,&quot;metadata&quot;:{},&quot;owner&quot;:&quot;\u003cstring\u003e&quot;,&quot;policy_uri&quot;:&quot;\u003cstring\u003e&quot;,&quot;post_logout_redirect_uris&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;],&quot;redirect_uris&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;],&quot;refresh_token_grant_access_token_lifespan&quot;:&quot;\u003cstring\u003e&quot;,&quot;refresh_token_grant_id_token_lifespan&quot;:&quot;\u003cstring\u003e&quot;,&quot;refresh_token_grant_refresh_token_lifespan&quot;:&quot;\u003cstring\u003e&quot;,&quot;registration_access_token&quot;:&quot;\u003cstring\u003e&quot;,&quot;registration_client_uri&quot;:&quot;\u003cstring\u003e&quot;,&quot;request_object_signing_alg&quot;:&quot;\u003cstring\u003e&quot;,&quot;request_uris&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;],&quot;response_types&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;],&quot;scope&quot;:&quot;\u003cstring\u003e&quot;,&quot;sector_identifier_uri&quot;:&quot;\u003cstring\u003e&quot;,&quot;skip_consent&quot;:&quot;\u003cboolean\u003e&quot;,&quot;skip_logout_consent&quot;:&quot;\u003cboolean\u003e&quot;,&quot;subject_type&quot;:&quot;\u003cstring\u003e&quot;,&quot;token_endpoint_auth_method&quot;:&quot;\u003cstring\u003e&quot;,&quot;token_endpoint_auth_signing_alg&quot;:&quot;\u003cstring\u003e&quot;,&quot;tos_uri&quot;:&quot;\u003cstring\u003e&quot;,&quot;updated_at&quot;:&quot;\u003cdateTime\u003e&quot;,&quot;userinfo_signed_response_alg&quot;:&quot;\u003cstring\u003e&quot;},&quot;oidc_context&quot;:{&quot;acr_values&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;],&quot;display&quot;:&quot;\u003cstring\u003e&quot;,&quot;id_token_hint_claims&quot;:{&quot;sit_b&quot;:{}},&quot;login_hint&quot;:&quot;\u003cstring\u003e&quot;,&quot;ui_locales&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;]},&quot;request_url&quot;:&quot;\u003cstring\u003e&quot;,&quot;requested_access_token_audience&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;],&quot;requested_scope&quot;:[&quot;\u003cstring\u003e&quot;,&quot;\u003cstring\u003e&quot;],&quot;session_id&quot;:&quot;\u003cstring\u003e&quot;,&quot;skip&quot;:&quot;\u003cboolean\u003e&quot;,&quot;subject&quot;:&quot;\u003cstring\u003e&quot;},&quot;organization_id&quot;:&quot;\u003cstring\u003e&quot;,&quot;refresh&quot;:&quot;\u003cboolean\u003e&quot;,&quot;requested_aal&quot;:&quot;aal2&quot;,&quot;return_to&quot;:&quot;\u003cstring\u003e&quot;,&quot;session_token_exchange_code&quot;:&quot;\u003cstring\u003e&quot;,&quot;transient_payload&quot;:{},&quot;updated_at&quot;:&quot;\u003cdateTime\u003e&quot;}