Ory · Capability

Ory Identities API — frontend

Ory Identities API — frontend. 32 operations. Lead operation: Get WebAuthn JavaScript. Self-contained Naftiko capability covering one Ory business surface.

Run with Naftiko Oryfrontend

What You Can Do

GET
Getwebauthnjavascript — Get WebAuthn JavaScript
/v1/well-known/ory/webauthn-js
GET
Getflowerror — Get User-Flow Errors
/v1/self-service/errors
GET
Createfedcmflow — Get FedCM Parameters
/v1/self-service/fed-cm/parameters
POST
Updatefedcmflow — Submit a FedCM token
/v1/self-service/fed-cm/token
POST
Updateloginflow — Submit a Login Flow
/v1/self-service/login
GET
Createnativeloginflow — Create Login Flow for Native Apps
/v1/self-service/login/api
GET
Createbrowserloginflow — Create Login Flow for Browsers
/v1/self-service/login/browser
GET
Getloginflow — Get Login Flow
/v1/self-service/login/flows
GET
Updatelogoutflow — Update Logout Flow
/v1/self-service/logout
DELETE
Performnativelogout — Perform Logout for Native Apps
/v1/self-service/logout/api
GET
Createbrowserlogoutflow — Create a Logout URL for Browsers
/v1/self-service/logout/browser
POST
Updaterecoveryflow — Update Recovery Flow
/v1/self-service/recovery
GET
Createnativerecoveryflow — Create Recovery Flow for Native Apps
/v1/self-service/recovery/api
GET
Createbrowserrecoveryflow — Create Recovery Flow for Browsers
/v1/self-service/recovery/browser
GET
Getrecoveryflow — Get Recovery Flow
/v1/self-service/recovery/flows
POST
Updateregistrationflow — Update Registration Flow
/v1/self-service/registration
GET
Createnativeregistrationflow — Create Registration Flow for Native Apps
/v1/self-service/registration/api
GET
Createbrowserregistrationflow — Create Registration Flow for Browsers
/v1/self-service/registration/browser
GET
Getregistrationflow — Get Registration Flow
/v1/self-service/registration/flows
POST
Updatesettingsflow — Complete Settings Flow
/v1/self-service/settings
GET
Createnativesettingsflow — Create Settings Flow for Native Apps
/v1/self-service/settings/api
GET
Createbrowsersettingsflow — Create Settings Flow for Browsers
/v1/self-service/settings/browser
GET
Getsettingsflow — Get Settings Flow
/v1/self-service/settings/flows
POST
Updateverificationflow — Complete Verification Flow
/v1/self-service/verification
GET
Createnativeverificationflow — Create Verification Flow for Native Apps
/v1/self-service/verification/api
GET
Createbrowserverificationflow — Create Verification Flow for Browser Clients
/v1/self-service/verification/browser
GET
Getverificationflow — Get Verification Flow
/v1/self-service/verification/flows
DELETE
Disablemyothersessions — Disable my other sessions
/v1/sessions
GET
Listmysessions — Get My Active Sessions
/v1/sessions
GET
Exchangesessiontoken — Exchange Session Token
/v1/sessions/token-exchange
GET
Tosession — Check Who the Current HTTP Session Belongs To
/v1/sessions/whoami
DELETE
Disablemysession — Disable one of my sessions
/v1/sessions/{id}

MCP Tools

get-webauthn-javascript

Get WebAuthn JavaScript

read-only idempotent
get-user-flow-errors

Get User-Flow Errors

read-only idempotent
get-fedcm-parameters

Get FedCM Parameters

read-only idempotent
submit-fedcm-token

Submit a FedCM token

submit-login-flow

Submit a Login Flow

create-login-flow-native-apps

Create Login Flow for Native Apps

read-only idempotent
create-login-flow-browsers

Create Login Flow for Browsers

read-only idempotent
get-login-flow

Get Login Flow

read-only idempotent
update-logout-flow

Update Logout Flow

read-only idempotent
perform-logout-native-apps

Perform Logout for Native Apps

idempotent
create-logout-url-browsers

Create a Logout URL for Browsers

read-only idempotent
update-recovery-flow

Update Recovery Flow

create-recovery-flow-native-apps

Create Recovery Flow for Native Apps

read-only idempotent
create-recovery-flow-browsers

Create Recovery Flow for Browsers

read-only idempotent
get-recovery-flow

Get Recovery Flow

read-only idempotent
update-registration-flow

Update Registration Flow

create-registration-flow-native-apps

Create Registration Flow for Native Apps

read-only idempotent
create-registration-flow-browsers

Create Registration Flow for Browsers

read-only idempotent
get-registration-flow

Get Registration Flow

read-only idempotent
complete-settings-flow

Complete Settings Flow

create-settings-flow-native-apps

Create Settings Flow for Native Apps

read-only idempotent
create-settings-flow-browsers

Create Settings Flow for Browsers

read-only idempotent
get-settings-flow

Get Settings Flow

read-only idempotent
complete-verification-flow

Complete Verification Flow

create-verification-flow-native-apps

Create Verification Flow for Native Apps

read-only idempotent
create-verification-flow-browser-clients

Create Verification Flow for Browser Clients

read-only idempotent
get-verification-flow

Get Verification Flow

read-only idempotent
disable-my-other-sessions

Disable my other sessions

idempotent
get-my-active-sessions

Get My Active Sessions

read-only idempotent
exchange-session-token

Exchange Session Token

read-only idempotent
check-who-current-http-session

Check Who the Current HTTP Session Belongs To

read-only idempotent
disable-one-my-sessions

Disable one of my sessions

idempotent

Capability Spec

kratos-frontend.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Ory Identities API — frontend
  description: 'Ory Identities API — frontend. 32 operations. Lead operation: Get WebAuthn JavaScript. Self-contained Naftiko
    capability covering one Ory business surface.'
  tags:
  - Ory
  - frontend
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    ORY_API_KEY: ORY_API_KEY
capability:
  consumes:
  - type: http
    namespace: kratos-frontend
    baseUri: ''
    description: Ory Identities API — frontend business capability. Self-contained, no shared references.
    resources:
    - name: .well-known-ory-webauthn.js
      path: /.well-known/ory/webauthn.js
      operations:
      - name: getwebauthnjavascript
        method: GET
        description: Get WebAuthn JavaScript
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: self-service-errors
      path: /self-service/errors
      operations:
      - name: getflowerror
        method: GET
        description: Get User-Flow Errors
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: query
          type: string
          description: Error is the error's ID
          required: true
    - name: self-service-fed-cm-parameters
      path: /self-service/fed-cm/parameters
      operations:
      - name: createfedcmflow
        method: GET
        description: Get FedCM Parameters
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: self-service-fed-cm-token
      path: /self-service/fed-cm/token
      operations:
      - name: updatefedcmflow
        method: POST
        description: Submit a FedCM token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: self-service-login
      path: /self-service/login
      operations:
      - name: updateloginflow
        method: POST
        description: Submit a Login Flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: flow
          in: query
          type: string
          description: The Login Flow ID
          required: true
        - name: X-Session-Token
          in: header
          type: string
          description: The Session Token of the Identity performing the settings flow.
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: self-service-login-api
      path: /self-service/login/api
      operations:
      - name: createnativeloginflow
        method: GET
        description: Create Login Flow for Native Apps
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: refresh
          in: query
          type: boolean
          description: Refresh a login session
        - name: aal
          in: query
          type: string
          description: Request a Specific AuthenticationMethod Assurance Level
        - name: X-Session-Token
          in: header
          type: string
          description: The Session Token of the Identity performing the settings flow.
        - name: return_session_token_exchange_code
          in: query
          type: boolean
          description: EnableSessionTokenExchangeCode requests the login flow to include a code that can be used to retrieve
            the session token
        - name: return_to
          in: query
          type: string
          description: The URL to return the browser to after the flow was completed.
        - name: organization
          in: query
          type: string
          description: An optional organization ID that should be used for logging this user in.
        - name: via
          in: query
          type: string
          description: Via should contain the identity's credential the code should be sent to. Only relevant in aal2 flows.
        - name: identity_schema
          in: query
          type: string
          description: An optional identity schema to use for the login flow.
    - name: self-service-login-browser
      path: /self-service/login/browser
      operations:
      - name: createbrowserloginflow
        method: GET
        description: Create Login Flow for Browsers
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: refresh
          in: query
          type: boolean
          description: Refresh a login session
        - name: aal
          in: query
          type: string
          description: Request a Specific AuthenticationMethod Assurance Level
        - name: return_to
          in: query
          type: string
          description: The URL to return the browser to after the flow was completed.
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
        - name: login_challenge
          in: query
          type: string
          description: An optional Hydra login challenge. If present, Kratos will cooperate with
        - name: organization
          in: query
          type: string
          description: An optional organization ID that should be used for logging this user in.
        - name: via
          in: query
          type: string
          description: Via should contain the identity's credential the code should be sent to. Only relevant in aal2 flows.
        - name: identity_schema
          in: query
          type: string
          description: An optional identity schema to use for the login flow.
    - name: self-service-login-flows
      path: /self-service/login/flows
      operations:
      - name: getloginflow
        method: GET
        description: Get Login Flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: query
          type: string
          description: The Login Flow ID
          required: true
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
    - name: self-service-logout
      path: /self-service/logout
      operations:
      - name: updatelogoutflow
        method: GET
        description: Update Logout Flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: token
          in: query
          type: string
          description: A Valid Logout Token
        - name: return_to
          in: query
          type: string
          description: The URL to return to after the logout was completed.
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
    - name: self-service-logout-api
      path: /self-service/logout/api
      operations:
      - name: performnativelogout
        method: DELETE
        description: Perform Logout for Native Apps
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: self-service-logout-browser
      path: /self-service/logout/browser
      operations:
      - name: createbrowserlogoutflow
        method: GET
        description: Create a Logout URL for Browsers
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: cookie
          in: header
          type: string
          description: HTTP Cookies
        - name: return_to
          in: query
          type: string
          description: Return to URL
    - name: self-service-recovery
      path: /self-service/recovery
      operations:
      - name: updaterecoveryflow
        method: POST
        description: Update Recovery Flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: flow
          in: query
          type: string
          description: The Recovery Flow ID
          required: true
        - name: token
          in: query
          type: string
          description: Recovery Token
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: self-service-recovery-api
      path: /self-service/recovery/api
      operations:
      - name: createnativerecoveryflow
        method: GET
        description: Create Recovery Flow for Native Apps
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: self-service-recovery-browser
      path: /self-service/recovery/browser
      operations:
      - name: createbrowserrecoveryflow
        method: GET
        description: Create Recovery Flow for Browsers
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: return_to
          in: query
          type: string
          description: The URL to return the browser to after the flow was completed.
        - name: skip_settings
          in: query
          type: string
          description: Skip redirection to the settings UI after the recovery flow was
    - name: self-service-recovery-flows
      path: /self-service/recovery/flows
      operations:
      - name: getrecoveryflow
        method: GET
        description: Get Recovery Flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: query
          type: string
          description: The Flow ID
          required: true
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
    - name: self-service-registration
      path: /self-service/registration
      operations:
      - name: updateregistrationflow
        method: POST
        description: Update Registration Flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: flow
          in: query
          type: string
          description: The Registration Flow ID
          required: true
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: self-service-registration-api
      path: /self-service/registration/api
      operations:
      - name: createnativeregistrationflow
        method: GET
        description: Create Registration Flow for Native Apps
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: return_session_token_exchange_code
          in: query
          type: boolean
          description: EnableSessionTokenExchangeCode requests the login flow to include a code that can be used to retrieve
            the session token
        - name: return_to
          in: query
          type: string
          description: The URL to return the browser to after the flow was completed.
        - name: organization
          in: query
          type: string
          description: An optional organization ID that should be used to register this user.
        - name: identity_schema
          in: query
          type: string
          description: An optional identity schema to use for the registration flow.
    - name: self-service-registration-browser
      path: /self-service/registration/browser
      operations:
      - name: createbrowserregistrationflow
        method: GET
        description: Create Registration Flow for Browsers
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: return_to
          in: query
          type: string
          description: The URL to return the browser to after the flow was completed.
        - name: login_challenge
          in: query
          type: string
          description: Ory OAuth 2.0 Login Challenge.
        - name: after_verification_return_to
          in: query
          type: string
          description: The URL to return the browser to after the verification flow was completed.
        - name: organization
          in: query
          type: string
          description: An optional organization ID that should be used to register this user.
        - name: identity_schema
          in: query
          type: string
          description: An optional identity schema to use for the registration flow.
    - name: self-service-registration-flows
      path: /self-service/registration/flows
      operations:
      - name: getregistrationflow
        method: GET
        description: Get Registration Flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: query
          type: string
          description: The Registration Flow ID
          required: true
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
    - name: self-service-settings
      path: /self-service/settings
      operations:
      - name: updatesettingsflow
        method: POST
        description: Complete Settings Flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: flow
          in: query
          type: string
          description: The Settings Flow ID
          required: true
        - name: X-Session-Token
          in: header
          type: string
          description: The Session Token of the Identity performing the settings flow.
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: self-service-settings-api
      path: /self-service/settings/api
      operations:
      - name: createnativesettingsflow
        method: GET
        description: Create Settings Flow for Native Apps
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: X-Session-Token
          in: header
          type: string
          description: The Session Token of the Identity performing the settings flow.
    - name: self-service-settings-browser
      path: /self-service/settings/browser
      operations:
      - name: createbrowsersettingsflow
        method: GET
        description: Create Settings Flow for Browsers
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: return_to
          in: query
          type: string
          description: The URL to return the browser to after the flow was completed.
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
    - name: self-service-settings-flows
      path: /self-service/settings/flows
      operations:
      - name: getsettingsflow
        method: GET
        description: Get Settings Flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: query
          type: string
          description: ID is the Settings Flow ID
          required: true
        - name: X-Session-Token
          in: header
          type: string
          description: The Session Token
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
    - name: self-service-verification
      path: /self-service/verification
      operations:
      - name: updateverificationflow
        method: POST
        description: Complete Verification Flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: flow
          in: query
          type: string
          description: The Verification Flow ID
          required: true
        - name: token
          in: query
          type: string
          description: Verification Token
        - name: Cookie
          in: header
          type: string
          description: HTTP Cookies
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: self-service-verification-api
      path: /self-service/verification/api
      operations:
      - name: createnativeverificationflow
        method: GET
        description: Create Verification Flow for Native Apps
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: return_to
          in: query
          type: string
          description: A URL contained in the return_to key of the verification flow.
    - name: self-service-verification-browser
      path: /self-service/verification/browser
      operations:
      - name: createbrowserverificationflow
        method: GET
        description: Create Verification Flow for Browser Clients
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: return_to
          in: query
          type: string
          description: The URL to return the browser to after the flow was completed.
    - name: self-service-verification-flows
      path: /self-service/verification/flows
      operations:
      - name: getverificationflow
        method: GET
        description: Get Verification Flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: query
          type: string
          description: The Flow ID
          required: true
        - name: cookie
          in: header
          type: string
          description: HTTP Cookies
    - name: sessions
      path: /sessions
      operations:
      - name: disablemyothersessions
        method: DELETE
        description: Disable my other sessions
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: X-Session-Token
          in: header
          type: string
          description: Set the Session Token when calling from non-browser clients. A session token has a format of `MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj`.
        - name: Cookie
          in: header
          type: string
          description: Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application.
            In that
      - name: listmysessions
        method: GET
        description: Get My Active Sessions
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: per_page
          in: query
          type: integer
          description: Deprecated Items per Page
        - name: page
          in: query
          type: integer
          description: Deprecated Pagination Page
        - name: page_size
          in: query
          type: integer
          description: Page Size
        - name: page_token
          in: query
          type: string
          description: Next Page Token
        - name: X-Session-Token
          in: header
          type: string
          description: Set the Session Token when calling from non-browser clients. A session token has a format of `MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj`.
        - name: Cookie
          in: header
          type: string
          description: Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application.
            In that
    - name: sessions-token-exchange
      path: /sessions/token-exchange
      operations:
      - name: exchangesessiontoken
        method: GET
        description: Exchange Session Token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: init_code
          in: query
          type: string
          description: The part of the code return when initializing the flow.
          required: true
        - name: return_to_code
          in: query
          type: string
          description: The part of the code returned by the return_to URL.
          required: true
    - name: sessions-whoami
      path: /sessions/whoami
      operations:
      - name: tosession
        method: GET
        description: Check Who the Current HTTP Session Belongs To
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: X-Session-Token
          in: header
          type: string
          description: Set the Session Token when calling from non-browser clients. A session token has a format of `MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj`.
        - name: Cookie
          in: header
          type: string
          description: Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application.
            In that
        - name: tokenize_as
          in: query
          type: string
          description: Returns the session additionally as a token (such as a JWT)
    - name: sessions-id
      path: /sessions/{id}
      operations:
      - name: disablemysession
        method: DELETE
        description: Disable one of my sessions
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: ID is the session's ID.
          required: true
        - name: X-Session-Token
          in: header
          type: string
          description: Set the Session Token when calling from non-browser clients. A session token has a format of `MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj`.
        - name: Cookie
          in: header
          type: string
          description: Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application.
            In that
    authentication:
      type: apikey
      key: Authorization
      value: '{{env.ORY_API_KEY}}'
      placement: header
  exposes:
  - type: rest
    namespace: kratos-frontend-rest
    port: 8080
    description: REST adapter for Ory Identities API — frontend. One Spectral-compliant resource per consumed operation, prefixed
      with /v1.
    resources:
    - path: /v1/well-known/ory/webauthn-js
      name: well-known-ory-webauthn-js
      description: REST surface for .well-known-ory-webauthn.js.
      operations:
      - method: GET
        name: getwebauthnjavascript
        description: Get WebAuthn JavaScript
        call: kratos-frontend.getwebauthnjavascript
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/errors
      name: self-service-errors
      description: REST surface for self-service-errors.
      operations:
      - method: GET
        name: getflowerror
        description: Get User-Flow Errors
        call: kratos-frontend.getflowerror
        with:
          id: rest.id
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/fed-cm/parameters
      name: self-service-fed-cm-parameters
      description: REST surface for self-service-fed-cm-parameters.
      operations:
      - method: GET
        name: createfedcmflow
        description: Get FedCM Parameters
        call: kratos-frontend.createfedcmflow
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/fed-cm/token
      name: self-service-fed-cm-token
      description: REST surface for self-service-fed-cm-token.
      operations:
      - method: POST
        name: updatefedcmflow
        description: Submit a FedCM token
        call: kratos-frontend.updatefedcmflow
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/login
      name: self-service-login
      description: REST surface for self-service-login.
      operations:
      - method: POST
        name: updateloginflow
        description: Submit a Login Flow
        call: kratos-frontend.updateloginflow
        with:
          flow: rest.flow
          X-Session-Token: rest.X-Session-Token
          Cookie: rest.Cookie
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/login/api
      name: self-service-login-api
      description: REST surface for self-service-login-api.
      operations:
      - method: GET
        name: createnativeloginflow
        description: Create Login Flow for Native Apps
        call: kratos-frontend.createnativeloginflow
        with:
          refresh: rest.refresh
          aal: rest.aal
          X-Session-Token: rest.X-Session-Token
          return_session_token_exchange_code: rest.return_session_token_exchange_code
          return_to: rest.return_to
          organization: rest.organization
          via: rest.via
          identity_schema: rest.identity_schema
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/login/browser
      name: self-service-login-browser
      description: REST surface for self-service-login-browser.
      operations:
      - method: GET
        name: createbrowserloginflow
        description: Create Login Flow for Browsers
        call: kratos-frontend.createbrowserloginflow
        with:
          refresh: rest.refresh
          aal: rest.aal
          return_to: rest.return_to
          Cookie: rest.Cookie
          login_challenge: rest.login_challenge
          organization: rest.organization
          via: rest.via
          identity_schema: rest.identity_schema
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/login/flows
      name: self-service-login-flows
      description: REST surface for self-service-login-flows.
      operations:
      - method: GET
        name: getloginflow
        description: Get Login Flow
        call: kratos-frontend.getloginflow
        with:
          id: rest.id
          Cookie: rest.Cookie
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/logout
      name: self-service-logout
      description: REST surface for self-service-logout.
      operations:
      - method: GET
        name: updatelogoutflow
        description: Update Logout Flow
        call: kratos-frontend.updatelogoutflow
        with:
          token: rest.token
          return_to: rest.return_to
          Cookie: rest.Cookie
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/logout/api
      name: self-service-logout-api
      description: REST surface for self-service-logout-api.
      operations:
      - method: DELETE
        name: performnativelogout
        description: Perform Logout for Native Apps
        call: kratos-frontend.performnativelogout
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/logout/browser
      name: self-service-logout-browser
      description: REST surface for self-service-logout-browser.
      operations:
      - method: GET
        name: createbrowserlogoutflow
        description: Create a Logout URL for Browsers
        call: kratos-frontend.createbrowserlogoutflow
        with:
          cookie: rest.cookie
          return_to: rest.return_to
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/recovery
      name: self-service-recovery
      description: REST surface for self-service-recovery.
      operations:
      - method: POST
        name: updaterecoveryflow
        description: Update Recovery Flow
        call: kratos-frontend.updaterecoveryflow
        with:
          flow: rest.flow
          token: rest.token
          Cookie: rest.Cookie
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/recovery/api
      name: self-service-recovery-api
      description: REST surface for self-service-recovery-api.
      operations:
      - method: GET
        name: createnativerecoveryflow
        description: Create Recovery Flow for Native Apps
        call: kratos-frontend.createnativerecoveryflow
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/recovery/browser
      name: self-service-recovery-browser
      description: REST surface for self-service-recovery-browser.
      operations:
      - method: GET
        name: createbrowserrecoveryflow
        description: Create Recovery Flow for Browsers
        call: kratos-frontend.createbrowserrecoveryflow
        with:
          return_to: rest.return_to
          skip_settings: rest.skip_settings
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/recovery/flows
      name: self-service-recovery-flows
      description: REST surface for self-service-recovery-flows.
      operations:
      - method: GET
        name: getrecoveryflow
        description: Get Recovery Flow
        call: kratos-frontend.getrecoveryflow
        with:
          id: rest.id
          Cookie: rest.Cookie
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/registration
      name: self-service-registration
      description: REST surface for self-service-registration.
      operations:
      - method: POST
        name: updateregistrationflow
        description: Update Registration Flow
        call: kratos-frontend.updateregistrationflow
        with:
          flow: rest.flow
          Cookie: rest.Cookie
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/registration/api
      name: self-service-registration-api
      description: REST surface for self-service-registration-api.
      operations:
      - method: GET
        name: createnativeregistrationflow
        description: Create Registration Flow for Native Apps
        call: kratos-frontend.createnativeregistrationflow
        with:
          return_session_token_exchange_code: rest.return_session_token_exchange_code
          return_to: rest.return_to
          organization: rest.organization
          identity_schema: rest.identity_schema
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/self-service/registration/browser
      name: self-service-re

# --- truncated at 32 KB (51 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/ory/refs/heads/main/capabilities/kratos-frontend.yaml