Skip to content

Releases: ory/cli

v1.3.1

Choose a tag to compare

@ory-bot ory-bot released this 10 Jul 13:26
v1.3.1
1683ab1

Pause/resume event streams. Automatically expire temporary API keys. Support for Kratos ExternalID.
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAAZcAAAAHc3NoLXJzYQAAAAMBAAEAAAGBALTNqKd862nD5NeOdq/MKV
+hQrquSX0gBWkaTEUAfNiW2SzaUxuwAkRYpMkXkiU6tTRW4AgHxQ5K3VQMi5fjx4NxiiRI
Cot1AfGC59BLjptq7RT1Dt1YTIX/sEr7gPsuv89GzQLnbjCvZ93AXn1Ai9HROwfPCyWPY8
g/UR4doH/OWdMYo7LKn5IP8n52LiqFUqoioPPRgho/8rahT8ST6tSJ/7h8D8QVjevIPPvz
XM4W/w0H9Jbdx5E/WT7ILqL9DsJjz9zbydgLw78DoeapF8rrpVBB5oy+jjE04DGNxE0qIx
6bAPiRSN2LwxJW1pmKPbz87XDnrX/Yt8FZ2ypMRrkrrfTP/prVAzLQYw3GXMxR8rirONtj
7TVh4SPEaCuNsXSn8jgYVrsnctGo+xzSn5JplSQ2imcd9IJJPBTz1XoHDhl2ORq6cFm0D/
ae0i9e6XV65fk6+O5u3OMnzvtAGZJGe5k9ko+RR54Yx7y0r3CC649HYAG6WS8d4t0YaLp1
+wAAAANnaXQAAAAAAAAABnNoYTUxMgAAAZQAAAAMcnNhLXNoYTItNTEyAAABgKCBnJUmd9
w9djttNwg57RmrxQdW4NWcdgToOcInYDlyb7xJhUW/wCm6XGKHiAouqpYM4EL8zCwE5G44
YT26JTGr58spJ2rqk9kQSsFp5OQoZhZmakL3di3u/g5Myu0hBaXX8qYJHodPXoSbfNNzuK
ny8D6dcqrFhKwWGX7g8zwbEXh3BL+AdBg6b0B+Iv4DU3uC3DnOtVgYZL9Eu+h4PZurxJml
uwhOX5J65XrmhuJwn3wZgaBEpEoVOMmMw/+l3oh4iPlpAs8a3mRqd21Kl9MZVQASlnY+zh
SJ040uTfs9ZwMm8AixiDtXADcY2Z3DRGJiYpRfzyjGL5/X0FTJkrdzGJuwkmafFbFk9IJO
72xTG5c1Tm8vodJaTFTtPn/jrCgFCYEx1BJlkbROCIlM30a1/O4svWQhWSyWuwchCSvUwD
weyDhYNhim8x59kzPXMQ+vW7e9OofketMh93jd+wqWAUu4CDGtQqPhG63G89PJG93tl+qV
PYWaUCKbUpchUw==
-----END SSH SIGNATURE-----

Code Generation

  • Pin v1.3.1 release commit (1683ab1):

    Bumps from v1.3.1-pre.0

Changelog

  • 1683ab1 autogen: pin v1.3.1 release commit

Artifacts can be verified with cosign using this public key.

v1.3.1-pre.0

v1.3.1-pre.0 Pre-release
Pre-release

Choose a tag to compare

@ory-bot ory-bot released this 10 Jul 12:44
v1.3.1-pre.0
889226d

Pause/resume event streams. Automatically expire temporary API keys. Support for Kratos ExternalID.
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAAZcAAAAHc3NoLXJzYQAAAAMBAAEAAAGBALTNqKd862nD5NeOdq/MKV
+hQrquSX0gBWkaTEUAfNiW2SzaUxuwAkRYpMkXkiU6tTRW4AgHxQ5K3VQMi5fjx4NxiiRI
Cot1AfGC59BLjptq7RT1Dt1YTIX/sEr7gPsuv89GzQLnbjCvZ93AXn1Ai9HROwfPCyWPY8
g/UR4doH/OWdMYo7LKn5IP8n52LiqFUqoioPPRgho/8rahT8ST6tSJ/7h8D8QVjevIPPvz
XM4W/w0H9Jbdx5E/WT7ILqL9DsJjz9zbydgLw78DoeapF8rrpVBB5oy+jjE04DGNxE0qIx
6bAPiRSN2LwxJW1pmKPbz87XDnrX/Yt8FZ2ypMRrkrrfTP/prVAzLQYw3GXMxR8rirONtj
7TVh4SPEaCuNsXSn8jgYVrsnctGo+xzSn5JplSQ2imcd9IJJPBTz1XoHDhl2ORq6cFm0D/
ae0i9e6XV65fk6+O5u3OMnzvtAGZJGe5k9ko+RR54Yx7y0r3CC649HYAG6WS8d4t0YaLp1
+wAAAANnaXQAAAAAAAAABnNoYTUxMgAAAZQAAAAMcnNhLXNoYTItNTEyAAABgJ134gCVQO
QcJrA6E4NJSKzMIlwVR1HSkB41W8E6sTq1hrIS768mwsSPy8yNNYQZtiPyJvNCxFTUOYQ9
yt61Ov6XQpVkYhgKDPyt/wSX5dmnhRSB3zh06dfYCAeQHjo2EGLWWZvFDrJfkyJRfrmXSk
90nd5mKkYQekrYi0n4+4T0KDxIwqZBy4/TNmg79YBe6h8Hl0g6nzYxYlA6f+u/Bsv8VzAF
+NR/csLt4rFIXAiJ8Plmh36AdJV8NJppF6wgOxYuRgsOVftdrebDPBV40h+hHVFdnHq+jg
YLTUiAJbftdMe6Ou0w3wCrcWyI0VzHqed1M/kFriDkoSVQWkwiNE9q+c9qMAWUyN7bNq9+
3biwicQiRfAXeNgRRYy8CdPHDEayfF3dFFgc1h5vAn5ltR4nPyW1Z/+1WBIibQrr5b2i4j
tqzzW4qNBuvGbYVdtjPyv3IasPZbuN2McE6hV/tuGt6N9NO5mjwzlKgVm5KtsGhXg1GzMw
US6jnz+OR51Tdg==
-----END SSH SIGNATURE-----

Bug Fixes

  • Data races in tests (#440) (e4dd7c4):

    • fix: data races in tests
    • chore: delete obsolete subcommands
    • chore: bump dependencies to clear CVEs flagged by grype
    • golang.org/x/crypto v0.51.0 -> v0.53.0 (fixes multiple critical CVEs incl. GO-2026-5006, 5017, 5019, 5020, 5021, 5023, 5005)
    • golang.org/x/net v0.54.0 -> v0.55.0 (fixes GO-2026-5026 critical)
    • github.com/gomarkdown/markdown -> 20260417 (fixes GHSA-77fj-vx54-gvh7 high)

    Regenerates the newsletter render snapshot to absorb a one-blank-line
    cosmetic change in gomarkdown's HTML output.

    • chore: bump ory deps to drop transitive github.com/docker/docker

    Newer master commits of ory/x (and the ory/kratos / ory/hydra / ory/keto
    that consume it) no longer pull github.com/docker/docker through the
    x/sqlcon/dockertest chain, removing GO-2026-4883 (which has no fix
    version available upstream).

    • fix: drain playwright Route handlers before page.Close

    Calling page.Close() while a BrowserContext.onRoute handler is still
    in flight is a data race inside playwright-go. Call UnrouteAll with
    UnrouteBehaviorWait first so registered handlers complete before the
    page is closed.

    Also fixes a pre-existing guard bug in dev ci github env: an empty
    SWAGGER_SPEC_IGNORE_PKGS would print "-x " because strings.Split("", ",")
    returns [""] rather than nil. Check the raw env var first.

Code Generation

  • Pin v1.3.1-pre.0 release commit (889226d)

Features

  • Configurable expiry for temporary proxy/tunnel API keys (#443) (b73c06e):

    The Ory Proxy and Tunnel create a temporary project API key to configure
    your project. These keys were created without expiry, so if the cleanup
    on shutdown failed (e.g. the process was killed) the key would linger
    indefinitely.

    Add an --api-key-expiry flag to both commands that sets a server-side
    expiry on the temporary key, ensuring it is removed automatically even
    when local cleanup does not run. Defaults to 12h; set to 0 to disable.

  • Ory.com (#441) (a0c7075)

  • Pause/resume event streams (#442) (52eb734)

  • Support external_id in identity commands (#444) (afd84ac)

  • Update install command in README.md (1e51407)

Changelog

  • 3a978a3 autogen(docs): generate and bump docs
  • 889226d autogen: pin v1.3.1-pre.0 release commit
  • d2c5a3e chore: deflake tests (#425)
  • 3ef403b chore: upgrade and prune dependencies (#439)
  • b73c06e feat: configurable expiry for temporary proxy/tunnel API keys (#443)
  • a0c7075 feat: ory.com (#441)
  • 52eb734 feat: pause/resume event streams (#442)
  • afd84ac feat: support external_id in identity commands (#444)
  • 1e51407 feat: update install command in README.md
  • e4dd7c4 fix: data races in tests (#440)

Artifacts can be verified with cosign using this public key.

v1.3.0

Choose a tag to compare

@ory-bot ory-bot released this 25 Mar 21:11
v1.3.0
8c5f0ad

This release adds support for configuring HTTPS live event streams.
See https://www.ory.com/docs/actions/live-events for details.
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAAZcAAAAHc3NoLXJzYQAAAAMBAAEAAAGBALTNqKd862nD5NeOdq/MKV
+hQrquSX0gBWkaTEUAfNiW2SzaUxuwAkRYpMkXkiU6tTRW4AgHxQ5K3VQMi5fjx4NxiiRI
Cot1AfGC59BLjptq7RT1Dt1YTIX/sEr7gPsuv89GzQLnbjCvZ93AXn1Ai9HROwfPCyWPY8
g/UR4doH/OWdMYo7LKn5IP8n52LiqFUqoioPPRgho/8rahT8ST6tSJ/7h8D8QVjevIPPvz
XM4W/w0H9Jbdx5E/WT7ILqL9DsJjz9zbydgLw78DoeapF8rrpVBB5oy+jjE04DGNxE0qIx
6bAPiRSN2LwxJW1pmKPbz87XDnrX/Yt8FZ2ypMRrkrrfTP/prVAzLQYw3GXMxR8rirONtj
7TVh4SPEaCuNsXSn8jgYVrsnctGo+xzSn5JplSQ2imcd9IJJPBTz1XoHDhl2ORq6cFm0D/
ae0i9e6XV65fk6+O5u3OMnzvtAGZJGe5k9ko+RR54Yx7y0r3CC649HYAG6WS8d4t0YaLp1
+wAAAANnaXQAAAAAAAAABnNoYTUxMgAAAZQAAAAMcnNhLXNoYTItNTEyAAABgEesh4p6yh
pMkOrTI9t3D8CM1FnCKjXJgreE+473stgHfZJ6zik4yyaLkefA8erv2uV6TTQ7b9LylDh3
2vZ9ATaEGxEv1cGqKdpB8wYkaUYQDrVhwBhcgZ/LjRlQoz/Fwfk6VFeqJeBNkYFZCMLQjv
Qx0kVk4Oq24tjK46pgVaaWBrdctjSWrb5gZRXZ4uPX92P+bNeBkArxt2DpTaot8BP2jNhL
eeNSmwlUwOLXHkXbZLNNua1zSYNmGHjTpcIgNi+v2JZ2V6C2NfnRYH7ZTP/t5+bkPF1Ec+
qJk/Dftsu9trCLxr7400SuHFlzVIfCATSoECjcdPB8jA2mUn6NzFu71c2jCtjvLRRWfiUg
QOXjsb09N8q6z9MPJbs7jJW1hRP4hN1/tC9h+potrGW6jbnoYPPTPTmhTdXB00bkUKIulv
Yecj0b99vx2zLwhZPfNh4NqDI8pQ7RAfVUEeXqgxk8i+wMir0fcW0eF+kRYdbt9VnZd67p
zqYOP+Awm1O3sQ==
-----END SSH SIGNATURE-----

Code Generation

  • Pin v1.3.0 release commit (8c5f0ad):

    Bumps from v1.3.0-pre.0

Changelog

  • 8c5f0ad autogen: pin v1.3.0 release commit

Artifacts can be verified with cosign using this public key.

v1.3.0-pre.1

v1.3.0-pre.1 Pre-release
Pre-release

Choose a tag to compare

@ory-bot ory-bot released this 25 Mar 20:01
v1.3.0-pre.1
5ea379a

Bump go-sqlite3
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAAZcAAAAHc3NoLXJzYQAAAAMBAAEAAAGBALTNqKd862nD5NeOdq/MKV
+hQrquSX0gBWkaTEUAfNiW2SzaUxuwAkRYpMkXkiU6tTRW4AgHxQ5K3VQMi5fjx4NxiiRI
Cot1AfGC59BLjptq7RT1Dt1YTIX/sEr7gPsuv89GzQLnbjCvZ93AXn1Ai9HROwfPCyWPY8
g/UR4doH/OWdMYo7LKn5IP8n52LiqFUqoioPPRgho/8rahT8ST6tSJ/7h8D8QVjevIPPvz
XM4W/w0H9Jbdx5E/WT7ILqL9DsJjz9zbydgLw78DoeapF8rrpVBB5oy+jjE04DGNxE0qIx
6bAPiRSN2LwxJW1pmKPbz87XDnrX/Yt8FZ2ypMRrkrrfTP/prVAzLQYw3GXMxR8rirONtj
7TVh4SPEaCuNsXSn8jgYVrsnctGo+xzSn5JplSQ2imcd9IJJPBTz1XoHDhl2ORq6cFm0D/
ae0i9e6XV65fk6+O5u3OMnzvtAGZJGe5k9ko+RR54Yx7y0r3CC649HYAG6WS8d4t0YaLp1
+wAAAANnaXQAAAAAAAAABnNoYTUxMgAAAZQAAAAMcnNhLXNoYTItNTEyAAABgDihq44Hf9
pU4y3MswSUm7dVgZojKfxF2iVXMB6R7t/zTcygIK6EBKtVSlKu+jkX2dZbJU18xhyn6IG0
VRCAhA+XXb5XERw+c+cFHvJgquryzc+96EczONz8eMqeqy2AIRwGrzW2irJF4e3f73+HHq
1qDGS6BwH3v8RL4pI5f3KW6JmH+4ic8rmwpAWgln7ofdjja5LN4XrclMUYuAtEQ6XcFkky
oTMzNf4G+mMgy3ezkPGz840Oq1xdMlCKWB6SqthK1d32PudJ592pCyjmms+0IE28/V/G3n
AwGR2w2BgfnpnvzGvPagc709nFIOTMCT0qCR/ROm2KMwz9h1ZBbYSwKx16076HT1nG6VUK
lUgKuQEYYu0XH4negzoyGZOHhQEbMWw934740cZAOIvSgk/yiQ/Kot7tFp9h3TXjoKGL3Q
GxfZoyj5ZfpR4uO4OxC/3gEtvcwbTK4OVWMHCxiUvT8f/g/qv3JunuITHJJFn8Bamrto70
TWeCv3SpvgcJeQ==
-----END SSH SIGNATURE-----

Code Generation

  • Pin v1.3.0-pre.1 release commit (5ea379a)

Changelog

  • 5ea379a autogen: pin v1.3.0-pre.1 release commit
  • 7a4c59e chore: bump go-sqlite3

Artifacts can be verified with cosign using this public key.

v1.2.0

Choose a tag to compare

@ory-bot ory-bot released this 25 Sep 12:34
0e0da3c

This release includes fixes and improvements around managing CORS settings and organizations.

Code Generation

  • Pin v1.2.0 release commit (0e0da3c):

    Bumps from v1.2.0-pre.0

Changelog

  • 0e0da3c autogen: pin v1.2.0 release commit
  • 7a6dda7 autogen: pin v1.2.0 release commit

Artifacts can be verified with cosign using this public key.

v1.1.0

Choose a tag to compare

@ory-bot ory-bot released this 14 Nov 13:38
7144ce8

This release includes convenience changes around project creation and
the Ory Proxy & Tunnel.

It is now also possible to update OAuth2 clients from files.

Code Generation

  • Pin v1.1.0 release commit (7144ce8)

Features

  • Allow creating a workspace together with a project (#392) (90ba715)

  • Clarify use of tunnel/proxy (#389) (43ed6ec)

  • Tunnel and proxy use dev mode always (#388) (30b10d9):

    The --dev flag essentially enabled wildcard cors. To make development easier, the flag has been removed and instead we will check if the user supplied specific CORS origins. If they did not, wildcard CORS is enabled.

Changelog

Artifacts can be verified with cosign using this public key.

v1.0.1

Choose a tag to compare

@ory-bot ory-bot released this 14 Oct 14:40
aa4db77

Support API keys for Ory Tunnel / Ory Proxy.

Code Generation

  • Pin v1.0.1 release commit (aa4db77)

Features

  • Support api keys for silent auth in tunnel/proxy (1f4cbf0), closes #362

Changelog

  • 2f3caf6 autogen(docs): generate and bump docs
  • aa4db77 autogen: pin v1.0.1 release commit
  • 5b6cfbd chore: remove panic
  • a6902c6 ci: add goreleaser version to config
  • 1f4cbf0 feat: support api keys for silent auth in tunnel/proxy

Artifacts can be verified with cosign using this public key.

v1.0.0

Choose a tag to compare

@ory-bot ory-bot released this 11 Oct 09:06
c89c0b8

Ory CLI matures! With these changes, the CLI is now perfectly supports both interactive and automated environments. Inconsistencies in command usage were resolved, and workspaces are now fully supported. Browse through the documentation for guides and all the details.

Bug Fixes

  • Correctly determine project and workspace IDs (b07874a)
  • Redirect user before finalizing OAuth2 login (#383) (89a08d6)
  • Use correct field internally (9c6c7e5)

Code Generation

  • Pin v1.0.0 release commit (c89c0b8):

    Bumps from v1.0.0-alpha.0

Features

  • Allow additional CORS headers for proxy (#377) (6f64ad8)
  • Allow using only project API keys (81ecdfd)
  • Require workspace when creating projects (#382) (de3f2c9)

Tests

  • Drop analytics and other scripts (d2280c3)
  • Update command usage (0a752c3)

Changelog

  • 37115e8 autogen(docs): generate and bump docs
  • c89c0b8 autogen: pin v1.0.0 release commit
  • b215681 chore: support more formats in license header tool (#374)
  • 6f64ad8 feat: allow additional CORS headers for proxy (#377)
  • 81ecdfd feat: allow using only project API keys
  • de3f2c9 feat: require workspace when creating projects (#382)
  • b07874a fix: correctly determine project and workspace IDs
  • 89a08d6 fix: redirect user before finalizing OAuth2 login (#383)
  • 9c6c7e5 fix: use correct field internally
  • d2280c3 test: drop analytics and other scripts
  • 0a752c3 test: update command usage

Artifacts can be verified with cosign using this public key.

v1.0.0-alpha.2

v1.0.0-alpha.2 Pre-release
Pre-release

Choose a tag to compare

@ory-bot ory-bot released this 30 Aug 10:25
48a451d

This release includes fixes for timeouts during login on Windows systems.

Bug Fixes

  • Increase auth callback server shutdown timeout (#370) (ee938b2)

Code Generation

  • Pin v1.0.0-alpha.2 release commit (48a451d)

Features

Changelog

Artifacts can be verified with cosign using this public key.

v1.0.0-alpha.1

v1.0.0-alpha.1 Pre-release
Pre-release

Choose a tag to compare

@ory-bot ory-bot released this 29 Jul 14:05
17c744d

This release includes a fix for using the Ory Proxy and Ory Tunnel with API keys only.

Bug Fixes

  • Use correct environment variable key (#368) (01e8ef0)

Code Generation

  • Pin v1.0.0-alpha.1 release commit (17c744d)

Changelog

  • 9c4255c autogen(docs): generate and bump docs
  • 17c744d autogen: pin v1.0.0-alpha.1 release commit
  • 01e8ef0 fix: use correct environment variable key (#368)

Artifacts can be verified with cosign using this public key.