Ory OSS 25.4.0 brings OAuth 2.0 device authorization flow, SMS login, token chain revocation and more — giving developers and IAM builders a solid foundation for IAM.
How Apple broke "Sign in with Apple" with an unannounced and silent redirect
This week, Ory marked a major milestone in open source Identity and Access management, releasing Ory Hydra, Kratos, Keto, and Oathkeeper v25.4.0.
These new releases advance open identity infrastructure, offering faster and smarter access capabilities to address modern protocols, including those required by AI.
All Ory projects now follow our new calendar-based versioning scheme (YY.Q.B) by simplifying compatibility tracking and making upgrades more predictable.
Authentication isn’t just for humans anymore. This release introduces Device Authorization Grant (RFC 8628) and OAuth 2.1 discovery support, bringing first-class authentication to AI agents, IoT devices, and headless clients.
What’s new:
Download Ory Hydra v25.4.0 from GitHub or pull the official Docker image.
The release delivers updates in user identity with passwordless authentication via SMS, expanded passkey (WebAuthn) support, and enhanced OIDC integration.
What’s new:
Download Ory Kratos v25.4.0 from GitHub or pull the official Docker image.
The release focuses on privacy, cryptographic integrity, and platform resilience. Keto now provides encrypted pagination tokens to protect stateful API interactions and improve data integrity at scale.
What’s new:
Download Ory Keto v25.4.0 from GitHub or pull the official Docker image.
This release brings improvements to configuration handling, observability, and repo management. It also aligns Oathkeeper with the rest of the Ory ecosystem.
What’s new:
ory/x libraries for dependency consistencygoreleaserDownload Ory Oathkeeper v25.4.0 from GitHub or pull the official Docker image.
Ory Elements, the frontend building blocks that power Account Experience, now speaks the world’s languages. We’re thrilled to announce that Ory Elements is now available in 83 languages (up from just 9 previously), making modern end user interfaces truly global and accessible by default.
Download the Ory Elements components library from GitHub.
Catch up on everything new in Ory v25.4 including demos, discussions, and live Q&A with the Ory team.
Watch the Ory OSS launch webinar on-demand.
At Ory, we believe identity should be open, transparent, and community-driven. That’s why we continue to build in the open — with open standards, world-class engineering, and contributions from thousands of developers worldwide.
With these updates, Ory reaffirms its position as the most widely used open source Customer Identity and Access Management (CIAM) solution on the planet, powering over 1.2 billion identities with its open source ecosystem, and over 1 billion identities through Ory Enterprise License and the Ory Network.
Open source releases give you powerful identity infrastructure. However, mission-critical production environments often need continuous security patches, enterprise features that support compliance requirements, and updates that keep pace with your infrastructure demands.
Ory Enterprise License (OEL) provides continuous releases with the latest security patches and advanced enterprise features between open source releases.
For teams running identity infrastructure that needs to stay secure, compliant, and performant at scale, OEL delivers the update cadence and enterprise capabilities that production environments require. Evaluating Ory for web-scale production? Learn more about OEL.
Questions about the new versioning? Join us in Ory Community Slack or GitHub Discussions.