Setting up identity schema with "Recovery via SMS" throwing error

[kgsnaidu]

Preflight checklist

• I could not find a solution in the existing issues, docs, nor discussions.
• I agree to follow this project's Code of Conduct.
• I have read and am following this repository's Contribution Guidelines.
• I have joined the Ory Community Slack.
• I am signed up to the Ory Security Patch Newsletter.

Ory Network Project

No response

Describe the bug

Getting the following error when I add a phone number to the identity schema with recovery via SMS. Is this expected, or is the documentation unclear?

 | The configuration contains values or keys which are invalid:
 | properties.traits.properties.phone.ory\.sh/kratos.recovery.via: sms
 |                                                                 ^-- value must be "email"

btw, schema is copied from Kratos documentation - link

Reproducing the bug

1. Update identity schema with phone number support.
2. While adding a phone number to schema, configure it, recovery via sms
3. Run docker-compose

quickstart.yml:

version: '3.7'
services:
  kratos-migrate:
    image: oryd/kratos:v1.3.1
    environment:
      - DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true&mode=rwc
    volumes:
      - type: volume
        source: kratos-sqlite
        target: /var/lib/sqlite
        read_only: false
      - type: bind
        source: ./contrib/quickstart/kratos/email-password
        target: /etc/config/kratos
    command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
    restart: on-failure
    networks:
      - intranet
  kratos-selfservice-ui-node:
    image: oryd/kratos-selfservice-ui-node:v1.3.1
    environment:
      - KRATOS_PUBLIC_URL=http://kratos:4433/
      - KRATOS_BROWSER_URL=http://127.0.0.1:4433/
      - COOKIE_SECRET=changeme
      - CSRF_COOKIE_NAME=ory_csrf_ui
      - CSRF_COOKIE_SECRET=changeme
    networks:
      - intranet
    restart: on-failure
  kratos:
    depends_on:
      - kratos-migrate
    image: oryd/kratos:v1.3.1
    ports:
      - '4433:4433' # public
      - '4434:4434' # admin
    restart: unless-stopped
    environment:
      - DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true
      - LOG_LEVEL=trace
    command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier
    volumes:
      - type: volume
        source: kratos-sqlite
        target: /var/lib/sqlite
        read_only: false
      - type: bind
        source: ./contrib/quickstart/kratos/email-password
        target: /etc/config/kratos
    networks:
      - intranet
  mailslurper:
    image: oryd/mailslurper:latest-smtps
    ports:
      - '4436:4436'
      - '4437:4437'
    networks:
      - intranet
networks:
  intranet:
volumes:
  kratos-sqlite:

Relevant log output

| I[#] S[#/allOf/1] allOf failed
                      |   I[#/properties/traits/properties/phone] S[#/allOf/1/properties/properties/properties/traits/properties/properties/patternProperties/.%2A/allOf/0] allOf failed
                      |     I[#/properties/traits/properties/phone] S[#/allOf/1/properties/properties/properties/traits/properties/properties/patternProperties/.%2A/allOf/0/$ref] doesn't validate with "ory://identity-extension#"
                      |       I[#/properties/traits/properties/phone] S[#/allOf/0] allOf failed
                      |         I[#/properties/traits/properties/phone/ory.sh~1kratos/recovery/via] S[#/allOf/0/properties/ory.sh~1kratos/properties/recovery/properties/via/enum] value must be "email"
 exited with code 1
                      | time=2024-12-20T05:25:48Z level=debug msg=Adding config files. func=github.com/ory/x/configx.(*Provider).createProviders file=/go/pkg/mod/github.com/ory/[email protected]/configx/provider.go:144 audience=application files=[/etc/config/kratos/kratos.yml] service_name=Ory Kratos service_version=v1.3.1
                      | 
                      | The configuration contains values or keys which are invalid:
                      | The configuration contains values or keys which are invalid:
                      | properties.traits.properties.phone: map[format:tel minLength:3 ory.sh/kratos:map[credentials:map[code:map[identifier:true via:sms] passkey:map[display_name:true] password:map[identifier:true] totp:map[account_name:true]] recovery:map[via:sms] verification:map[via:sms]] title:Phone type:string]
                      |                                     ^-- allOf failed
                      | 
                      | The configuration contains values or keys which are invalid:
                      | properties.traits.properties.phone: map[format:tel minLength:3 ory.sh/kratos:map[credentials:map[code:map[identifier:true via:sms] passkey:map[display_name:true] password:map[identifier:true] totp:map[account_name:true]] recovery:map[via:sms] verification:map[via:sms]] title:Phone type:string]
                      |                                     ^-- doesn't validate with "ory://identity-extension#"
                      | 
                      | The configuration contains values or keys which are invalid:
                      | properties.traits.properties.phone: map[format:tel minLength:3 ory.sh/kratos:map[credentials:map[code:map[identifier:true via:sms] passkey:map[display_name:true] password:map[identifier:true] totp:map[account_name:true]] recovery:map[via:sms] verification:map[via:sms]] title:Phone type:string]
                      |                                     ^-- allOf failed
                      | 
                      | The configuration contains values or keys which are invalid:
                      | properties.traits.properties.phone.ory\.sh/kratos.recovery.via: sms
                      |                                                                 ^-- value must be "email"

Relevant configuration

{
  "$id": "your_schema_id",
  "$schema": "http://json-schema.org/draft-07/schema#",
  "title": "Person",
  "type": "object",
  "properties": {
    "traits": {
      "type": "object",
      "properties": {
        "email": {
          "type": "string",
          "format": "email",
          "title": "E-Mail",
          "ory.sh/kratos": {
            "credentials": {
              "password": {
                "identifier": true
              },
              "totp": {
                "account_name": true
              },
              "code": {
                "identifier": true,
                "via": "email"
              },
              "passkey": {
                "display_name": true
              }
            },
            "recovery": {
              "via": "email"
            },
            "verification": {
              "via": "email"
            }
          },
          "maxLength": 320
        },
        "phone": {
          "type": "string",
          "format": "tel",
          "title": "Phone number",
          "ory.sh/kratos": {
            "credentials": {
              "password": {
                "identifier": true
              },
              "code": {
                "identifier": true,
                "via": "sms"
              }
            },
            "recovery": {
              "via": "sms"
            },
            "verification": {
              "via": "sms"
            }
          },
          "maxLength": 320
        }
      },
      "required": ["email"],
      "additionalProperties": false
    }
  }
}

Version

1.3.1

On which operating system are you observing this issue?

None

In which environment are you deploying?

None

Additional Context

No response