Frontend API responds with status code 400 but handling requests correctly

[alxdsz]

Preflight checklist

• I could not find a solution in the existing issues, docs, nor discussions.
• I agree to follow this project's Code of Conduct.
• I have read and am following this repository's Contribution Guidelines.
• I have joined the Ory Community Slack.
• I am signed up to the Ory Security Patch Newsletter.

Ory Network Project

No response

Describe the bug

Playing around with the new release locally. I upgraded the Kratos version to 1.1 and enabled the "Magic Code" sign-up/login feature.
What I noticed is the following:

• creating a new registration flow (native in my case): status 200 OK
• updating the registration flow with:

{
  "method": "code",
  "traits": {
      "email": "some.test.email@example.com"
  }
}

• getting response with status code 400 Bad Request, but with a valid body saying that an email with code has been sent (and it has been sent indeed)
• when updating the flow with:

{
  "method": "code",
  "code": "123456",
  "traits": {
      "email": "some.test.email@example.com"
  }
}

The registration completes with status 200

So the flow kind of works, just the status code 400 seems a bit confusing. Same happens for login.

BTW: Kudos for the last release - I really love what you guys are doing!

Reproducing the bug

Installed Kratos on a Kubernetes cluster using helm:
helm install kratos -f values.yaml ory/kratos

the configuration values.yaml I wrote for this test (note: masked some data):

kratos:
  version: v1.1.0
  config:
    dsn: <cockroach-db-dsn>
    secrets:
      default:
        [....]
    identity:
      default_schema_id: default
      schemas:
        - id: default
          url: file:///etc/config/identity.default.schema.json
    courier:
      smtp:
        connection_uri: smtp://example...
        from_address: example@address.com
    selfservice:
      default_browser_return_url: http://127.0.0.1:4455/
      methods:
        code:
          enabled: true
          passwordless_enabled: true
          passwordless_login_fallback_enabled: false
      flows:
        registration:
          after:
            code:
              hooks:
                - hook: session
        login:
          after:
            hooks:
              - hook: require_verified_address
  automigration:
    enabled: true
  identitySchemas:
    "identity.default.schema.json": |
      {
        "$id": "https://schemas.ory.sh/presets/kratos/identity.email.schema.json",
        "title": "Person",
        "type": "object",
        "properties": {
          "traits": {
            "type": "object",
            "properties": {
              "email": {
                "type": "string",
                "format": "email",
                "title": "E-Mail",
                "ory.sh/kratos": {
                  "credentials": {
                    "code": {
                      "identifier": true,
                      "via": "email"
                    }
                  },
                  "recovery": {
                    "via": "email"
                  },
                  "verification": {
                    "via": "email"
                  }
                },
                "maxLength": 320
              }
            },
            "required": [
              "email"
            ],
            "additionalProperties": false
          }
        }
      }

Relevant log output

No response

Relevant configuration

No response

Version

1.1.0

On which operating system are you observing this issue?

None

In which environment are you deploying?

Kubernetes

Additional Context

Used the same sandbox project with previous version but with password and didn't noticed this behavior