Thoughts on the best UI/UX using Zitadel
I'd love to hear how you have implemented Zitadel to provide the very best user experience. When I'm taken from one site to another to authenticate, it feels disconnected and for some users, possibly raise concerns. There are pros and cons to every approach.
How have you built the best UX using Zitadel? Do share. We could all learn a lot from different developers implementation approach and processes....
Using Authenticated User Tokens for Zitadel API Calls Best Practices
Hi,
I have a question regarding reusing authenticated user's access token to perform some actions (not Zitadel actions, e.g. listing organization users, updating a user's role, updating a user's own avatar...), instead of relying on a service user, is it possible to use the logged in user's token to make actions?
What is the best practice around this, I had a chat with AI (ChatGPT) for reference: https://chatgpt.com/share/68c3128d-f9bc-8000-b1d4-368d3780dcee...
Authentication flow without WebView/Redirect in the native app.
HI, I was looking through the docs, and failed to find any information. Is it possible to implement an login/registration screen in the native apps without browser redirect or webview in a B2C scenario? When user is not coming from other source like Google/Facebbok account but is directly registered with ZITADEL?
Org id is not set when creating organistation via api v2
The docs for https://zitadel.com/docs/apis/resources/org_service_v2/organization-service-add-organization say I can set a cutsom organization id, by sending an orgId parameter.
But when I create a org the parameter is ignored.
I use self hosted zitadel on version: v3.3.0...
Staggering log volume when database is unavailable
We had service on a database the other day, and Zitadel is very enthusiastic about reporting errors, either DNS lookup failure or connection errors.
Here I reproduced the behaviour with a 4.1.3 install running in Docker Compose, and I stopped the
db instance, so DNS resolution would fail. These logs are from the Zitadel container:
```...Zitadel in Cloud Run is returning 403
I've set up Zitadel to run in Cloud Run behind LB and when I try to access it I get 403 error, error is coming from Zitadel, not from LB. Could someone help me debug why this is happening or provide tutorial or example YAML I could follow? My config YAML attached
actions v2
before actions v2 I had the flatRoles v1 action used to add the role name to my claims. in v2 is this only possible if I run a separate endpoint for the function?
Login v2 pod not sending CUSTOM_REQUEST_HEADERS
Use-case: Kubernetes self-hosted proof-of-concept
Environment: Self-Hosting on EKS
Version: ghcr.io/zitadel/zitadel:v4.0.0
Stack: Zitadel UI v2
What you expected to happen: Zitadel UI for basic management login...
Azure Container Apps - 404 / cannot find well-known configuration paradox
Hey folks, i have Zitadel running within an azure container app and cant seem to make calls to its api suite from my dotnet application. I'm using Terraform to provision my Zitadel instance with the following (abstract) configuration:
```hcl
env {
name = "ZITADEL_EXTERNALSECURE"...
v2 login ui
using the self hosted 4.1.3 I get a "Not found" message after enabling the new Login UI for my app. how do I enable v2 for self hosted?
invalid_argument msg
I have an existing application that works using Zitadel as the IdP. I am integrating a third party using their Okta and generic OIDC for authentication.
Once enabled I have the sign in button using Okta as IDP and that flow takes the client to their Okta page. They are able to provide login get to the callback of my Zitadel instance but get the attached error message. We have tried changing settings on both side but as a managed client I have no idea what is wrong or even how to debug this issue....
Once enabled I have the sign in button using Okta as IDP and that flow takes the client to their Okta page. They are able to provide login get to the callback of my Zitadel instance but get the attached error message. We have tried changing settings on both side but as a managed client I have no idea what is wrong or even how to debug this issue....
I face problems in the integration of linkedin idp, can someone help me
It is not working with the generic auth flow or the generic OIDC flow. Can someone please help me resolve this?
2FA not working with external IdP and Custom UI?
Hi Team! Currently, we are using a self hosted Zitadel instance, with a Custom UI.
The issue, is that after creating new accounts using an external Idp, as Google, the user is not being asked to setup 2FA, it just skip this process, and log in the user with the new created account.
Are we missing something? ...
Rate limit password forgot feature
During a security audit an issue with Zitadel came up. The password forgot feature is not rate limited.
The argumentation of the auditor was that they can use it the email bomb a victim.
Is it possible to rate limit this feature or is there a back-off mechanism implemented?...
Invalid JWTs since this morning
We are currently debugging a larger issue where tokens seem to have be invalid since this morning. New tokens are fine, old ones are not. The issue started around 6:50 am. I don't have more information as of now. Was anything changed? I am looking at public keys for token validation, to see if those were rotated.
NextJS B2B Example: Alice able to view/manage user from another organization
Hi, I followed this example, and everything works mostly. (Doc doesn't include ZITADEL_CLIENT_SECRET in the .env, which is needed)
https://zitadel.com/docs/examples/login/nextjs-b2b
However, I have now set up a second project within Demo-Vendor named 'Client A', that has a user that was created on the Demo-Vendor organization. When logging into the provided NextJS application ( https://github.com/zitadel/zitadel-nextjs-b2b) as Alice (who is a user of the Demo-Customer organization) and going to 'Manage Team', she is able to see the name of this project and the user listed below, which she can edit. This project was not granted to her and sits within a separate organization.
...
Need help to understand how I can implement authorization for my custom service
Hello.
I want to integrate Zitadel in my custom solution.
I have web application and native agent for the linux. User should be able to register via my web application, and have access to my console ui. In the app user should be able to register new devices.
...
Flutter - auth without WebView?
Can I build in-app authentication screens in Flutter rather than opening web-based login pages?
Help with zitadel actions ?
Hello. I want to ask some question about the zitadel actions. I want to test it with my local service. the zitadel is cloud hosted, and i don't know how call to my localhost.