ZITADEL

Z

ZITADEL

ZITADEL - Identity infrastructure, simplified for you.

Join

questions-help-bugs

product-feedback-requests

feliwir
feliwir
View on Discord
10/23/2025

No feedback when user has no access to project

Hey, when i create a user without any roles and have Check authorization on Authentication enabled, the Login UI gives me no feedback about an error. It will just not do anything when clicking the user inside the Login UI. Is that a known issue? We are using version 4.4.0...
No description
Weltenbrand
Weltenbrand
View on Discord
10/23/2025

Append claim in actions v2

Hi, I am trying to use actions v2 to append claims with the preuserinfo function. I am using FastAPI for my "actions micro service". At the moment I just return this json: 
 {'append_claims': [{'key': 'test', 'value': 'test'}] }
 {'append_claims': [{'key': 'test', 'value': 'test'}] }
...
Tegar
Tegar
View on Discord
10/23/2025

Same username different organization

Hi, we want to enforce preferred username = email. There is also a use case where a single email can be invited in more than one organization (think like an external contractor that work on several organizations) It turns out that Zitadel only allow one username for all organization. Are there any workarounds?...
Anggakara
Anggakara
View on Discord
10/23/2025

[EntraID][Groups] Can We Get The List of Groups on Linked EntraID Apps?

as you can see github have this feature
No description
MerijnVana
MerijnVana
View on Discord
10/22/2025

Opaque vs JWT tokens

Hi, I'm new to Zitadel. Is it possible to configure Zitadel to issue JWT access token instead of opaque tokens? Whatever I do, I'm only getting opaque tokens in a B2B setup. Thanks for any help!
cortopy
cortopy
View on Discord
10/21/2025

Unable to login to a brand new installation with docker-compose

I have followed the example in the documentation here When I go to http://localhost:8080/ui/console?login_hint=zitadel-admin@zitadel.localhost - I get a warning message that says Could not get the context of the user. Make sure to enter the username first or provide a loginName as searchParam. - When I put the password as Password1! I get a message saying Could not verify password...
xmmk
xmmk
View on Discord
10/21/2025

[Self-hosted]: Login V2 not working for localhost on Safari (macos, iOS Simulator)

Has anyone managed to log in via the Safari browser using the Docker Compose setup on localhost? The Flutter iOS implementation also doesn’t work on the simulator. It seems that the session cookie is not being sent to http://localhost:3000/ui/v2/login/password after entering the login name. This results in the error messages “Could not get the context of the user…” and “Could not verify password…”. Firefox works fine!...
Anggakara
Anggakara
View on Discord
10/21/2025

[API Version] Not All Endpoint from V1 exists in V2

i notice there are several endpoint that still not exist yet in the v2 like this https://zitadel.com/docs/apis/resources/admin/admin-service-list-providers the v2 only support the active one, not all idps list may I know the mapping documentation from v1 to v2? or maybe you can explain me further...
Crimbo
Crimbo
View on Discord
10/21/2025

Slef-hosted; How do you obtain roles for a Service User?

We are running self-hosted version: v2.71.8 I am able to obtain roles for Client Users, using the scope: ```...
Crimbo
Crimbo
View on Discord
10/21/2025

Self-hosted; Set TOTP Issuer

We are running self-hosted version: v2.71.8 I would like to a set the issuer for TOTP from "ZITADEL" to something else. When I go to setup the 2FA for my account and scan the QR, my 2FA app prints "ZITADEL: joe.bloggs@example.com". Is there anyway to set it without using a custom login screen? I tried setting the env ZITADEL_SYSTEMDEFAULTS_MULTIFACTORS_OTP_ISSUER=Example\ Name during setup, but that didn't seem to work (source)....
JayPe
JayPe
View on Discord
10/21/2025

After upgrade to 4.4.0 from 4.3.0 => Impossible to update former users

When saving a user : [not_found] User could not be found (COMMAND-ugjs0upun6) When changing a user password : [failed_precondition] Password not found (COMMAND-G8dh3) I can't do any modification (save) on users that have been created before the upgrade. The weird thing is that I'm seeing them correctly....
No description
Anggakara
Anggakara
View on Discord
10/21/2025

[Migration Issue] When upgrade from v3.3.0 to v3.4.2

hi team, somehow we have this error when try to upgrade the version. may we know what is the best practice approach for this issue? 
2025-10-21T02:33:04.328583424Z time="2025-10-21T02:33:04Z" level=warning msg="migration already started, will check again in 5 seconds" caller="/home/runner/work/zitadel/zitadel/internal/migration/migration.go:130" migration step=repeatable_migrate_river
2025-10-21T02:33:04.328583424Z time="2025-10-21T02:33:04Z" level=warning msg="migration already started, will check again in 5 seconds" caller="/home/runner/work/zitadel/zitadel/internal/migration/migration.go:130" migration step=repeatable_migrate_river
...
oliwel
oliwel
View on Discord
10/20/2025

Get Password Hash of user from DB or API

Hi, I want to onboard a legacy application to our SSO but I have no option to interact with Zitadel directly, I am able to use and inject the bcrypted hashes from Zitadel but I am unable to locate them in the database or API 🙁 Can anybody point me to the right location? DB would be preferred... TIA...
Teatime 🇩🇰
Teatime 🇩🇰
View on Discord
10/20/2025

promt=login not returning to app

I am using zitadel as oidc provider. When i login with prompt=login, it does not return to the app, but just stays on the screen with "Welcome ... You are signed in." This does not seem like normal OIDC behavior, Is there a way to change this?...
Anggakara
Anggakara
View on Discord
10/20/2025

Email is empty (EMAIL-spblu)

somehow cannot connect to zitadel after microsoft entraID redirection. in this endpoint https://{{SELF_HOST}}/ui/login/login/externalidp/saml/acs we able to receive these data - http://schemas.microsoft.com/identity/claims/tenantid - http://schemas.microsoft.com/identity/claims/objectidentifier - http://schemas.microsoft.com/identity/claims/displayname...
fernandolopezchs11
fernandolopezchs11
View on Discord
10/18/2025

typescript

in the zitadel/typscipt repo: https://github.com/zitadel/typescript there is a change made to reference a mono-repo but we instructed to fork the mirror and make changes if we desire to. I believe the use of workspaces will stop others from forking it and building it....
No description
nullsense
nullsense
View on Discord
10/17/2025

SystemUser Works for Debug Stock Image but not Non-Debug Image

There's a lot of issues using the SystemUser. I'm trying to upgrade our self-hosted instance of Zitadel from 2.71.10 (self-compiled source code) to 2.71.17 (v2:latest as of writing). However, I'd like to use the stock image if possible. I'm noticing that ghcr.io/zitadel/zitadel:v2.71.17-debug works fine as expected. However, ghcr.io/zitadel/zitadel:v2.71.17 does not, giving the same errors other community members have reported relating to SystemUsers:...
Ozzzkar
Ozzzkar
View on Discord
10/17/2025

External IdP logins fail with multiple Zitadel replicas

Using Zitadel 4.4.0 deployed from the Zitadel Helm chart 9.8.0, external IdP logins fail when we run multiple replicas of the Zitadel deployment (2 pods), we get "an internal error occurred". When only using 1 pod, it works. When the failure happens, we don't find any errors in the logs, I checked both stdout (we configured it to be json format), the events and failed events tabs in the default organization in Zitadel's admin console. Anyone knows how to debug this?...
No description
eragon1442
eragon1442
View on Discord
10/17/2025

group claims with actions v2

As v1 will be deprecated is there an example on how to translate roles to groups with v2.
Guizão
Guizão
View on Discord
10/17/2025

Custom UI

Reading the documentation, I came up with two questions: - Is it possible to transform session tokens into JWT tokens? - Or use the OIDC flow to generate JWT tokens from your own UI?...
PreviousNext