JWT auth fails when adding custom domain
Hi everyone đź‘‹
I deployed a ZITADEL v3.3.0 instance to my K8s cluster using the Helm Chart and now want to configure a custom domain.
From what I found, this must be done via the API (no UI anymore?) — is that correct?...
projections.milestones how to fix i cant find the solution
2025-07-07 14:31:03.827 UTC [76] ERROR: relation "projections.milestones" does not exist at character 63
2025-07-07 14:31:03.827 UTC [76] STATEMENT: SELECT instance_id, type, reached_date, last_pushed_date
FROM projections.milestones...
Actions v2 documentation
There is a kind of chaos regarding documentation of v2 actions. Migration guide link the testing functions (https://zitadel.com/docs/guides/integrate/actions/testing-function) but to know how to add the claims you have to jump to Using Action (https://zitadel.com/docs/guides/integrate/actions/usage). All the example using the restWebhook for target, but in fact it doesn't work with webhook. After getting through API documentation, you can find that webhook make a rest call without processing the...
User ip info in custom login
Hi team. In a hosted login session info like user's device information, ip or location , zitadel handles them . I am using a custom login ui , can you please help me on how get the info like user's device information, ip , location in custom login.
I am currently trying to use https://zitadel.com/docs/apis/resources/session_service_v2/session-service-create-session this API . In this api we need to provide ip in the api request, can you tell me how can I retrieve the ip info in custom login...
Change user email
I'm implementing a feature to allow users to change their email. I'm using the API: https://zitadel.com/docs/apis/resources/auth/auth-service-set-my-email. User noticed that ZITADEL updates the email without verifying whether the email address actually exists. As a result, if the user enters an incorrect email, they won't be able to enter the verification code when logging in again. How can you handle this issue effectively?
Questions about new SCIM feature & Commercial License
The new SCIM feature, which is currently in preview seems very promising for my business, since we're a B2B SaaS with per-seat pricing in Germany.
What I don't quite get is the commercial license. So the feature, when generally available will only be accessible with a commercial license, right?
A few specific questions:...
Remove all MFA settings for locally hosted Zitadel
Hello, through some bad luck my phone was recently fatally damaged and with it poof gone is my TOTP app and thus all my access to my self-hosted zitadel instance. Is there any way to remove the 2fa settings for each individual user on my local installation? I suppose they are somewhere in the postgres database but where would I find and change these?
Does ZITADEL support automatic retries for failed Actionsv2 webhook executions?
Hi everyone! đź‘‹
I’m using Actions v2 with webhook targets configured under function and event executions. I see that when a webhook returns an error (HTTP 500, timeout, etc.), ZITADEL can interrupt further execution (via interruptOnError) and indicates failure.
But my questions are:...
Help with RFC implementation
Hello there!
Currently I'm trying to implement support for RFC-9126 in self-hosted fork of Zitadel to help migration from Keycloak
I'd like some help to understand the best way to implement this one:...
When uploading any photo, get a “no existing directory” error
Environment: Ubuntu 20.04
Version: 2.64.1
Stack: Netbird’s combo stack:...
SAML2: Signing the documents, in addition to the assertion
Use-case
SSO solution for most things
Environment
Self-hosted...
Linking multiple emails
Dear everyone
My programmer has a little problem. in the old system we were able to link 2 or more email adresses together in the user-profile as we often had the situation where they want to login with a private email but due to the nature of our platform also use their professional email for that and we could link this together.
our programmer said that zitadel is always "1 email is 1 account" so we cant do that anymore. Did someone of you have the same problem once or how would you solve this?...
How to enable user self-registration option on login page?
This seems like a simple thing but I can't seem to figure it out. I'm using Zitadel for oAuth/OIDC apps. When the apps redirect user to login, they are sent to /ui/login/login but it only has a Login Name field and a next button. If they aren't already registered there doesn't appear to be a way for them to register. How can I let them register if they haven't already?
I've read this (https://zitadel.com/docs/guides/integrate/onboarding/end-users#built-in-register-form) but, since they're not logged in, the app wouldn't know if they are already registered and wouldn't know whether to send that prompt parameter....
Visting sites that SSO with the same Zitadel instance
If a customer logs in from one site, can they seamlessly go between multiple sites using the same Zitadel instance for SSO without having to log in again?
How to trigger MFA init for a specific user?
I want users in my application to setup MFA (u2f, TOTP, email/sms) . However, I don't want to implement it on my own, and I'd prefer to use the existing UI that I see after first login.
In other words, ideal flow is:
1. User presses a button in my app "setup the MFA", and makes a ZITADEL API call.
2. I log user out...
Typescript Login UI
Use-case: I want to deploy the Next.js based UI.
Environment: Development env - self-hosting
Version: Version 3.2.2 according to the Zitadel UI
Stack: Docker Zitadel Backend and Next.js
...
Is it possible to set password change requirement without providing new/old passowrd?
I have admin panel with usermanagement in which I want to set requirement for change password for user, but I do not want change current password. And I do not know it.
In other side if it's not possible can zitadel send email with new password?...
I wanted to install Zitadel as selfhosted, but I can't login.
The better expalination is on github:
https://github.com/zitadel/zitadel/issues/10123
Can somebody help me, to start one time this application???...
Is it possible to configure IDPs via API?
Or is the Web UI always required? Our team is just evaluating Zitadel as self hosted authentication solution. We would need to configure Zitadel via API though. Is this possible? because i could not find anything in the docs. In the API section i was only able to find a few GET requests.