ZITADEL

Z

ZITADEL

ZITADEL - Identity infrastructure, simplified for you.

Join

questions-help-bugs

product-feedback-requests

boblack_zocker
boblack_zocker
View on Discord
5/20/2025

Organization with only external provider login redirecting to type in password

Hello, I created a organization and i want them only to log in via external provider like microsoft activedirectory. the thing is that when i create a new user he gets redirected to the organization auth page and has to type in a password even if i have disabled password entry. only if i press the back button i get redirected to the external identity. this looks uncommon for me. shouldnt the user be directly redirected?
No description
Jeff D
Jeff D
View on Discord
5/15/2025

Locked out of instance

I've managed to lock myself out of an instance and here's how ... Requirement is to have users register with both an email address and phone number and to have on-time verification of both. So to test that i attempted to set the instance defaults to use SMS 2-Factor verification. After saving the changes i logged out of my app and when i attempt to login it now asks for my phone number which is great, but i never get the SMS code - presumably because i never setup Twilio. So i'm locked out of th...
nilsense
nilsense
View on Discord
5/14/2025

Flaky error from /oauth/v2/token

Latest Self-hosted version that has been tested: v2.71.6 Behavior not present in (at least) v2.58.3 In some of my integration tests, I am finding that the /oauth/v2/token endpoint is returning a flaky error. ...
Andy
Andy
View on Discord
5/13/2025

Self Hosted Azure Container Apps - "Database "zitadel" already exists"

Hey folks, i'm currently trying to deploy both Zitadel and Postgres out to an Azure Container App Environment as part of a PoC. I am able to deploy both containers to the environment using Terraform, however, when the Zitadel container executes the defined start-init command, I get logs stating that the Zitadel database already exists. I also get logs stating that certain aspects of Zitadels config exist too (roles for example) before the container ultimately hangs. As I am just proving out elements of deployment, I'm deploying both to the same container app environment, both are freshly deployed each time, and i'm using env vars instead of config files. There are no volumes being mounted for the db container, as well as no sidecars or init containers. Initial thinking was maybe two zitadel containers where triggering the same init process on my single postgres instance, but after forcing just a single replica with a single container across both I still see the same issue. I have attached the terraform i'm using (obfuscating anything relating to my azure subscription) for reference, as well as the logs messages i'm seeing for both the postgres container and zitadel container. Fully anticipate I'm doing something daft, so any help is greatly appreciated! (I'm also able to run the stack locally using compose, its just when I deploy to Azure its giving me errors.)...
zitadel-logs
пажилое калечко
пажилое калечко
View on Discord
5/13/2025

Domain discovery with identity provider flow

How work now: 1. User open login page which uses default organization's settings of company A with IDP options of A 2. Enter his email of company B -- here Zitadel determines user's organization by domain in email. 3. enter password...
boblack_zocker
boblack_zocker
View on Discord
5/13/2025

GetUserGrantByID for granted projects not working

Hello, i am trying to get the user roles from a user but its not working. I am using the GetUserGrantByID call. i give to the call the userid and the resourceId of the project but all i get is: {"Status(StatusCode="NotFound", Detail="User grant not found (QUERY-wIPkA)")"} The user has roles in this project for sure. what am i doing wrong?...
boblack_zocker
boblack_zocker
View on Discord
5/12/2025

Can i move Users from OrgA to OrgB.

Hello, is it possible to move Users from OrgA to OrgB and keep the id and everything roles ect.?
AYEEDITYA
AYEEDITYA
View on Discord
5/11/2025

Creating local user in Zitadel V3

Hey, so I recently upgraded to V3. Everything is well, however, when I create a local user in a specific organization, the user is still only created in the default org. Whys this? And how can I make it so it’s created in the specified organization? Since there is also no way to move a user to a different org.
RockingChair
RockingChair
View on Discord
5/9/2025

Possible to activate user over console UI?

Hi, is it possible for me as an admin to activate a user and verify an email over the console ui? A user does not receive his verification mail due to unknown reasons and I want to activate him manually... Thanks!...
Sk-7060131690
Sk-7060131690
View on Discord
5/9/2025

ZOHO external IDP using generic OIDC

I am trying to use zoho as a login method in ziatdel login page using generic OIDC for my next js application but I dont see any button for zoho login in zitadel login page. I am sure I have correctly setup everything in zoho api console and ziatdel console. But I cant make it work. I am a junior dev and first time using zetadel as my company is shifting its authentication layer to zitadel self hosted and i have been tasked to implement zoho login with ziatdel provider and next auth. I cant fi...
Masum
Masum
View on Discord
5/7/2025

Userinfo endpoint not returning all roles from all Role Audiences

When requesting the /userinfo endpoint using an access_token with the following scopes: openid profile email urn:zitadel:iam:org:project:id:zitadel:aud urn:zitadel:iam:org:project:id:<PROJECT-ID-1>:aud ...
boblack_zocker
boblack_zocker
View on Discord
5/5/2025

Is there a way to have multiple microsoft identity provider but just 1 button instead of x buttons

Hello, i have a selfhosted zitadel and my customer have own identity providers that they want to have included. but for the moment if i add their identity provider as external identity on the main page there is added a button for that provider. so i would have a lot of buttons there. is there a way to change that?
Azure Byte
Azure Byte
View on Discord
5/5/2025

Is there a way to only allow a user to manage project permission grants instead of project owner?

I am looking to use Zitadel as an SSO authoriser and manager for a SaaS I am building. As part of this I am trying to allow users to manage user grants for a project and nothing else so they can manage who's allowed access to their instance themselves without messing up our config for them. I can see that there is an ORG_PROJECT_PERMISSION_EDITOR but is there one for just managing a single projects permissions? ...
vf-tyler
vf-tyler
View on Discord
5/2/2025

v2beta/actions/* 404 with Actions V2 feature enabled

Hello, I realized I am still using the /v3alpha/actions/* endpoints and I went to switch to v2beta, but it seems all of the endpoints return 404: ```...
No description
AYEEDITYA
AYEEDITYA
View on Discord
4/29/2025

Migrating from CRDB to PGSQL

Has anyone migrated from cockroach DB to Postgres for Zitadel running via docker? I’ve been trying but have been unsuccessful. Any guidance would be much appreciated!
bawsky
bawsky
View on Discord
4/24/2025

Roles missing in access token (JWT)

Hello. I'm trying to request access tokens with projects' roles without success - is this a bug or am I missing something? Authorization request (line breaks for readability): ``` note the scopes:...
AYEEDITYA
AYEEDITYA
View on Discord
4/22/2025

Limiting access based on roles

I’m curious if I there is a dropdown or something in the UI I can use to limit access to an application or project based on user roles? Recently saw this implemented in pocket-id and would like a similar implementation....
No description
adrian
adrian
View on Discord
4/16/2025

Assigning Roles through Create Human User Endpoint

Is it possible to assign roles during new user creation? I am using the endpoint https://$CUSTOM-DOMAIN/v2/users/human...
Gabriel Brandão
Gabriel Brandão
View on Discord
4/4/2025

Custom OIDC Endpoints Not Working

Custom oidc endpoints were configured using environment variables, zitadel changed the URLs of those endpoints, we can see that in the first print, however when acess zitadel i receive a not found error on those endpoints
No description
JoseSzycho
JoseSzycho
View on Discord
3/28/2025

Automating Zitadel Configuration Without Manual UI Interaction or API Calls

Hi, we are setting up our dev environment using docker, and need to configure some Zitadel settings without any manual interaction through the UI. Specifically, we need to set up pre-access token creation, Google and GitHub IdPs, and other configurations. What approach are you using? We want to automate these tasks but prefer not to rely on code to call the APIs....
PreviousNext