Revoking Active Sessions and Tokens
I have recently updated a user's email address and would like to revoke all active sessions and tokens associated with their account. Could you please confirm if there is an API endpoint available for this purpose using a service user token?
Looking for Help Setting Up Zitadel
Ok, finally we got a solution with hosting, backup etc. which is managable for our budget.
But now for the next steps we still need help. The goal is to have a universal login page for our NGO to authenticate users across two different services. We have a managed self-hosted Zitadel instance running and now need help with setting everything up the right way.
- Setting up and customizing the login page ...
Handling of deleted users
Hi, I have a question regarding user deletion - I can see that if you delete the user via console, you can create a new user with the exact same email, but a different user id
Documentation states, that deletion sets the user's state to deleted, and the UI has a filter for user.state=DELETED, but it does not seem to return anything, and neither does the v2/users/{:userId} handle.
So, my question is - what actually happens to the user's data (I'm also curios about it in the context of GDPR compliance)? Is there a way to access it via API?...
Access / refresh tokens
Currently im writting frontend with zitadel. And i faced with problem that i dont know how works tokens (access and refresh). I need make frontend that i login/signup and after that get tokens, write it in the cookies and use access when i gotta make a request. And use refresh when i gotta revalidate access. But i dont know how to get these pair of tokens and how it works. Could you explain me how it work plz
Fetch a List of users in a WebApp
Hello Zitadel Team! 👋
I am using a Self-Hosted instance of Zitadel and I was wondering If I could possibly fetch a list of all available users in the Organization so a possible function like: Dropdown to choose a user responsible for something or whatever.
I am trying this: ...
Refresh token working, but still getting logged out!?
I implemented refresh tokens in React with
signInSilent which works when I set the ttl on the access token to 1 minute for example. So I thought everything is great, but when I set the access token ttl to 1 hour and the refresh token ttl to 31 days I would expect the user to have to login once a month. However the next day I'm forced to login again.
I don't understand why this is happening and I'm wondering if it has something to do with Zitadel itself??...Customizing email templates
Since spam filters are rejecting the init email messages sent by zitadel (and I fear other messages too), I found that with this call https://zitadel.com/docs/apis/resources/mgmt/management-service-set-custom-init-message-text you can change the template. I would like to know if is it possible to do it from the console too? Thanks.
P.S. My question about the rejections is here: https://discordapp.com/channels/927474939156643850/1349079401719136438...
Pre-select an identity provider on login
So my use case is the following:
I have my own landing page which has a login button and redirects to Zitadel login page, what I would like to chang is to have instead the following buttons:
- Login with password
- Login with Microsoft
And each button sending a customQueryParam to Zitadel login page which is used to trigger automatically the correct auth method....
Dark/Light Mode Pre-select for Login Page
Hello, is there any way of toggling the theme of the zitadel login page without relying on the cookie thats being set?
The idea is that i have some starting page with a dark/light mode and after pressing a login button, the existing theme choice should carry over, currently it seems to rely only on the system default and i could not find a option specify it on the redirect. Thanks....
UsersService setPassword v2 version should allow setting password without verification code
Hello there!
In our implementation we have the use case to programmatically set the password of the user in Zitadel through the API because we do the verification on our side.
In the v1 API https://zitadel.com/docs/apis/resources/mgmt/management-service-set-human-password we have this option, but this endpoint is marked as deprecated suggesting to use https://zitadel.com/docs/apis/resources/user_service_v2/user-service-set-password which requires a verification code as well.
Is there a plan to adjust this v2 endpoint (or another v2 endpoint) to support force setting the password programmatically without going through the reset process?...
How to use Google as identity provider but restrict logins to my company domain
I am trying to use google as provider to acess Zitadel. I would like to auto create account but only allow emails from the Company domain.
Onboarding email marked as spam
I am using sendmetric as SMTP relay for a self hosted Zitadel 2.70.0. Sendmetric is marking Zitadel's email messages, in Spanish, as spam. Here it is the message sendmetric's support sent me:
"After looking further into our logging for messages marked as spam by the sender you referenced, it scored high from multiple engines we utilize to detect spam. As a result it was marked as spam. Please keep in mind if we mark something as spam it will also likely be rejected as spam by the recipients you are sending to. Our best advice is to modify the content of the message you are sending and run it through some content checkers that score how spammy your message might be to improve it."
Is it possible to completely customize the email template in Zitadel to avoid these problems?...
Zitadel self hosted using http trough VPN
There is any example on how to setup this kind of deployment? My first login is being redirected to an error because of that.
I have a nginx controller with TLS disable to serve some services only via VPN....
Organization metadata sometimes changed when reading it back
I think this might be a bug in release 2.71.1. I write a value of "5566778899" to an organization metadata field. When I read it back I receive the value "556677889w==". I've observed values roundtrip correctly (shorter values, longer values), but something about this value triggers an edge case.
If it matters: I'm accessing the REST API from ruby, Zitadel is running locally in Docker Compose.
Sample API interaction attached. Hope this is easy to figure out with a test-case....
SAML Unable to verify Zitadel cert
Use-case:
Use Zitadel as Identity Provider for a Splunk Search Head instance.
Environment:...
Password Reset hidden
I understand that checking the "Password Reset hidden " option in /ui/console/instance?id=login would hide the "Reset password" password recovering link in Zitadel's login form. However, even if I checked the box and saved the configuration, the link still appears in the login form. This is in a Zitadel 2.70 self-hosted setup. Is this the intended behavior? Is it a bug? Where does this option apply? Thanks in advanced.
Cant change text on email OTP screen
Hi all, I am trying to customize the text on our "Verify OTP" screen, specfically we only use email OTP at the moment and wanted to update that to clue in our users that the code will be coming through email instead of just saying "verify your second factor". But when we update the copy on the "Verify OTP" screen no changes are shown within the app. Other customizations made to the login screen and such are reflected, just this one is giving us trouble.
Migrating from cockroach to postgres
Hi,
I want to switch my database backend from cockroach to postrges but I'm facing an error when I launch the setup command (see below).
The migration attempts to alter a table that doesn't exist if I'm guessing right. Can someone help me to solve this ? Thanks !...