ZITADEL

Z

ZITADEL

ZITADEL - Identity infrastructure, simplified for you.

Join

questions-help-bugs

product-feedback-requests

Ebram
Ebram
View on Discord
5/20/2025

How to create action to redirect when clicking reset password.

I want to redirect the user to use a custom reset password page off of zitadel is there a way to create an action that redirect the user to somewhere else. If thats not possible how do i get the sub of the user trying to reset there password. Using the event user.human.password.code.added?
No description
boblack_zocker
boblack_zocker
View on Discord
5/20/2025

Organization with only external provider login redirecting to type in password

Hello, I created a organization and i want them only to log in via external provider like microsoft activedirectory. the thing is that when i create a new user he gets redirected to the organization auth page and has to type in a password even if i have disabled password entry. only if i press the back button i get redirected to the external identity. this looks uncommon for me. shouldnt the user be directly redirected?
No description
Kanimozhi
Kanimozhi
View on Discord
5/20/2025

Store Password

Hi all, Can anyone confirm that is it possible for us to store a user without password and use that user ? I am using Google IDP, so I don't want to store the password in zitadel....
hypebeast18
hypebeast18
View on Discord
5/20/2025

is it possible to make auto-renewal of refresh token lifetime?

For exapmle, if i make a request to update my access token, our backend can check how long does refresh token have left to live. If it has less than 1 week, we make a request to extend the time of this token
Jeff D
Jeff D
View on Discord
5/15/2025

Locked out of instance

I've managed to lock myself out of an instance and here's how ... Requirement is to have users register with both an email address and phone number and to have on-time verification of both. So to test that i attempted to set the instance defaults to use SMS 2-Factor verification. After saving the changes i logged out of my app and when i attempt to login it now asks for my phone number which is great, but i never get the SMS code - presumably because i never setup Twilio. So i'm locked out of th...
nilsense
nilsense
View on Discord
5/14/2025

Flaky error from /oauth/v2/token

Latest Self-hosted version that has been tested: v2.71.6 Behavior not present in (at least) v2.58.3 In some of my integration tests, I am finding that the /oauth/v2/token endpoint is returning a flaky error. ...
Andy
Andy
View on Discord
5/13/2025

Self Hosted Azure Container Apps - "Database "zitadel" already exists"

Hey folks, i'm currently trying to deploy both Zitadel and Postgres out to an Azure Container App Environment as part of a PoC. I am able to deploy both containers to the environment using Terraform, however, when the Zitadel container executes the defined start-init command, I get logs stating that the Zitadel database already exists. I also get logs stating that certain aspects of Zitadels config exist too (roles for example) before the container ultimately hangs. As I am just proving out elements of deployment, I'm deploying both to the same container app environment, both are freshly deployed each time, and i'm using env vars instead of config files. There are no volumes being mounted for the db container, as well as no sidecars or init containers. Initial thinking was maybe two zitadel containers where triggering the same init process on my single postgres instance, but after forcing just a single replica with a single container across both I still see the same issue. I have attached the terraform i'm using (obfuscating anything relating to my azure subscription) for reference, as well as the logs messages i'm seeing for both the postgres container and zitadel container. Fully anticipate I'm doing something daft, so any help is greatly appreciated! (I'm also able to run the stack locally using compose, its just when I deploy to Azure its giving me errors.)...
zitadel-logs
пажилое калечко
пажилое калечко
View on Discord
5/13/2025

Domain discovery with identity provider flow

How work now: 1. User open login page which uses default organization's settings of company A with IDP options of A 2. Enter his email of company B -- here Zitadel determines user's organization by domain in email. 3. enter password...
boblack_zocker
boblack_zocker
View on Discord
5/13/2025

GetUserGrantByID for granted projects not working

Hello, i am trying to get the user roles from a user but its not working. I am using the GetUserGrantByID call. i give to the call the userid and the resourceId of the project but all i get is: {"Status(StatusCode="NotFound", Detail="User grant not found (QUERY-wIPkA)")"} The user has roles in this project for sure. what am i doing wrong?...
boblack_zocker
boblack_zocker
View on Discord
5/12/2025

Can i move Users from OrgA to OrgB.

Hello, is it possible to move Users from OrgA to OrgB and keep the id and everything roles ect.?
AYEEDITYA
AYEEDITYA
View on Discord
5/11/2025

Creating local user in Zitadel V3

Hey, so I recently upgraded to V3. Everything is well, however, when I create a local user in a specific organization, the user is still only created in the default org. Whys this? And how can I make it so it’s created in the specified organization? Since there is also no way to move a user to a different org.
Ty
Ty
View on Discord
5/9/2025

Outage information

We were hit by the outage yesterday pretty hard https://status.zitadel.com/incidents/290183, for about half an hour our users weren't able to login to our app. One thing that we tried to mitigate the issue was turning off the custom login that we were using which is largely based on the next app found at https://github.com/zitadel/typescript. It's somewhat unclear to me if that was the full solution or if we happened to do the switch around the same time that the cloud issues were resolving, but...
RockingChair
RockingChair
View on Discord
5/9/2025

Possible to activate user over console UI?

Hi, is it possible for me as an admin to activate a user and verify an email over the console ui? A user does not receive his verification mail due to unknown reasons and I want to activate him manually... Thanks!...
Sk-7060131690
Sk-7060131690
View on Discord
5/9/2025

ZOHO external IDP using generic OIDC

I am trying to use zoho as a login method in ziatdel login page using generic OIDC for my next js application but I dont see any button for zoho login in zitadel login page. I am sure I have correctly setup everything in zoho api console and ziatdel console. But I cant make it work. I am a junior dev and first time using zetadel as my company is shifting its authentication layer to zitadel self hosted and i have been tasked to implement zoho login with ziatdel provider and next auth. I cant fi...
Iyyammal
Iyyammal
View on Discord
5/8/2025

Zitadel - Facing issue while changing the logo

Hi, I am trying to change the zitadel logo in branding settings, but i have faced the error like "Http failure response for https://demoauth.inhlth.app/assets/v1/org/policy/label/logo/dark: 401 OK" Can anyone advice me why this error is happening
Ty
Ty
View on Discord
5/7/2025

OIDC callback url when using custom login, doesn't use custom domain

Hello, setting up a custom idp for a client. We also use the new custom login flow. I am seeing a couple descrepincies in the callback URL that we need to use. For one, we use a custom domain as well, but it is still making the request using the default zitadel domain. Also the path given in the documentation and the UI when setting up an IDP doesn't match, it is given as {CUSTOM_DOMAIN}/ui/login/login/externalidp/callback (and in that case it actually does use the custom domain). But when the request goes out it actually sets the callback to a path {GIVEN_ZITADEL_CLOUD_DOMAIN}/idps/callback. We can make this work, but it would be nice to have our clients configuring their SSO with the custom domain we have setup instead....
Masum
Masum
View on Discord
5/7/2025

Userinfo endpoint not returning all roles from all Role Audiences

When requesting the /userinfo endpoint using an access_token with the following scopes: openid profile email urn:zitadel:iam:org:project:id:zitadel:aud urn:zitadel:iam:org:project:id:<PROJECT-ID-1>:aud ...
Jon @ Posit
Jon @ Posit
View on Discord
5/6/2025

Device Authorization with Okta using zitadel/oidc

Hello! I'm attempting to use zitadel/oidc for device authorization against Okta, but I'm getting back this error from DeviceAuthorization: 
ErrorType=invalid_request Description=The client_assertion_type is invalid.
ErrorType=invalid_request Description=The client_assertion_type is invalid.
...
boblack_zocker
boblack_zocker
View on Discord
5/5/2025

Is there a way to have multiple microsoft identity provider but just 1 button instead of x buttons

Hello, i have a selfhosted zitadel and my customer have own identity providers that they want to have included. but for the moment if i add their identity provider as external identity on the main page there is added a button for that provider. so i would have a lot of buttons there. is there a way to change that?
Azure Byte
Azure Byte
View on Discord
5/5/2025

Is there a way to only allow a user to manage project permission grants instead of project owner?

I am looking to use Zitadel as an SSO authoriser and manager for a SaaS I am building. As part of this I am trying to allow users to manage user grants for a project and nothing else so they can manage who's allowed access to their instance themselves without messing up our config for them. I can see that there is an ORG_PROJECT_PERMISSION_EDITOR but is there one for just managing a single projects permissions? ...
PreviousNext