ZITADEL

Z

ZITADEL

ZITADEL - Identity infrastructure, simplified for you.

Join

questions-help-bugs

product-feedback-requests

Caio Rosa
Caio Rosa
View on Discord
3/11/2025

How to use Google as identity provider but restrict logins to my company domain

I am trying to use google as provider to acess Zitadel. I would like to auto create account but only allow emails from the Company domain.
Equinoxe
Equinoxe
View on Discord
3/11/2025

Onboarding email marked as spam

I am using sendmetric as SMTP relay for a self hosted Zitadel 2.70.0. Sendmetric is marking Zitadel's email messages, in Spanish, as spam. Here it is the message sendmetric's support sent me: "After looking further into our logging for messages marked as spam by the sender you referenced, it scored high from multiple engines we utilize to detect spam. As a result it was marked as spam. Please keep in mind if we mark something as spam it will also likely be rejected as spam by the recipients you are sending to. Our best advice is to modify the content of the message you are sending and run it through some content checkers that score how spammy your message might be to improve it." Is it possible to completely customize the email template in Zitadel to avoid these problems?...
Caio Rosa
Caio Rosa
View on Discord
3/10/2025

Zitadel self hosted using http trough VPN

There is any example on how to setup this kind of deployment? My first login is being redirected to an error because of that. I have a nginx controller with TLS disable to serve some services only via VPN....
rud
rud
View on Discord
3/7/2025

Organization metadata sometimes changed when reading it back

I think this might be a bug in release 2.71.1. I write a value of "5566778899" to an organization metadata field. When I read it back I receive the value "556677889w==". I've observed values roundtrip correctly (shorter values, longer values), but something about this value triggers an edge case. If it matters: I'm accessing the REST API from ruby, Zitadel is running locally in Docker Compose. Sample API interaction attached. Hope this is easy to figure out with a test-case....
Dohvaken
Dohvaken
View on Discord
3/6/2025

SAML Unable to verify Zitadel cert

Use-case: Use Zitadel as Identity Provider for a Splunk Search Head instance. Environment:...
Equinoxe
Equinoxe
View on Discord
3/6/2025

Password Reset hidden

I understand that checking the "Password Reset hidden " option in /ui/console/instance?id=login would hide the "Reset password" password recovering link in Zitadel's login form. However, even if I checked the box and saved the configuration, the link still appears in the login form. This is in a Zitadel 2.70 self-hosted setup. Is this the intended behavior? Is it a bug? Where does this option apply? Thanks in advanced.
Ty
Ty
View on Discord
3/5/2025

Cant change text on email OTP screen

Hi all, I am trying to customize the text on our "Verify OTP" screen, specfically we only use email OTP at the moment and wanted to update that to clue in our users that the code will be coming through email instead of just saying "verify your second factor". But when we update the copy on the "Verify OTP" screen no changes are shown within the app. Other customizations made to the login screen and such are reflected, just this one is giving us trouble.
Wolfbergen
Wolfbergen
View on Discord
3/4/2025

Migrating from cockroach to postgres

Hi, I want to switch my database backend from cockroach to postrges but I'm facing an error when I launch the setup command (see below). The migration attempts to alter a table that doesn't exist if I'm guessing right. Can someone help me to solve this ? Thanks !...

message.txt

Shengael
Shengael
View on Discord
3/3/2025

Custom invitation flow

Hi everyone, I’m experimenting with Zitadel and trying to manage the invitation flow myself, including sending emails. I attempted to create a user via the API and then request an invitation code, but I’m getting the following error: User is already initialized (COMMAND-EF34g)...
Ebram
Ebram
View on Discord
2/28/2025

iframe setup redirects to console/ which doesn't contain the correct frame-ancestors

I'm trying to implement zitadel in an iframe I have enabled the feature in the settings. I point my iframe source to root / of my Zitadel Instance. It does several redirects before landing on console which is blocked because it does not contain the correct frame ancestor. Attached is an image of my network the first call is my zitadel instance....
No description
kevinight
kevinight
View on Discord
2/26/2025

Zitadel Pulumi Provider maintenance

Hi team, Thanks for your work!
After the Zitadel Pulumi provider has been transferred: https://github.com/pulumiverse/pulumi-zitadel/pull/28/files, there's been no PR gets merged....
pbechliv
pbechliv
View on Discord
2/24/2025

Link same external IdP to multiple Users

I have the use case where I have in different organisations different user objects that share the same email address. Based on the organisation scope the user logs in to the correct organisation. What I want to achieve is that the user can log in with the same IdP to these different organisations, but it seems that after I link the IdP to one user then I cannot do it anymore for the user in the other organisation. Do i have to find an alternative or is there a workaround to achieve the desired behavior?...
ianmuhia
ianmuhia
View on Discord
2/21/2025

unable to create account

Zitadel says account already existing while i try to login with a different org
boblack_zocker
boblack_zocker
View on Discord
2/20/2025

Performance breaks by unknown reasons

Hello, our production self-hosted zitadel is doing misterious things in the kubernetes. Out of nowhere he start big read/write operations and by that it stops working for about 5minutes till the process is done and then it functions normally again. is it doing some kind of maintance in the background or why is it doing that?
No description
kevinight
kevinight
View on Discord
2/20/2025

ERROR: Failed to extract ServerMetadata from context

hi everyone, i've searched in discord and github already but couldn't find answer: Environment: Self Hosting Version: v2.67.2...
No description
kevinight
kevinight
View on Discord
2/19/2025

Indefinite migration already started for zitadel setup job

hi everyone, i'm having trouble with this. could anyone offer some advice? thanks!
cris
cris
View on Discord
2/13/2025

Can't start zitadel >= 2.66.0 with cockroach 23.2.0

With a simple docker compose configuration Zitadel fails to start with this error Error: unknown function: eventstore.commands_to_events() (SQLSTATE 42883)
Ty
Ty
View on Discord
2/13/2025

Pinning zitadel instance versions

We're curious about the update patterns of the hosted zitadel instances in zitadel cloud. Are those typically kept in line with the latest tagged docker release? Is there a way to pin them to a specific version and manage the updates more closely?
2isprime
2isprime
View on Discord
2/13/2025

Generating JWT for human user

I am using Zitadels Session API to validate the users. The requirement now is tio have a way for the client to validate these tokens locally without calling the Zitadel API's to avoid calls to validate the token before evry action. Since Zitadel Session tokens can only be validate at server side, I was looking for a solution if we can validate them locally (just call the Zitadel for checkign if the token is revoked) ...
BenTal
BenTal
View on Discord
2/11/2025

SSO for NGO - HELP

Hello everyone. I am Ben. I am asking here directly in the forum as I have been looking around. We are an NGO and currently have a Laravel backend for a platform where we have integrated login with email and 2FA with email one-time code. Now we are getting a new publishing platform sponsored and somehow I would like to have the same login credentials for both platforms. Do you know if it is a big deal to install Authentik and how much "manpower" this would require? Because the Laravael Platform (Platform 1) is launching soon, so maybe it would make sense to do it before it goes live and for the other platform (so platform 2) it might make sense to already use SSO to have a single account and not 2 accounts or whatever other options. The hosted version is just too expensive for us as we have about 2-2,5 million free readers (unique users) every year and even if just 50% of the returning visitors would sign up that would be tens of thousands of active users and this is why we are looking into a self-hosted version on a VPS (we get discounts there) ...
PreviousNext