ZITADEL

Z

ZITADEL

ZITADEL - Identity infrastructure, simplified for you.

Join

questions-help-bugs

product-feedback-requests

Kanimozhi
Kanimozhi
View on Discord
5/5/2025

Assistance Needed: Google IDP Integration in ZITADEL Login

Hello Team!, I have recently started working with ZITADEL and am currently trying to configure multiple Identity Provider (IDP) logins for my application's ZITADEL login page. I have referred to the following documentation for integrating Google as an IDP: https://zitadel.com/docs/guides/integrate/identity-providers/google#ensure-your-login-policy-allows-external-idps ...
vf-tyler
vf-tyler
View on Discord
5/2/2025

v2beta/actions/* 404 with Actions V2 feature enabled

Hello, I realized I am still using the /v3alpha/actions/* endpoints and I went to switch to v2beta, but it seems all of the endpoints return 404: ```...
No description
mikecastillo
mikecastillo
View on Discord
5/1/2025

Is there a proto maven/gradle package?

I'm using quarkus app for connecting to the grpc services of zitadel. I'm looking for an oficial package that I can import to my gradle/maven config, instead of copy the proto file from the repository, so it keeps updated with each release that you are doing. So for now I copy the proto file, and added this dependencies to my gradle config, but I do not find in the documentation if this versions match the one you are using....
VilleFTW
VilleFTW
View on Discord
5/1/2025

Login shows Social idP, but not on Registration screen

Hello there! I'm trying to enable social links to be also available in the registration page, same as I have gotten on the login screen, but no matter what I do, they do not show up In addition, these are my settings for Google idP; even though I have added account create if it does not exist, I get back the following error...
No description
vhdirk
vhdirk
View on Discord
4/30/2025

K8s (with traefik) error 400 or 500

Hi! I've just installed zitadel in my homelab, which is a k3s cluster using traefik for ingress. I used the helm chart. After some issues with the init and setup jobs, I finally got to the point where I can login with the initial user. After the first login, I am asked to change the password. That seems to succeed. ...
AYEEDITYA
AYEEDITYA
View on Discord
4/29/2025

Migrating from CRDB to PGSQL

Has anyone migrated from cockroach DB to Postgres for Zitadel running via docker? I’ve been trying but have been unsuccessful. Any guidance would be much appreciated!
Tegar
Tegar
View on Discord
4/28/2025

Organization Home Page Customization

Hello, is there anyway to custom this page?
No description
Equinoxe
Equinoxe
View on Discord
4/25/2025

Disabling MFA globally

Is there any way to disable the MFA prompt which appears after the first login for the users (/ui/login/password)? I added those texts, but it seems that users don't read, just tap without knowing what MFA is, and later they don't know how to validate/use it 🙂 I have already configured Multifactor Init Check with a value of 0 as per https://zitadel.com/docs/guides/solution-scenarios/configurations#disable-multi-factor-mfa-prompt but the prompt still appears....
No description
bawsky
bawsky
View on Discord
4/24/2025

Roles missing in access token (JWT)

Hello. I'm trying to request access tokens with projects' roles without success - is this a bug or am I missing something? Authorization request (line breaks for readability): ``` note the scopes:...
oliwel
oliwel
View on Discord
4/23/2025

Debugging token handshake

hello - I need some really basic advice :/ After an upgrade from 2.67 to 2.71 last week we have the strange situation that a python script to get an access token via an assertion is no longer working on the prod env (windows server) but still works on Linux. We are unable to spot any error on the client side and even on "debug" level I just get the final generic error message. The "trace" log level seems to be unknown to zitadel so my question is simply: Is there any chance to "watch" whats happening inside Zitadel during the failed handshake to track down the problem?...
Ty
Ty
View on Discord
4/22/2025

Initate Login URI from SSO provider

Hello, I have a client who is integrating with us using their okta oidc client. For the most part everything is working well, but we want to enable the ability for their okta client to initiate the login process rather than relying on the login button from our login page to their specific okta client. Okta supports this easily enough, but it has a Initate Login URI configuration variable that I don't know what to tell them to put in. For reference, when specified and the client then tries to start the login, they are redirected to the configured URI with an iss search param that refers back to the cleints SSO provider. I assume at that point the app just needs to redirect to that issuer the same way the redirection happens if the user were to click the SSO button on our login page. I've attached a picture of the configration options within Okta....
No description
AYEEDITYA
AYEEDITYA
View on Discord
4/22/2025

Limiting access based on roles

I’m curious if I there is a dropdown or something in the UI I can use to limit access to an application or project based on user roles? Recently saw this implemented in pocket-id and would like a similar implementation....
No description
adrian
adrian
View on Discord
4/16/2025

Assigning Roles through Create Human User Endpoint

Is it possible to assign roles during new user creation? I am using the endpoint https://$CUSTOM-DOMAIN/v2/users/human...
JayPe
JayPe
View on Discord
4/16/2025

WARN auth request oidc_error.description="Unfortunately, the user may be not logged in ....

Any idea to debug this kind of error ? (last version of zitadel) ``` 2025/04/16 16:47:24 WARN auth request oidc_error.description="Unfortunately, the user may be not logged in and/or additional interaction is required." oidc_error.type=interaction_required...
stef
stef
View on Discord
4/16/2025

v2/users/human - emailcode expiration

Hello We use the v2/users/human API to create a new user (https://zitadel.com/docs/apis/resources/user_service_v2/user-service-add-human-user#request) : ```json...
Weltenbrand
Weltenbrand
View on Discord
4/16/2025

Do service user ignore "Check authorization on Authentication"

Hi, I am testing service users on a API application (client_id+client_secret) with PATs. I have one service user with a role/authorization (userA) in the project and one without (userB). In the project I have checked " Check authorization on Authentication". My understanding was that userB should not return as valid under the introspection endpoint. But both are returned as active. Where is my understanding wrong?...
Miro
Miro
View on Discord
4/16/2025

Setup custom SMS/HTTP provider per Terraform

It is possible to configure SMS/EMAIL provider via admin API. https://zitadel.com/docs/guides/manage/customize/notification-providers But how to configure it per Terraform? I would like to avoid having some configuration in terraform and some configuration in proprietary scripts for configuring....
Miro
Miro
View on Discord
4/15/2025

Lockout policy

Is there any way to unblock the blocked account after some time (e.g. 15 minutes)? The maximum password attempts feature is nice, but this would mean we need somebody who unlocking the blocked people. Automatically expired blockings would be a pragmatic solution for it....
Titouan-Joseph
Titouan-Joseph
View on Discord
4/13/2025

Metada in API response

Hello, I was surprised not to have the user's metadata in the API call return. I saw this two issues that talk about the same https://github.com/zitadel/zitadel/issues/9033 https://github.com/zitadel/zitadel/issues/9053 ...
Miro
Miro
View on Discord
4/11/2025

Customer portal, create new instance, no way to cancel it

Cancel Button and Window close button don't close the create instance dialog. Only way to get the rid of the dialog is F5 refresh. (if you don't want to create instance). Browser : Firefox 136.0.3 System: Ubuntu...
PreviousNext