ZITADEL

Z

ZITADEL

ZITADEL - Identity infrastructure, simplified for you.

Join

questions-help-bugs

product-feedback-requests

boblack_zocker
boblack_zocker
View on Discord
3/27/2025

"UNABLE_TO_VERIFY_LEAF_SIGNATURE" Error 403 Forbidden

Hello i added a external microsoft identity provider into my Zitadel. Now i got a problem because in my Local Test Zitadel everything works fine with the External identity but on production i get a certificate error. What could the problem be? it normally gets the token and keys but when i do the api call it failes. on my local test zitadel it works.
No description
Shengael
Shengael
View on Discord
3/26/2025

Best Practices for Managing Public Domains in a B2B Organization Model

Hello đź‘‹ I'm building a B2B solution where each client gets their own organization based on their domain (e.g., client.com). The idea is to automatically create a new organization for each detected domain. Problem:...
SebastianB
SebastianB
View on Discord
3/25/2025

Entra SAML connect existing Zitadel accounts

I have setup Entra SAML as IdP for an organization according to the example of Zitadel (https://zitadel.com/docs/guides/integrate/identity-providers/azure-ad-saml). It seems to work to connect, but I always get the message that external user account is not found, even though I specified the email as matching criteria and the e-mail I test exists in the organization I selected. Afterwards I get to another Login form that asks me to connect to an account and I need to login again. However, I don't want to manual link accounts by my users....
No description
Arnau
Arnau
View on Discord
3/22/2025

Zitadel TypeScript login: Issues Enabling HTTP/2 for gRPC with Zitadel in K8S (ALB Ingress)

Hi everyone, We’re onboarding the Zitadel TypeScript project in our Kubernetes setup (zitadel-typescript-login), but we’ve run into an issue with enabling HTTP/2 support while keeping compatibility with other services. Our Setup...
notfoundium
notfoundium
View on Discord
3/21/2025

User metadata does not appear in the token

Good day. I am currently using the self-hosted Zitadel, and I have a problem with the metadata in the id_token. I'm relying on the information in the documentation(https://zitadel.com/docs/guides/manage/customize/user-metadata). In order for the metadata to appear in the user's id_token, I need to set in the application settings "User info inside ID token", and I did it in my React app (pic. 1). I have set the specific user's metadata using the API via Python requests, and looks like it was succ...
No description
LC Labs
LC Labs
View on Discord
3/21/2025

panic: runtime error: invalid memory address or nil pointer dereference

Good morning. I'm setting up zitadel on GCP, and I encounter this error regurally. Do you have any idea what might cause it? ``` panic: runtime error: invalid memory address or nil pointer dereference...
No description
Nik
Nik
View on Discord
3/21/2025

Revoking Active Sessions and Tokens

I have recently updated a user's email address and would like to revoke all active sessions and tokens associated with their account. Could you please confirm if there is an API endpoint available for this purpose using a service user token?
BenTal
BenTal
View on Discord
3/20/2025

Looking for Help Setting Up Zitadel

Ok, finally we got a solution with hosting, backup etc. which is managable for our budget. But now for the next steps we still need help. The goal is to have a universal login page for our NGO to authenticate users across two different services. We have a managed self-hosted Zitadel instance running and now need help with setting everything up the right way. - Setting up and customizing the login page ...
Elmond
Elmond
View on Discord
3/20/2025

Zitadel Fails DB Migration

Hello, I use Zitadel on Docker on a Debian 12 VPS. As database I have a Docker backed CRDB container. I have automatic updates through Watchtower on both. A month ago or so, after 2.69, I had the problem that some others had of the startup DB “verify migration” failing due to timeout. I kept 2.67.1 installed until yesterday, when CRDB started giving me problems. Now everytime I start Zitadel (also tried starting it with the DB mirroring to Postgres config) I get an error at startup, again, during DB verification and, then, another error that states Zitadel cannot connect to CRDB....
maksim.khardin
maksim.khardin
View on Discord
3/19/2025

Handling of deleted users

Hi, I have a question regarding user deletion - I can see that if you delete the user via console, you can create a new user with the exact same email, but a different user id Documentation states, that deletion sets the user's state to deleted, and the UI has a filter for user.state=DELETED, but it does not seem to return anything, and neither does the v2/users/{:userId} handle. So, my question is - what actually happens to the user's data (I'm also curios about it in the context of GDPR compliance)? Is there a way to access it via API?...
hypebeast18
hypebeast18
View on Discord
3/18/2025

Access / refresh tokens

Currently im writting frontend with zitadel. And i faced with problem that i dont know how works tokens (access and refresh). I need make frontend that i login/signup and after that get tokens, write it in the cookies and use access when i gotta make a request. And use refresh when i gotta revalidate access. But i dont know how to get these pair of tokens and how it works. Could you explain me how it work plz
Perditus
Perditus
View on Discord
3/18/2025

Fetch a List of users in a WebApp

Hello Zitadel Team! đź‘‹ I am using a Self-Hosted instance of Zitadel and I was wondering If I could possibly fetch a list of all available users in the Organization so a possible function like: Dropdown to choose a user responsible for something or whatever. I am trying this: ...
hypebeast18
hypebeast18
View on Discord
3/17/2025

How to setup own form in frontend instead of Zitadel's form

I wanna use my own form to log in my app
hypebeast18
hypebeast18
View on Discord
3/17/2025

How to manage time of access and refresh tokens?

No description
tamis0583
tamis0583
View on Discord
3/15/2025

Refresh token working, but still getting logged out!?

I implemented refresh tokens in React with signInSilent which works when I set the ttl on the access token to 1 minute for example. So I thought everything is great, but when I set the access token ttl to 1 hour and the refresh token ttl to 31 days I would expect the user to have to login once a month. However the next day I'm forced to login again. I don't understand why this is happening and I'm wondering if it has something to do with Zitadel itself??...
Equinoxe
Equinoxe
View on Discord
3/12/2025

Customizing email templates

Since spam filters are rejecting the init email messages sent by zitadel (and I fear other messages too), I found that with this call https://zitadel.com/docs/apis/resources/mgmt/management-service-set-custom-init-message-text you can change the template. I would like to know if is it possible to do it from the console too? Thanks. P.S. My question about the rejections is here: https://discordapp.com/channels/927474939156643850/1349079401719136438...
pbechliv
pbechliv
View on Discord
3/12/2025

Pre-select an identity provider on login

So my use case is the following: I have my own landing page which has a login button and redirects to Zitadel login page, what I would like to chang is to have instead the following buttons: - Login with password - Login with Microsoft And each button sending a customQueryParam to Zitadel login page which is used to trigger automatically the correct auth method....
Eren Dogan
Eren Dogan
View on Discord
3/12/2025

Dark/Light Mode Pre-select for Login Page

Hello, is there any way of toggling the theme of the zitadel login page without relying on the cookie thats being set? The idea is that i have some starting page with a dark/light mode and after pressing a login button, the existing theme choice should carry over, currently it seems to rely only on the system default and i could not find a option specify it on the redirect. Thanks....
pbechliv
pbechliv
View on Discord
3/12/2025

UsersService setPassword v2 version should allow setting password without verification code

Hello there! In our implementation we have the use case to programmatically set the password of the user in Zitadel through the API because we do the verification on our side. In the v1 API https://zitadel.com/docs/apis/resources/mgmt/management-service-set-human-password we have this option, but this endpoint is marked as deprecated suggesting to use https://zitadel.com/docs/apis/resources/user_service_v2/user-service-set-password which requires a verification code as well. Is there a plan to adjust this v2 endpoint (or another v2 endpoint) to support force setting the password programmatically without going through the reset process?...
Caio Rosa
Caio Rosa
View on Discord
3/11/2025

How to use Google as identity provider but restrict logins to my company domain

I am trying to use google as provider to acess Zitadel. I would like to auto create account but only allow emails from the Company domain.
PreviousNext