Can't start zitadel >= 2.66.0 with cockroach 23.2.0
With a simple docker compose configuration Zitadel fails to start with this error
Error: unknown function: eventstore.commands_to_events() (SQLSTATE 42883)Pinning zitadel instance versions
We're curious about the update patterns of the hosted zitadel instances in zitadel cloud. Are those typically kept in line with the
latest tagged docker release? Is there a way to pin them to a specific version and manage the updates more closely?Generating JWT for human user
I am using Zitadels Session API to validate the users.
The requirement now is tio have a way for the client to validate these tokens locally without calling the Zitadel API's to avoid calls to validate the token before evry action.
Since Zitadel Session tokens can only be validate at server side, I was looking for a solution if we can validate them locally (just call the Zitadel for checkign if the token is revoked)
...
SSO for NGO - HELP
Hello everyone. I am Ben.
I am asking here directly in the forum as I have been looking around. We are an NGO and currently have a Laravel backend for a platform where we have integrated login with email and 2FA with email one-time code. Now we are getting a new publishing platform sponsored and somehow I would like to have the same login credentials for both platforms. Do you know if it is a big deal to install Authentik and how much "manpower" this would require? Because the Laravael Platform (Platform 1) is launching soon, so maybe it would make sense to do it before it goes live and for the other platform (so platform 2) it might make sense to already use SSO to have a single account and not 2 accounts or whatever other options.
The hosted version is just too expensive for us as we have about 2-2,5 million free readers (unique users) every year and even if just 50% of the returning visitors would sign up that would be tens of thousands of active users and this is why we are looking into a self-hosted version on a VPS (we get discounts there) ...
expirationDate on session missing
Hello, I am working through building a custom login form, and I've ran into an issue where when I am calling into GET /v2/sessions/:session_id it is returning session objects without expirationDate set. Is that expected in some cases? Or is it a bug? Thank you.
Token Introspection for Session Tokens
I was wondering how one exchanged a session token for an access token as stated here
https://zitadel.com/docs/guides/integrate/login-ui/session-validation#token-introspection...
Which to use: @zitadel/node or @zitadel/client
Hello there!
I would have one question as we have started the implementation in our node backend to communicate with the Zitadel instance through the management API.
I have seen in the documentation that there are technically two Node libraries that we can use for that
@zitadel/client
https://github.com/zitadel/typescript/tree/main/packages/zitadel-client...
Hello Guys,
Hi,
I'm trying to create a service user from my frontend (not through the Zitadel console). However, the issue I'm facing is that my token is only an id_token, which means when I pass it to my custom API (which then uses the token to make API calls), it is not considered valid.
I also attempted a token exchange, but that didn't work for me either. Could you help me troubleshoot this issue?...
OIDC Generic Provider - Failed to extract ServerMetadata from context
When adding a generic OIDC provider to my Zitadel instance.
Trying to refresh the login UI, I see the specific log in my zitadel container:
Failed to extract ServerMetadata from context
...
Updating Organization Logo / Icon through the API
Is it currently possible to update the logo and the icon of an organization through the API? I couldn't find it in the documentation and it would be crucial for our work flow.
The problem is that currently our customers have the ability to set their logos through our platform and we would need to propagate the change to Zitadel for the login page branding to be correct....
Problem with upgrade from 2.66.1 to 2.67.6
Selfhosted Zitadel user with docker compose with an external PostgreSQL database here.
I just tried upgrading in two steps from 2.66.1 to 2.66.9 and from there to 2.67.6.
Only in the second step I realized that there was an error in the migration, so I am not sure whether it occured already when I upgraded to 2.66.9.
The error occured in a migration step mentioning "40_init_push_func_v4" which kept being repeated. ...
Session terminated, session.token.removed events missing in event search API
Hi team, I am looking to get active sessions of a user from events storage. I am using the API https://zitadel.com/docs/apis/resources/admin/admin-service-list-events.
Here is the body that I am using to send the request ,
```
{
"eventTypes": [...
Service user fetching /oauth/v2/token timing out
Zitadel version: v2.67.2
Running 3 instances behind nginx
Hello folks,
...
Custom OTP code
Is it possible to choose our own OTP number for the SMS OTP challange?
I'm using the session API....
Build error while migration
Hi team , I am using M1 processor and I am facing bulid errors while migration. I am facing different migration errors for different versions.
The build is working fine for intel processors in MacBook , would there be any different configuration for different processors?
The zitadel config we are using is:
...
Search User Grants sorting order does not work
hello team,
for : https://zitadel.com/docs/apis/resources/mgmt/management-service-list-user-grants
Can you please explain how the asc parameter works?...
Monitoring Zitadel http latencies via internal prometheus metrics
In order to monitor and alert on Zitadel app/pods http latencies, we have configured 95 percentile stats on ...
http_server_duration_milliseconds_bucket internal Prometheus metric (which Zitadel itself exposes):
(histogram_quantile(0.95, sum(rate(http_server_duration_milliseconds_bucket{container=~".*zitadel.*"}[5m]))
by (le, pod, net_host_name))) > 2000
(histogram_quantile(0.95, sum(rate(http_server_duration_milliseconds_bucket{container=~".*zitadel.*"}[5m]))
by (le, pod, net_host_name))) > 2000
Terminate all the active sessions at once.
Hi team, I have a user who has more than 20 sessions when I search the sessions that he has with https://zitadel.com/docs/apis/resources/session_service_v2/session-service-list-sessions. Do we have an option to terminate all the sessions at once instead of terminating the session one at a time with https://zitadel.com/docs/apis/resources/session_service_v2/session-service-delete-session ?
This termination at once would help us a lot. Thanks...
Need help upgrading form v2.55.8 to v2.67.1
I have an instance of Zitadel running on EKS that uses PostgreSQL running on RDS.
Current Zitadel Version: v2.55.8
Upgrade Version: v2.67.1
...
Options for storing zitadel's session api's token
Hi, as far as I know, the best option to storing a token is an httpOnly cookie, set by the backend. I was trying to figure out how I could do that using Zitadel, but couldn't really find a fully satisfying option, so here are the options I'm seeing:
1) have access to a zitadel's api method that would allow to have session token set as a httponly cookie (couldn't find it)
2) use the instance of the zitadel's typescript login ui running next to our zitadel's instances (non-standardized, afaik)
3) roll our own backend that will do the session creation...