ZITADEL

Z

ZITADEL

ZITADEL - Identity infrastructure, simplified for you.

Join

questions-help-bugs

product-feedback-requests

11011011
11011011
View on Discord
9/29/2025

Bearer token type does not trigger 'preaccesstoken' v2 action not triggered

Hi, I have a project application configured as shown on the picture. Token settings: Bearer token. Actions V2 configured like this: ```...
No description
nlu
nlu
View on Discord
9/29/2025

No root login after update (user not active)

Selfhosted Zitadel with docker compose and an external PostgreSQL DB here. I updated from version 3.3.0 to 3.4.0 and then to 3.4.2, When I try to login to zitadel via the console with the root user, using the format "root@zitadel.{ourdomain}" I get an error message before even entering the password, stating
Benutzer ist nicht aktiv (EVENT-Zws3s) (user is not active)...
Avlambertucci
Avlambertucci
View on Discord
9/29/2025

Resend code not working

Hi Zitadel team! I am trying to create a user via API, it creates it and its also sending a notification through SMTP, I receive the email correctly, but what if the user lost that first activation email and needs a new one, I was expecting to click on Resend Code and receive a new email, instead I see the error Could not find code. I wonder if this is something on your end, or it something I have to add on my instance? Much thanks!...
No description
Linus
Linus
View on Discord
9/29/2025

External OAuth2 provider Error:SetHumanProfile.GivenName: value length must be between 1 and 200 run

I use an external OAuth2 provider as an alternative to the default zitadel login. Currently im facing the following error after succesfull OAuth login flow: "[invalid_argument] invalid AddHumanUserRequest.Profile: embedded message failed validation | caused by: invalid SetHumanProfile.GivenName: value length must be between 1 and 200 runes, inclusive" Zitadel is requesting the OAuth2 user endpoint and getting the following example response:...
No description
Guyzeroth
Guyzeroth
View on Discord
9/29/2025

Missing event logs/Historic events help?

Hello, I am trying to get access logs from one of our customers using /admin/v1/events/_search e.g ```"eventTypes": [ "user.human.externallogin.check.succeeded" ],...
Helixo
Helixo
View on Discord
9/29/2025

Login v1 vs Login v2 for production launch

Hello Zitadel Team and Community, We have successfully integrated the self-hosted version of Zitadel into our SaaS solution and are now preparing for our production launch. As we finalize our setup, we're looking for some advice on whether to use Login V1 or V2, and we would be grateful for your guidance. Our initial plan was to use the new Login V2, since it’s the recommended stable default in v4.0. However, we've found that our go-live is currently blocked by several important bugs such as Domain Discovery in #10662, UI customizations in #580, #581, #582, #583 (typescript repo) and SAML POST-Redirect in #10759. This creates a significant dilemma for us, especially when looking at the public roadmap. We've seen that Login V1 is planned to be deprecated in the next major iteration, V5, supposedly as early as November....
Lucho
Lucho
View on Discord
9/29/2025

Zitadel action user register

Hi, I want to use a Zitadel Action to add a user role automatically after registration. I configured my setup according to this guide: https://zitadel.com/docs/guides/manage/customize/behavior The project is granted to the default organization. I used "Internal Authentication" as a Flow Type and the name of the action "addGrant" is the same as the function name. ...
No description
Joebeurg
Joebeurg
View on Discord
9/27/2025

Role Filtering Administrators [GO SDK]

Hi, I am trying to retrieve list of Managers in an Org using the InternalPermissionServiceV2Beta, when using the filters with RoleKey, I get the following error: rpc error: code = InvalidArgument desc = List.Query.Invalid (ORG-vR9nC) Here is my code:...
Oscar
Oscar
View on Discord
9/26/2025

AddIDPLink Failing with COMMAND-39nf2

Env: Self-hosted Version: Latest Stack: Docker here (using k8s in prod) ...
Endre | Blackr4t
Endre | Blackr4t
View on Discord
9/26/2025

Using the Go SDK inside k8s

How do you configure an sdk to send instance headers when running towards internal addresses in a k8s cluster to avoid Zittadel saying it's a unknown instance?
Doderich
Doderich
View on Discord
9/26/2025

Export Endpoint /admin/v1/export throws Internal Server Error

Hello Guys, Im trying to export all data from cloud Zitadel instance. I followed the steps in the documentation https://zitadel.com/docs/guides/migrate/sources/zitadel#source-system I tried it a few days ago and it worked fine, but now with the same parameters the endpoints return this error....
stef
stef
View on Discord
9/26/2025

API for "Force MFA"

Which API can I use to control, (set and/or delete) the two flags "Force MFA for all users" and "Force MFA for local authenticated users only" ?
No description
notfoundium
notfoundium
View on Discord
9/26/2025

Export enpoint does not work in an acceptable time

Good day! I’m facing an issue with the export endpoint. I’m trying to use it to transfer users together with their passwords between two organizations within Zitadel. I was able to export 1–2 users from the test organization, but exporting users in production (>20,000) results in a timeout — both with a 30-minute limit and with a 60-minute limit. Because of this, I cannot complete the transfer. I also noticed that the responseOutput parameter has no effect on the endpoint’s behavior. I tried exporting to S3 using s3Output as well — with valid credentials, no new file appears in the bucket, no error occurs (not even in Zitadel logs), and the export still returns data in the HTTP response body (in the test organization). Is there any solution for this? Or are there any alternative ways to move users from one organization to another without changing their passwords?...
Tamil Selvan
Tamil Selvan
View on Discord
9/25/2025

LDAP Login Failed: invalid URL escape "%E$"'

I am trying to login through the LDAP, but when password contains special character like %$ I am getting error like below invalid StartIdentityProviderIntentRequest.Ldap: embedded message failed validation | caused by: invalid LDAPCredentials.Password: value must be a valid URI | caused by: parse "Password@%E$": invalid URL escape "%E$"' So, here the password of the user is Password@%E$, This error happened when tried in custom login, ...
malte
malte
View on Discord
9/25/2025

Supabase as JWT IDP for Zitadel

I am on Zitadel Cloud and want to use it to handel Authentication for multiple Apps. Since I am using Supabase as my core service i would love to integrate it as IDP for zitadel. Name: Supabase Auth Header Name: x-custom-tkn ...
feliwir
feliwir
View on Discord
9/24/2025

Deploy Zitadel in subpath (nginx)

Hey, all tutorials / guides for deploying Zitadel assume that it is deployed on the DNS root. However can i also deploy it in a subpath like /zitadel? I didn't find any resources on that topic
notfoundium
notfoundium
View on Discord
9/24/2025

User migration between Organizations

Good day! While working with Zitadel (Self-hosted, version 4.1.0), we encountered the following issue: the client is requesting to move all users from one organization to another without changing their passwords. When we previously migrated users from the old database (Django + Postgres), we used the *import *endpoint, which allowed us to transfer user passwords hashed with PBKDF2 into Zitadel. However, as far as I understand, Zitadel currently does not support changing a user's organization, nor is it possible to recreate a user with their existing password hash....
Koen
Koen
View on Discord
9/24/2025

Custom SAML Attributes

Hi all I’m working on integrating Duo as a SAML app with Zitadel, but I’ve run into an issue with attribute mappings. Right now, Zitadel’s SAML attributes are fixed (email, firstName, etc.), but Duo requires custom/renamed attributes for the integration to work. Specifically, Duo expects the following mapping:...
wim
wim
View on Discord
9/23/2025

postgres password problem

Hi, I am trying to run zitadel in a docker container on a vps. On the vps I also have a postgres db running, also in docker. I created two users for zitadel: zitadel_root and zitadel_user. When I try to connect to the database with those users using DBeaver, everything works fine. But the Zitadel container gives the following error:
time="2025-09-23T20:36:47Z" level=info msg="initialization started" caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:70"...
Clementine
Clementine
View on Discord
9/23/2025

Persistent zitadel-init failure

Hello everyone, I'm running into a persistent issue with my Zitadel Docker Compose setup and I'm hoping someone can spot what I'm missing. The Situation: I'm trying to deploy Zitadel and can successfully reach the UI on my domain. However, looking at the logs for my PostgreSQL container (db-1), I can see the initialization is failing and both zitadel-init and zitadel seems running ....
PreviousNext