ZITADEL

ZITADEL - Identity infrastructure, simplified for you.

Join

ZITADEL

ZITADEL - Identity infrastructure, simplified for you.

Join

questions-help-bugs

product-feedback-requests

nullsense

1/13/2025

Clarifying System API Users

Hello everyone, I'm following the Access ZITADEL APIs docs and I'm unclear abotu a couple things concerning the System API configuration, as shown here. Can anyone confirm that if I provide the SystemAPIUsers with the IAM_OWNER and ORG_OWNER roles that I can create Users and Service Users for an organization I am authorized for as a System User?...

Kalcode

1/13/2025

Restoring backup DB doesn't work

When I pg_dump Zitadel and psql zitadel < backup.sql and boot it can't start as X already exists and fails migration. I guess I thought they'd be inside the DB I dumped 🤔. Use case, in case there a better solution:...

ICSharp

1/9/2025

Limitation with deleting of members within an authorization

Enviroment: Self Hosting Stack: App written with PHP User-case: -German- Ist Zustand:...

Endre | Blackr4t

1/8/2025

Zitadel uninvited user can login to app?

Hi so vaguely speaking if I have an app in a project where a user is not granted via Authorization should the user be able to login to that app or is there some scoping that typically needs to be done to limit this?

shree_harsha

1/5/2025

Is it secure to use sendgrid api's keys in zitadel actions?

We want to send a welcome email with our custom template upon user registration using SendGrid. Is it safe to use SendGrid API keys directly in the Zitadel action to send the welcome email, or would it be better to make an external API call to our server to handle the welcome email?

JayPe

12/23/2024

Avoid adding port in issuer url

Hello, When the token is generated the issuer is : https//mydomain:443 Is it possible to avoid having the port at the end ? "iss": "https://idp.dev.ludocare.com:443",...

Ramsai

12/23/2024

Different user IDs in local and prod in the userinfo end point.

When I sign in with Google, in local I am receiving a value which is not my User ID in the sub field for the userinfo endpoint. But when I do the same in the application which is deployed , I am receiving the correct user ID in the sub. Could you please help me figure out the error?

Shardool

12/22/2024

Issues with using AWS application load balancer

Hi i've installed the zitadel helm chart and i've been trying to expose it over AWS ALB but without much luck. I have a next.js frontend which redirects to zitadel for login and then my backend Go performs token introspection and grpc calls to zitadel. With following configuration, login works but the grpc calls don't (which i guess is expected). ``` ExternalSecure: true ExternalPort: 443 ExternalDomain: auth.ryvn.app...

Ramsai

12/20/2024

Expiry code for verification code

Hi team, I have set an expiry time for the verification code in my management console. How do I check whether the code is expired. I mean the login obviously wouldn't be working, but is there a status code or error message saying that the login failed because the verification code is expired? If no, how can I check whether a verification code is expired so that I can give my own error message. Thanks in advance 🙂...

Ramsai

12/19/2024

Email Verification while user registration

Hi team, I am working on sending a verification email to newly registered users. I am getting the 400 error whenever I try to register a user , the error message is "proto: (line 1:115): error parsing "sendCode", oneof zitadel.user.v2.SetHumanEmail.verification is already set". this is my API request const response = await fetch(...

2isprime

12/16/2024

Deactivate User account due to inactivity

Hello Team, I have a scenario where I want to deactive a user due to being inactivty lets says for 30 days. So the ideal solution is to look at the event logs although the client must only generate the session token and then keep on using the token to let the user perfrom actvities on their application which will not be logged in the Zitadel event store....

ĐARK々MÁTTER

12/16/2024

How can I create the human users programatically using APIs?

I have 2 organizations and I want to create users in them programatically based on the condition in the csv file, (I dont want to use the import feature because csv requires some transformation). I have tried with converting JSON file to jwt for management, auth and admin users and it didnt work. ```bash go install github.com/zitadel/zitadel-tools@latest ...

Tamil Selvan

12/12/2024

Remove the back button in the LDAP login page, if User Name, Password login is turned OFF

Is there a way to do that?

sp132

12/10/2024

Generated IDs are non-unique

I'm in the process of setting up IaC for our ZITADEL installations, and it seems there is a significant issue with the ID generation process. The problem is severe, as the generated IDs are not unique when multiple resources are created at once, causing consistency issues. I'm not sure what I can do about it, maybe there is something in the configuration or setup process that can help? I'm using the latest version of Zitadel Terraform provider and Zitadel 2.60.2....

JayPe

12/9/2024

When I'm login to the zitadel login ui. I specified a redirect URI like this one : xxx://xxx-callback With the redirect URI, my mobile app can intercept it, and then redirect to the home page of my app. BUT, If I don't wait for the app redirection and click on the next button of the zitadel login ui, I got an error message : ID=CACHE-d24aD Message=Errors.AuthRequest.NotFound Parent=(sql: no rows in result set)...

irieimperator

12/5/2024

Go SDK set "x-zitadel-orgid" header

Based on the API docs, the header “x-zitadel-orgid” is required to scope ex. the request ManagementService().SetOrgMetadata() to an organization. How do I set this using the SDK? https://zitadel.com/docs/apis/resources/mgmt/management-service-set-org-metadata...

11011011

12/3/2024

Actions V2 - Adding claims to token

Hi, is there any available example how to add custom claims to access or ID token using actions V2 API? We need to insert some custom claims that are not available in Zitadel system....

shree_harsha

12/2/2024

How to set session time dynamically with custom login flow?

In my case, for some users, the session should be 24 hours. For others, it should be 30mins. Please let me know if that is possible to implement in custom login flow. If not then how to set some default session time.

irieimperator

11/28/2024

E-Mail as username already taken, user cannot join organization

Scenario We as a company have the following scenario: We offer various online services; most of them are for b2b customers and are paid. Here we simply create one organization per customer, which works wonderfully with zitadel. But we also have a blog (wordpress) where users can register and comment. The blog is intended for everyone, including private individuals or employees of a company that is not a “customer” of ours. Here it is neither possible nor sensible to assign users to a specific organization. Instead, we would create a general “public” organization and assign the users of the blog to it. ...

sp132

11/27/2024

Dismal performance of Users API V2

We have been using the Management API gRPC endpoints for some time and recently decided to try the Users API v2, primarily because of the organization filter. However, the difference in performance is so significant that we find it unusable. The management.v1.ListUsers call takes roughly 1.5 seconds to return 9,800+ results (unpaginated response), whereas users.v2.ListUsers takes 54–56 seconds to complete the same operation. What gives?...

Previous Next