ZITADEL

ZITADEL - Identity infrastructure, simplified for you.

Join

ZITADEL

ZITADEL - Identity infrastructure, simplified for you.

Join

questions-help-bugs

product-feedback-requests

jaysonsantos

8/5/2025

v4 local run won't serve ui

Hey there folks, while trying to run the example from the docs on macos, the ui will always 404, is that something known? to run i did ``` ZITADEL_DATABASE_POSTGRES_HOST=localhost ZITADEL_DATABASE_POSTGRES_PORT=5432 ZITADEL_DATABASE_POSTGRES_DATABASE=zitadel ZITADEL_DATABASE_POSTGRES_USER_USERNAME=jayson.reis ZITADEL_DATABASE_POSTGRES_USER_PASSWORD= ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE=disable ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME=jayson.reis ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD= ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE=disable ZITADEL_EXTERNALSECURE=false ./.devenv/state/zitadel/zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled...

ianmuhia

8/5/2025

grant_type missing

suddenly getting description: 'grant_type missing', when trying to validate authorization code , any help?

fireblazer🔥

8/5/2025

i have mirrored the crdb to psql, but getting some issue after migration, t

postres logs: postgres | 2025-08-05 15:18:18.757 UTC [204] ERROR: duplicate key value violates unique constraint "idp_login_policy_links5_pkey" postgres | 2025-08-05 15:18:18.757 UTC [204] DETAIL: Key (instance_id, aggregate_id, idp_id)=(332018629145001986, 332018629145001986, 332019326171217922) already exists. postgres | 2025-08-05 15:18:18.757 UTC [204] STATEMENT: INSERT INTO projections.idp_login_policy_links5 (idp_id, aggregate_id, creation_date, change_date, sequence, resource_owner, instance_id, provider_type) VALUES ($1, $2, $3, $4, $5, $6, $7, $8)...

spicypixel

8/5/2025

Frontend implementation of impersonation using @zitadel/react

Firstly, raised this as an issue so we get a log of this: https://github.com/zitadel/zitadel-react/issues/31 Just wanted to know how to use the token exchange functionality to then reinitiate a frontend session using the impersonated token the backend has issued. Thanks...

science20012003

8/5/2025

Does ZITADEL support session rollback or forced session invalidation?

Hi ZITADEL team 👋 I have a question regarding session management: Does ZITADEL support any kind of session rollback or forced session invalidation? ...

science20012003

8/5/2025

Is there a way to implement or enable 2FA backup codes in ZITADEL?

Hi ZITADEL team 👋 Quick question: does ZITADEL currently support 2FA backup codes — for example, in case a user loses access to their authenticator app? If not natively supported, is there any recommended approach to implement this externally?...

science20012003

8/5/2025

Hi ZITADEL team 👋 I have a quick question regarding 2FA methods. Is it possible to support WhatsApp as a second factor (either directly or via third-party integrations)? Also, can we create a dedicated WhatsApp channel for sending authentication codes or notifications?...

kisamoto

8/5/2025

Custom scopes and consent workflow

Hi there, we're evaluating Zitadel as our identity and OpenID Connect provider however as part of our workflow we require the ability to use custom scopes to group custom claims. OIDC clients would then request access to those scopes accordingly and the user would need to grant consent either to the full scope (and in the future we'd like to explore the ability to have granular access to claims). In the docs I've spotted that regarding custom scopes "This feature is not yet released". Does this mean it is currently under development? Can we enable this as a feature toggle to test it at all? How much control over the consent UI will we have? Thanks in advance...

davidhuser

8/5/2025

Cannot Access Customer Organization for Management - Permission/Role Issue

Hello Zitadel friends, I'm experiencing an access issue with managing customer organizations in our Zitadel Cloud instance (v3.3.4) and need clarification on the required permissions. Current Setup:...

Jan

8/5/2025

Missing org_id in AddOrganizationRequest [GO Client] ?

Hi, I'm trying to create an organization with an id (see https://zitadel.com/docs/apis/resources/org_service_v2/organization-service-add-organization) Maybe I'm doing something wrong, but the go client does not have the orgId field defined in AddOrganizationRequest? Go client: github.com/zitadel/zitadel-go/v3 v3.6.1...

Matej Mijoski

8/5/2025

How can I modify the footer on the Log in and Log out page?

Is there a way to modify the Log in and Log out page footer in the console?

fireblazer🔥

8/5/2025

Zitadel mirror not working

I am getting this below error, zitadel init --config mirror-config.yaml INFO[0000] initialization started caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:70" DEBU[0000] failed to get oid for command type caller="/home/runner/work/zitadel/zitadel/internal/eventstore/v3/eventstore.go:118" error="no rows in result set"...

SonalShekhar😎

8/5/2025

Hi Everyone, Self hosted zitadel instance on docker's login policy changes automatically without any logs for this change, could it be a bug or there are other ways that could impact the policy without being detected by the logs. Thanks...

amirsalarsafaei

8/4/2025

Need help understanding Zitadel for large corporations and custom UI

Hi, Im looking into Zitadel to replace our custom identity system. One thing I immediately noticed was that Zitadel is trying to be everything at once and that can be very hard to pull off. On paper it looks like a great option but when I dug deeper I found some nuances. For example we are a well established entity and have front end and mobile application engineers so I wanted to use our own UI, the endpoints for the create user and session require authentication (probably by a service account). So I’ll need another service wrapping Zitadel and handling dos attacks and etc. I don’t get the design philosophy of putting everything behind an API is it because of multi tenant feature? We are B2C so we just have to put up with it not being reproducible?? My other option is Ory Kratos which I believe to be superior in security but slow in features and development. I want something in the middle I like the activity and development on the Zitadel and the integration of Ory. I don’t want a UI to change things I want well thought and secure APIs. It gives me Keycloak vibes. These are all my opinions and feel free to correct me if I’m wrong....

Sordus

8/4/2025

Users in organizations

Good afternoon. Can I create the same user and store it in different organizations? Currently, if I create a user in a new organization using the api, but the user already exists in another organization, it will create a duplicate user. However, when displaying users on the front end, it only shows the user in the organization where they were registered.

Don Snacko

8/4/2025

RpcError(UNKNOWN): Http response at 400 or 500 level, http status code: 0

Hi, I´m using Mailjet as SMTP Provider but I cannot get it working in my production environment. I get the error in the subject and it doesn´t seem to be the configuration, but the environment itself that fails. I have a Kubernetes cluster with nginx ingress as proxy reverse. I set the tlsMode to be "external" and enforced http2. I can configure a local docker instance without any problems, but like I´ve said, as soon as it gets installed on my prod cluster, I can´t send any mail at all. I´ve se...

Rafael

8/4/2025

500 errors from all requests

Hi I'm using pulumi (terraform) to set up everything except from actual users in zitadel, so organization, label/login policies, applications and their auth methods, and roles. I've created a dedicated service account for pulumi I use zitadel.cloud instance...

jaysonsantos

8/4/2025

v4 fails to add metadata when using v1 action

Hey there folks, I just updated my self hosted playground to v4, using helm but setting the image version to v4 and it seems that v1 actions are broken. The following code: ```javascript const uuid = require("zitadel/uuid");...

tamis0583

8/3/2025

Reviving older project that used to work is now broken

I'm trying to revive a few months old project but it's not working. Zitadel is giving me the following error PyJWKSetError: The JWK Set did not contain any keys (see full error in attachment. I'm not usre why this is happening, I must say I'm rather out of the project with my mind. Wondering if anything might have changes the last few months that might cause this problem?...

message.txt

iUDA

8/2/2025

User authentication via JWT with a custom login ui

1) I'm creating java spring boot backend application with zitadel integration and i wonder if there is any possible way to get jwt access token for client authorization by client's login and password and without using oauth/v2/authorize method. My main idea is to get user's authorities by his login and pass, to have them in spring security context for checking his roles. I've already tried sessions API (It's really convinient btw) but with authorization client via session API i cannot get his roles. 2) I also have separate frontend app which is supposed to send requests to backend with bearer jwt access token. So I am also interested If is there any possible way to authorize user through this flow (https://zitadel.com/docs/guides/integrate/login-ui/oidc-standard) but without redirecting to zitadel's login ui? I'd like to use only my own ui forms. Apparently my whole idea is to create separate frontend and backend apps and delegate all authorization flows(like register, login, logout, sessions, etc.) to zitadel without using it like identity provider(google, meta, etc.)....

Previous Next