Azure AD identity provider - missing login button (Zitadel Cloud)

Original message was deleted

fabienne•11/14/22, 10:05 AM

Hi @matant, if you have enabled it on only one organization instead of on the whole instance you need to send the organization id scope in the authorization request, so ZITADEL knows which policy to trigger. https://docs.zitadel.com/docs/apis/openidoauth/scopes#reserved-scopes

Scopes | ZITADEL Docs

ZITADEL supports the usage of scopes as way of requesting information from the IAM and also instruct ZITADEL to do certain operations.

fabienne•11/14/22, 10:09 AM

Did you activate your providers? They need the check on the availability. In my case only google would be shown and microsoft not

fabienne•11/14/22, 10:16 AM

If you are going directly to the link you sent, you will not see the provider, because the login policy of the instance is triggered, but as I understood you, you have configured it on the organization.

fabienne•11/14/22, 10:17 AM

You can either configure it on the instance and you will see it always. or you need to send the scope urn:zitadel:iam:org

{id} in your authorization request