id_token missing in callback when `urn:zitadel:iam:org:id:{orgId}` added to the scope
UPDATE: This was my mistake. I added the additional scope with
However, after I replaced my own
I want to enforce that the user belongs to the specified organization so I add it to the scope when creating the url.
However, when Zitadel calls the callback,
If I omit
Is this expected behavior? If it is, where can I read more about it?
Here is what the authorization url looks like
http://localhost:4444/oauth/v2/authorize?response_type=code&client_id=280114109276553218&audience=&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fapi%2Fsession%2Fcallback&scope=profile+email+openid%2Burn%3Azitadel%3Aiam%3Aorg%3Aid%3A280113846494953474&state=_rhU4K3SX4C2JoO33tUUCA&code_challenge=OMUSKo6i5w0NocjXV_g-t50l1vxB7PD0eEcXlzC727Q&code_challenge_method=S256I
I'm running Zitadel v2.58.2 in a Docker container
+profile+email+openid%2B+However, after I replaced my own
+%2Bid_tokenI want to enforce that the user belongs to the specified organization so I add it to the scope when creating the url.
However, when Zitadel calls the callback,
id_tokenIf I omit
urn:zitadel:iam:org:id:{orgId}id_tokenIs this expected behavior? If it is, where can I read more about it?
Here is what the authorization url looks like
http://localhost:4444/oauth/v2/authorize?response_type=code&client_id=280114109276553218&audience=&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fapi%2Fsession%2Fcallback&scope=profile+email+openid%2Burn%3Azitadel%3Aiam%3Aorg%3Aid%3A280113846494953474&state=_rhU4K3SX4C2JoO33tUUCA&code_challenge=OMUSKo6i5w0NocjXV_g-t50l1vxB7PD0eEcXlzC727Q&code_challenge_method=S256I
I'm running Zitadel v2.58.2 in a Docker container
