Login error while handling external logins in a Custom Login UI
Hello, I am working on adding google idp to my custom login. When I try to login with google , the userID is not displayed in the URL parameters but I can find the user ID in the response of the request end point https://$ZITADEL_DOMAIN/v2/idp_intents/$INTENT_ID. I found the user ID to be just after the raw information of the response. The user ID which I am getting as a response , is it a valid one? Can I use that user ID to call the create new session end point ? because the response is different from the documentation given.
I have tried using the user ID from the response of the intent id endpoint , it is throwing a 404 error, saying that the "user cannot be found". Since the endpoint is not successfully hit, the user is not reflecting in the management UI console.
I have allowed all of these in my IDP settings.
14 Replies
hm good question, maybe @peintnermax knows
Hi @peintnermax , any update on this ? 🙂
Unknown User•13mo ago
Message Not Public
Sign In & Join Server To View
In our case, the user ID is not added to the URL query parameter. We are not sure whether the user exists and is linked to Google, as the user doesn't exist in the dashboard. We are getting an error ("user not found" ) with the returned user ID from the intent response to create a session with this API (https://zitadel.com/docs/guides/integrate/login-ui/external-login#login).
ZITADEL Docs
Flow
Unknown User•13mo ago
Message Not Public
Sign In & Join Server To View
But we have selected an option to create an account , if it doesn't exist.
Why do we have to create the user again?
We should be able to directly login without registration , if we have selected that option in Zitadel management console right? Please correct me if I am wrong
Unknown User•13mo ago
Message Not Public
Sign In & Join Server To View
Firstly, as we are not getting a user_id on the success page, we tried to register the user. When we attempted to do this, we encountered an error with the register API: "invalid AddHumanUserRequest.IdpLinks[0]: embedded message failed validation | caused by: invalid IDPLink.UserId: value length must be between 1 and 200 runes, inclusive". Since we don't have userID we are registering users with the above mentioned API. But the same API is expecting userID.
Secondly, what is the purpose of the automatic user creation checkbox on the dashboard when adding an external IDP, as mentioned in the screenshot?
Unknown User•13mo ago
Message Not Public
Sign In & Join Server To View
The request body mentioned in the create user request API page vs the custom login page is completely different. We used the custom login page request, which was the issue and is now fixed. Can you please update the docs on the custom login page as it might confuse?
Unknown User•13mo ago
Message Not Public
Sign In & Join Server To View
External logins with a custom login (https://zitadel.com/docs/guides/integrate/login-ui/external-login#register) need to be updated with the request body from this https://zitadel.com/docs/apis/resources/user_service_v2/user-service-add-human-user#request .
ZITADEL Docs
Flow
ZITADEL Docs
Create/import a new user with the type human. The newly created user will get a verification email if either the email address is not marked as verified and you did not request the verification to be returned.
The idpLinks fields are completely different in both places.