Project Grants (Manager) - Bug or Intended?
Project grants manager - Bug or intended?
Im using ZITADEL currently from Scratch for setting up a IAM / IDP for us.
I made the construct with Projects and different organisations and run into an unexpected (for me at least) behaviour.
Use-case: ZITADEL as IAM/IDP Service
Environment: Self hosted
Version: 2.70.0 (and downgraded to 2.68.3 for verify)
Stack: Doesn't matter, happens all in the Console UI
What are you trying to do:
1. Create Org "Org A"
2. Create User "Admin A"
3. Create Project "Project A" with some roles
4. Create Org "Org B"
5. Create User "Manager B" in "Org B"
7. Create User "User B" in "Org B"
8. Grant the Project to "Org B" with the roles and define "Manager B" as "Manager"
9. Login as "Manager B"
10. Add Authorizations to "User B" in "Project A" within "Org B" as "Manager B"
What you expected to happen:
The "Manager B" can add "User B" and assign roles. See all assigned Roles from the granted one.
What went wrong:
The "Manager B" can add the "User B", BUT there are no visible Roles to select and the "User B" can be added without roles.
Screenshots:
- All listed grants to another Organization
- Listed manager for the Project grant organization
- Visible roles (or empty as you use) for the granted project
Thank you for your time and awesome product.
Im using ZITADEL currently from Scratch for setting up a IAM / IDP for us.
I made the construct with Projects and different organisations and run into an unexpected (for me at least) behaviour.
Use-case: ZITADEL as IAM/IDP Service
Environment: Self hosted
Version: 2.70.0 (and downgraded to 2.68.3 for verify)
Stack: Doesn't matter, happens all in the Console UI
What are you trying to do:
1. Create Org "Org A"
2. Create User "Admin A"
3. Create Project "Project A" with some roles
4. Create Org "Org B"
5. Create User "Manager B" in "Org B"
7. Create User "User B" in "Org B"
8. Grant the Project to "Org B" with the roles and define "Manager B" as "Manager"
9. Login as "Manager B"
10. Add Authorizations to "User B" in "Project A" within "Org B" as "Manager B"
What you expected to happen:
The "Manager B" can add "User B" and assign roles. See all assigned Roles from the granted one.
What went wrong:
The "Manager B" can add the "User B", BUT there are no visible Roles to select and the "User B" can be added without roles.
Screenshots:
- All listed grants to another Organization
- Listed manager for the Project grant organization
- Visible roles (or empty as you use) for the granted project
Thank you for your time and awesome product.
