User authentication via JWT with a custom login ui
1) I'm creating java spring boot backend application with zitadel integration and i wonder if there is any possible way to get jwt access token for client authorization by client's login and password and without using oauth/v2/authorize method. My main idea is to get user's authorities by his login and pass, to have them in spring security context for checking his roles. I've already tried sessions API (It's really convinient btw) but with authorization client via session API i cannot get his roles.
2) I also have separate frontend app which is supposed to send requests to backend with bearer jwt access token. So I am also interested If is there any possible way to authorize user through this flow (https://zitadel.com/docs/guides/integrate/login-ui/oidc-standard) but without redirecting to zitadel's login ui? I'd like to use only my own ui forms.
Apparently my whole idea is to create separate frontend and backend apps and delegate all authorization flows(like register, login, logout, sessions, etc.) to zitadel without using it like identity provider(google, meta, etc.).
Thank you guys in advance!
ZITADEL Docs
To build your own login ui for your own application it is not necessary to have the OIDC standard included or any additional work that has to be done.
2 Replies
This would be really helpful to get a response on. I have been using the session API in hopes of being able to get a similar auth flow rocking. Frontend <-> Backend <-> Zitadel + the benefits of JWT access token.
@Rajat - You're one of the smartest guys I know here in regards to the deep trenches of Zitadel. Do you have any pointers on if or how this would be accomplished? I can't find any details on this. I even loaded the docs into NotebookLM hoping to get some direction but I have failed to find what I'm looking for.
hey @Xorling thamks a lot for compliment, glad I could help 😄 let me look it up