v2 login ui
using the self hosted 4.1.3 I get a "Not found" message after enabling the new Login UI for my app. how do I enable v2 for self hosted?
10 Replies
Hi @Dohvaken, I'm an AI assistant for ZITADEL. While a team member reviews this question, I'll see if I can find relevant sources for your question.
Answer
I wasn't able to find a direct answer, here are some relevant sources:
1. Connect your Self-Hosted Login UI to Zitadel | ZITADEL Docs : This explains how to create a login client user with IAM_LOGIN_CLIENT role and configure the Login UI with environment variables for self-hosted setups.
2. Set up Zitadel with Docker Compose : This provides the complete Docker Compose setup including both ZITADEL and login containers needed for v2 login functionality.
Feel free to tag @Ask Inkeep with additional questions.
how do I configure zitadel v2 login ui on 4.1.3
@Ask Inkeep how do I configure zitadel v2 login ui on 4.1.3
Thanks for the follow-up, @Dohvaken. I'll get back to you soon.
Answer
To configure ZITADEL v2 login UI on your self-hosted 4.1.3 instance, you need to set up a login client and configure the environment properly (1) .
Create a Login Client User
First, create a machine user with the proper permissions :
1. Create a new machine user at
<http://localhost:8080/ui/console/users/create-machine%60>
2. Create a Personal Access Token (PAT) at http://localhost:8080/ui/console/users/332169800719532035?new=true&id=pat%60
3. Save the PAT to a file, for example /path/on/your/host/login-client.pat
4. Ensure the user has the Iam Login Client role (internally called IAM_LOGIN_CLIENT) at <http://localhost:8080/ui/console/instance/members%60>
## Configure the Login UI
Set the environment variable ZITADEL_SERVICE_USER_TOKEN with your PAT . If running with Docker, you can mount the file and reference it :
```
docker run -p 3000:3000 -v /path/on/your/host/login-client.pat:/path/in/container/login-client.pat:ro -e ZITADEL_SERVICE_USER_TOKEN_FILE=/path/in/container/login-client.pat ghcr.io/zitadel/zitadel-login:latest
```
## Enable Login V2
Enable the Login V2 feature flag at the bottom of http://localhost:8080/ui/console/instance?id=features%60 . Enter the base URI of your Login UI, for example <http://localhost:3000/ui/v2/login%60> .
## Important Note
Before enabling v2 login, create a machine user PAT with the Iam Owner role (internally called IAM_OWNER`) as a backup in case something goes wrong .
The Docker Compose setup includes both ZITADEL and login containers needed for v2 login functionality (2) .
To learn more, see the sources I considered:
[1] Connect your Self-Hosted Login UI to Zitadel | ZITADEL Docs
[2] Set up Zitadel with Docker Compose
Feel free to tag @Ask Inkeep with additional questions.@Ask Inkeep how do I do this without containers/docker?
Thanks for the follow-up, @Dohvaken. I'll get back to you soon.
Answer
I wasn't able to find a direct answer, here are some relevant sources:
1. Connect your Self-Hosted Login UI to Zitadel | ZITADEL Docs : This explains the manual process for creating a login client user and configuring the Login UI, though it focuses on Docker examples.
2. Login users into your application with a hosted login UI : This covers enabling the loginV2 feature and configuring the login URL, which applies to non-Docker setups as well.
The sources primarily focus on Docker-based deployments. For non-Docker setups, you would still need to create the login client user with IAM_LOGIN_CLIENT role (1) and enable the Login V2 feature flag (2) , but the Login UI deployment method would differ from the container examples shown.
Would you like me to try to provide a general answer based on my knowledge of ZITADEL instead?
To learn more, see the sources I considered:
[1] Connect your Self-Hosted Login UI to Zitadel | ZITADEL Docs
[2] Login users into your application with a hosted login UI
Feel free to tag @Ask Inkeep with additional questions.
@Ask Inkeep so the docs u give me only contains instructions for vercel and cloud. how do I do it without those
Thanks for the follow-up, @Dohvaken. I'll get back to you soon.
Answer
I wasn't able to find a direct answer, here are some relevant sources:
1. Typescript Repository : This explains how to set up the new login app locally without Docker by following the instructions in the repository README and configuring environment variables.
2. Login users into your application with a hosted login UI : This covers the general setup process including creating a service user with IAM_LOGIN_CLIENT permissions and adding trusted domains.
For a non-Docker setup, you would need to clone the TypeScript repository and run it locally (1) . The setup involves creating a service user with a PAT and IAM_LOGIN_CLIENT permissions, then configuring environment variables like
ZITADEL_API_URL and ZITADEL_SERVICE_USER_TOKEN (2) . You'd also need to add your login domain to the trusted domains in ZITADEL (1) .
To learn more, see the sources I considered:
[1] Typescript Repository
[2] Login users into your application with a hosted login UI
Feel free to tag @Ask Inkeep with additional questions.The readme file doesn't even exist on https://zitadel.com/docs/guides/integrate/login-ui/typescript-repo
ZITADEL Docs
To replace our current golang built login UI and showcase the use of our new resource, session and OIDC APIs, we've created the Typescript Repository.
Got it. Tagging @Rajat for additional help.
I have a locally hosted zitadel instance, im not use docker. Running it using postgres for the database. upgraded to 4.1.3 and now trying to activate the v2 login. The step by step instructions are only for vercel and the cloud app. How do I do it on self hosted???
Ah I see in issue 10526 that there is only a docker compose setup gor the login v2 ui. Any updates on other supported environments without docker?