Thoughts on the best UI/UX using Zitadel
I'd love to hear how you have implemented Zitadel to provide the very best user experience. When I'm taken from one site to another to authenticate, it feels disconnected and for some users, possibly raise concerns. There are pros and cons to every approach.
How have you built the best UX using Zitadel? Do share. We could all learn a lot from different developers implementation approach and processes.
5 Replies
Hi @Xorling, I'm an AI assistant for ZITADEL. While a team member reviews this question, I'll see if I can find relevant sources for your question.
Answer
I wasn't able to find a direct answer, here are some relevant sources:
1. Log users into your application with different authentication options : This guide covers different authentication approaches including hosted login vs custom login UI, helping you choose the best UX approach for your specific needs.
2. Login users into your application with a hosted login UI : Details ZITADEL's hosted login features like fast account switching, customization options, and security best practices that can improve user experience.
Feel free to tag @Ask Inkeep with additional questions.
You can build your own custom log in and onboarding.
You just have to call the appropriate api endpoints yourself
Heck looking at Chrome dev tools network traffic tab
You can keep track, request by request the entire flow and recreate it with your favorite client
If implemented correctly, the user is only redirected to the login ui if they do not have a valid session.
Your client should check if a session token is stored, if so validate it against zitadel, if the token is expired you will request a new token using the stored refresh token; no need for a redirect.
If no session is present or the session is invalid, you will call the authorize endpoint, zitadel will respond with a redirect to the login ui, etc...
(this is a simplified explanation and may not be fully accurate, for more info see the docs)
However you can also add your own login ui to your client, for that see the docs
Great thoughts @Moisty Charlie VI I like your suggestion of reviewing the auth sequence in dev tools. That's a great way to learn the flow as well. Thanks @veryCrunchy for your comments and links to resources.
I'm going to be working on a simple custom UI flow in hopes of being able to get back a user role for RBAC. I think that's where I'm getting tripped up and it's certainly due to a lack of spending enough time in the authentication/authorization domain. I was assuming I would be able to use a custom UI to have users authenticate with a username/password and somehow get back a JWT with their role embedded (all without redirects) - I haven't found the correct path to this goal just yet.
If you’re implementing RBAC. Make sure you enable assert role on Authentication in your project general settings
I’ll attach the roles in the ID token / access token