Initial User not supported
βUnsolvedβQuestion
Hi Zitadel team 
I'm self-hosting Zitadel (latest image from
Hereβs what works:
- Zitadel starts successfully behind Caddy reverse proxy (HTTP internally, TLS terminated externally).
- Login UI v2 is working and shows the user selection screen.
- I can register and log in with new users just fine.
- I verified that the initial admin user was created β confirmed via:
```sql
SELECT * FROM projections.login_names3;
But hereβs the problem:
When I enter the correct login name (admin@companyx.auth.companyx.com) in the login v2 UI, I get:
"Initial User not supported"
If I disable login v2 (ZITADEL_DEFAULTINSTANCE_FEATURES_LOGINV2_REQUIRED=false), I get redirected to a password reset page that attempts to send a verification email instead β not what I expect for the first admin.
ZITADEL_FIRSTINSTANCE_ORG_NAME=companyx
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_USERNAME=admin
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORD=SuperSecurePW123!
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_EMAIL=admin@companyx.com
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_FIRSTNAME=Super
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_LASTNAME=User
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORDCHANGEREQUIRED=false
ZITADEL_DEFAULTINSTANCE_FEATURES_LOGINV2_REQUIRED=true
What am I missing to make the initial admin login work with login v2?
Do I need to mark the human user as initialized, verified, or do something else via CLI/API after startup?
Or is there a required flag/env for login-v2 support for the first instance user?
Any help is appreciated
I'm self-hosting Zitadel (latest image from
ghcr.io/zitadel/zitadel:lateststart-from-initZITADEL_FIRSTINSTANCE_*Hereβs what works:
- Zitadel starts successfully behind Caddy reverse proxy (HTTP internally, TLS terminated externally).
- Login UI v2 is working and shows the user selection screen.
- I can register and log in with new users just fine.
- I verified that the initial admin user was created β confirmed via:
```sql
SELECT * FROM projections.login_names3;
But hereβs the problem:
When I enter the correct login name (admin@companyx.auth.companyx.com) in the login v2 UI, I get:
"Initial User not supported"
If I disable login v2 (ZITADEL_DEFAULTINSTANCE_FEATURES_LOGINV2_REQUIRED=false), I get redirected to a password reset page that attempts to send a verification email instead β not what I expect for the first admin.
ZITADEL_FIRSTINSTANCE_ORG_NAME=companyx
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_USERNAME=admin
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORD=SuperSecurePW123!
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_EMAIL=admin@companyx.com
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_FIRSTNAME=Super
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_LASTNAME=User
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORDCHANGEREQUIRED=false
ZITADEL_DEFAULTINSTANCE_FEATURES_LOGINV2_REQUIRED=true
What am I missing to make the initial admin login work with login v2?
Do I need to mark the human user as initialized, verified, or do something else via CLI/API after startup?
Or is there a required flag/env for login-v2 support for the first instance user?
Any help is appreciated
