MDS•2w ago

How to login as admin with new login v2 ui?

Use-case: Want to secure homelab services with Auth Environment: Self Hosting Version: 4.2.0, helm chart 9.12.3 Stack: k8s, helm, flux What you expected to happen: Able to login to zitadel as admin after initial setup. Want to configure apps and create users What went wrong: I have installed zitadel using official helm chart, but cannot login as admin. It says User not found in the system! Hi! I have installed zitadel using official helm chart, but cannot login as admin. So, how to login as admin with new Login V2 UI? It says User not found in the system! I was tried zitadel-admin@zitadel.<domain> , with zitadel-admin@<domain> and simply by login. No luck Thanks

4 Replies

Ask Inkeep•2w ago

Hi @MDS, I'm an AI assistant for ZITADEL. While a team member reviews this question, I'll see if I can find relevant sources for your question. Answer I wasn't able to find a direct answer about admin login specifically with Login V2, here are some relevant sources: 1. Login users into your application with a hosted login UI (1) : Covers the general hosted login page functionality and mentions Login V2 deployment considerations, including the warning to create a service user with PAT and IAM_OWNER role before configuration changes to avoid being locked out. 2. v2 login not found on fresh install (v4-rc.2) (2) : Community discussion about Login V2 setup issues with fresh installations, where users experienced similar "Not Found" errors with the /ui/v2/login route. ** To learn more, see the sources I considered: [1] Login users into your application with a hosted login UI [2] v2 login not found on fresh install (v4-rc.2) Feel free to tag @Ask Inkeep with additional questions. Got it. Tagging @Rajat for additional help.

Rajat•2w ago

hey @MDS may I know which guide did you followed?. This should've not happened. Apologies for the inconviniences.

MDSOP•6d ago

Found a reference from your docs to Machine User Example https://github.com/zitadel/zitadel-charts/tree/main/examples/4-machine-user My config

metrics:
  enabled: true

service:
  annotations:
    traefik.ingress.kubernetes.io/service.serversscheme: h2c

login:
  ingress:
    annotations:
      traefik.ingress.kubernetes.io/router.tls: "true"
      traefik.ingress.kubernetes.io/router.entrypoints: external
    enabled: true

ingress:
  enabled: true
  annotations:
    cert-manager.io/cluster-issuer: cert-nas
    traefik.ingress.kubernetes.io/router.tls: "true"
    traefik.ingress.kubernetes.io/router.entrypoints: external
  hosts:
    - host: &host auth.<domain>
      paths:
        - path: /
          pathType: Prefix
  tls:
    - hosts:
        - *host
      secretName: tls-zitadel-ingress-http

zitadel:
  masterkeySecretName: zitadel-masterkey
  configmapConfig:
    Log:
      Formatter:
        Format: json
    ExternalSecure: true
    ExternalDomain: auth.<domain>
    ExternalPort: 443
    TLS:
      Enabled: false
    Database:
      Postgres:
        Port: 5432
        Database: zitadel
        MaxOpenConns: 26
        MaxIdleConns: 10
        MaxConnLifetime: 30m
        MaxConnIdleTime: 5m
        User:
          SSL:
            Mode: disable
        Admin:
          SSL:
            Mode: disable
    FirstInstance:
      Org:
        Human:
          Email:
            Address: zitadel-admin@<domain>
        Machine:
          Machine:
            Username: zitadel-admin-sa
            Name: Admin
          MachineKey:
            ExpirationDate: "2100-01-01T00:00:00Z"
            # Type: 1 means JSON. This is currently the only supported machine key type.
            Type: 1
  configSecretName: zitadel-secrets
  configSecretKey: config.yaml

metrics:
  enabled: true

service:
  annotations:
    traefik.ingress.kubernetes.io/service.serversscheme: h2c

login:
  ingress:
    annotations:
      traefik.ingress.kubernetes.io/router.tls: "true"
      traefik.ingress.kubernetes.io/router.entrypoints: external
    enabled: true

ingress:
  enabled: true
  annotations:
    cert-manager.io/cluster-issuer: cert-nas
    traefik.ingress.kubernetes.io/router.tls: "true"
    traefik.ingress.kubernetes.io/router.entrypoints: external
  hosts:
    - host: &host auth.<domain>
      paths:
        - path: /
          pathType: Prefix
  tls:
    - hosts:
        - *host
      secretName: tls-zitadel-ingress-http

zitadel:
  masterkeySecretName: zitadel-masterkey
  configmapConfig:
    Log:
      Formatter:
        Format: json
    ExternalSecure: true
    ExternalDomain: auth.<domain>
    ExternalPort: 443
    TLS:
      Enabled: false
    Database:
      Postgres:
        Port: 5432
        Database: zitadel
        MaxOpenConns: 26
        MaxIdleConns: 10
        MaxConnLifetime: 30m
        MaxConnIdleTime: 5m
        User:
          SSL:
            Mode: disable
        Admin:
          SSL:
            Mode: disable
    FirstInstance:
      Org:
        Human:
          Email:
            Address: zitadel-admin@<domain>
        Machine:
          Machine:
            Username: zitadel-admin-sa
            Name: Admin
          MachineKey:
            ExpirationDate: "2100-01-01T00:00:00Z"
            # Type: 1 means JSON. This is currently the only supported machine key type.
            Type: 1
  configSecretName: zitadel-secrets
  configSecretKey: config.yaml

config.yaml from zitadel-secrets:

Database:
  Postgres:
    Host: zitadel-cnpg-rw
    User:
      Password: <redacted>
      Username: zitadel
    Admin:
      Username: postgres
      Password: <redacted>
FirstInstance:
  Org:
    Human:
      Password: <redacted>
      PasswordChangeRequired: false

Database:
  Postgres:
    Host: zitadel-cnpg-rw
    User:
      Password: <redacted>
      Username: zitadel
    Admin:
      Username: postgres
      Password: <redacted>
FirstInstance:
  Org:
    Human:
      Password: <redacted>
      PasswordChangeRequired: false

P.S I'd already installed Zitadel before with configuration above. After the disaster, I had to reinstall everything from scratch. I saw in the release notes that the new Login UI V2 was enabled by default, and I even tried it, but I ran into the same problem: I couldn't log in as an admin, but I didn't do anything about it and didn't pay any attention to it. The old instance used the Login UI v1 and had no issues, but after installing Zitadel from scratch, I can't log in anymore, because Login UI V2 enabled by default @Rajat hi! Should I create a bug for this one or this is just a misconfiguration? idk

Rajat•6d ago

hey @MDS would be great if you create a bug ticket! I can check it tomorrow Thanks

How to login as admin with new login v2 ui?

Did you find this page helpful?