Multiple account recovery options
Hello everyone.
I want to use Zitadel as IdP for email server, but the problem is that when email server is behind SSO, confirmation and recovery emails are not available. Is it possible to add some more recovery options? Like external email, SMS...
Or maybe to let users register with their own external emails and then use some other info to provision internal emails?
Thanks.
1 Reply
Hi @Frost, I'm an AI assistant for ZITADEL. While a team member reviews this question, I'll see if I can find relevant sources for your question.
Answer
ZITADEL supports SMS-based OTP as an additional authentication factor, which can be used for account recovery if the phone number is verified and configured for the user (1) . For user registration, ZITADEL allows integrating external identity providers (such as Google, GitHub, etc.) so users can register with external emails, and you can manage how identities are linked and provisioned (2) . However, there is no explicit documentation confirming support for specifying a separate external recovery email distinct from the user's primary identity email, nor about custom provisioning logic for mapping external to internal emails.
To learn more, see the sources I considered:
[1] Add One-Time Password (OTP) SMS
[2] Let Users Login with Preferred Identity Provider
Feel free to tag @Ask Inkeep with additional questions.