Rajat Singh Comments

hey @Johan Alkemade I will tell you exactly what needs to be done. If you look at your password hash, they are hashed with $scrypt. BUT if you check your docker compose setup, its actually bcrypt which is enabled by default which is something you do not want. You can look it up here under defaults.yaml if the menu collapses. to migrate existing users (with hashed passwords), you should use the ImportHumanUser endpoint documented in the “Migrate Users” guide https://zitadel.com/docs/guides/migrate/users The AddHumanUser endpoint is primarily for creating brand-new users and is deprecated for import scenarios. When you call AddHumanUser, Zitadel treats it as “create a new human user with a password,” which triggers a password‐verification step against the configured hasher/verifier setup. If you passed a scrypt hash, the default (bcrypt) verifier fails and throws the error. Ensure that you set isEmailVerified: true if you do not want an initialization email to be sent. Setting passwordChangeRequired: false ensures the user can log in immediately without being forced to reset their password on first login. Hope this helps 🙂

7 replies

ZZITADEL

•Created by Johan Alkemade on 5/27/2025 in #questions-help-bugs

COMMAND-CahN2 when migrating an existing user

hey @Johan Alkemade thanks for thr bump , checking it now

7 replies

ZZITADEL

•Created by spicypixel on 5/28/2025 in #questions-help-bugs

Retrieving user roles and the shape of the data returned

hi @spicypixel if you read this . Basically, its kept for backwards compatibility. In practice: urn:zitadel:iam:org:project:{projectId}:roles is the “new” claim (includes your project’s ID). urn:zitadel:iam:org:project:roles is the older, generic claim. If you include both scopes in your access token, you’ll get both claims (hence the duplicate). To fix, only request the project-specific scope (urn:zitadel:iam:org:project:{projectId}:roles) so that you get a single roles object.

6 replies

ZZITADEL

•Created by anhtuan159 on 5/26/2025 in #questions-help-bugs

Intent has not succeeded

Hey @anhtuan159 I might have to look a bit more deep in it. I'll get Back to you with that information

5 replies

ZZITADEL

•Created by RockingChair on 5/9/2025 in #questions-help-bugs

Possible to activate user over console UI?

Hi @RockingChair how about the same when you edit a user profile (as an admin) You should see a button to verify email manually. If not, please open it a bug

13 replies

ZZITADEL

•Created by Johan Alkemade on 5/27/2025 in #questions-help-bugs

COMMAND-CahN2 when migrating an existing user

Hi @Johan Alkemade thanks for the question, I'll look into it. Looks like the something's not right during password imports. I'll look into this and get back to you

7 replies

ZZITADEL

•Created by RockingChair on 5/9/2025 in #questions-help-bugs

Possible to activate user over console UI?

Good morning @RockingChair can you please click on default settings on upper right that'll show you which version are you running on cloud?. Looks like a bug if it doesn't shows you "emal verified" option while changing email. Can you also send me a screenshot for user creation page as well?. What options does it gives you on that page under email?. Thanks

13 replies

ZZITADEL

•Created by RockingChair on 5/9/2025 in #questions-help-bugs

Possible to activate user over console UI?

Hi @RockingChair can you please share your screenshot and which version are you on?.

13 replies

ZZITADEL

•Created by anhtuan159 on 5/23/2025 in #questions-help-bugs

Error when login with google

hey @anhtuan159 can you pls verify that your application correctly routes and processes the /idps/callback endpoint. Ensure that this route is accessible. also maybe if you have not already, pls give this a read https://zitadel.com/docs/guides/integrate/login-ui/external-login#flow

2 replies

ZZITADEL

•Created by anhtuan159 on 5/26/2025 in #questions-help-bugs

Intent has not succeeded

hey @anhtuan159 thanks for your question, did you follow any docs while building your own UI?. Can I have a look at it?. What version aree you on as well?. Thanks

5 replies

ZZITADEL

•Created by rcauquil on 5/22/2025 in #questions-help-bugs

Error when connection to Zitadel console

another takeaway is that it couuld be that you enabled Check Authorization on Authentication that leads to explicit authorization to access the application. We have a troubleshooting guide for the exact same scenario https://zitadel.com/docs/support/troubleshooting#login-not-possible-the-organization-of-the-user-must-be-granted-to-the-project

7 replies

ZZITADEL

•Created by rcauquil on 5/22/2025 in #questions-help-bugs

Error when connection to Zitadel console

hey @rcauquil to cross check, you should run this endpoint and see if the user has rthe necessary user grants(which I dont think or else the errror wont happen) https://zitadel.com/docs/guides/integrate/retrieve-user-roles#1-search-user-grants Despite of you having only user, can you pls confirm IF the user exist in the same org as the project?. Does the user has the appropiate roles(ORG_OWNER, PROJECT_OWNER)?.

7 replies