Skip to main content

Get Identity Provider By ID

Get Identity Provider By ID

Path Parameters
  • id string required
Responses

A successful response.


Schema
  • idp object
  • id string
  • details object
  • sequence uint64

    on read: the sequence of the last event reduced by the projection

    on manipulation: the timestamp of the event(s) added by the manipulation

  • creationDate date-time

    on read: the timestamp of the first event of the object

    on create: the timestamp of the event(s) added by the manipulation

  • changeDate date-time

    on read: the timestamp of the last event reduced by the projection

    on manipulation: the

  • resourceOwner resource_owner is the organization an object belongs to
  • state string

    Possible values: [IDP_STATE_UNSPECIFIED, IDP_STATE_ACTIVE, IDP_STATE_INACTIVE]

    Default value: IDP_STATE_UNSPECIFIED

  • name string
  • owner string

    Possible values: [IDP_OWNER_TYPE_UNSPECIFIED, IDP_OWNER_TYPE_SYSTEM, IDP_OWNER_TYPE_ORG]

    Default value: IDP_OWNER_TYPE_UNSPECIFIED

    the owner of the identity provider.

    • IDP_OWNER_TYPE_SYSTEM: system is managed by the ZITADEL administrators
    • IDP_OWNER_TYPE_ORG: org is managed by de organization administrators
  • type string

    Possible values: [PROVIDER_TYPE_UNSPECIFIED, PROVIDER_TYPE_OIDC, PROVIDER_TYPE_JWT, PROVIDER_TYPE_LDAP, PROVIDER_TYPE_OAUTH, PROVIDER_TYPE_AZURE_AD, PROVIDER_TYPE_GITHUB, PROVIDER_TYPE_GITHUB_ES, PROVIDER_TYPE_GITLAB, PROVIDER_TYPE_GITLAB_SELF_HOSTED, PROVIDER_TYPE_GOOGLE]

    Default value: PROVIDER_TYPE_UNSPECIFIED

  • config object
  • options object
  • isLinkingAllowed boolean

    Enable if users should be able to link an existing ZITADEL user with an external account.

  • isCreationAllowed boolean

    Enable if users should be able to create a new account in ZITADEL when using an external account.

  • isAutoCreation boolean

    Enable if a new account in ZITADEL should be created automatically when login with an external account.

  • isAutoUpdate boolean

    Enable if a the ZITADEL account fields should be updated automatically on each login.

  • ldap object
  • servers string[]
  • startTls boolean
  • baseDn string
  • bindDn string
  • userBase string
  • userObjectClasses string[]
  • userFilters string[]
  • timeout string
  • attributes object
  • idAttribute string
  • firstNameAttribute string
  • lastNameAttribute string
  • displayNameAttribute string
  • nickNameAttribute string
  • preferredUsernameAttribute string
  • emailAttribute string
  • emailVerifiedAttribute string
  • phoneAttribute string
  • phoneVerifiedAttribute string
  • preferredLanguageAttribute string
  • avatarUrlAttribute string
  • profileAttribute string
  • google object
  • clientId string

    client id of the Google application

  • scopes string[]

    the scopes requested by ZITADEL during the request to Google

  • oauth object
  • clientId string

    client id generated by the identity provider

  • authorizationEndpoint string

    the endpoint where ZITADEL send the user to authenticate

  • tokenEndpoint string

    the endpoint where ZITADEL can get the token

  • userEndpoint string

    the endpoint where ZITADEL can get the user information

  • scopes string[]

    the scopes requested by ZITADEL during the request on the identity provider

  • idAttribute string

    defines how the attribute is called where ZITADEL can get the id of the user

  • oidc object
  • issuer string

    the OIDC issuer of the identity provider

  • clientId string

    client id generated by the identity provider

  • scopes string[]

    the scopes requested by ZITADEL during the request on the identity provider

  • isIdTokenMapping boolean
  • jwt object
  • jwtEndpoint string

    the endpoint where the JWT can be extracted

  • issuer string

    the issuer of the JWT (for validation)

  • keysEndpoint string

    the endpoint to the key (JWK) which is used to sign the JWT with

  • headerName string

    the name of the header where the JWT is sent in, default is authorization

  • github object
  • clientId string

    the client ID of the GitHub App

  • scopes string[]

    the scopes requested by ZITADEL during the request to GitHub

  • githubEs object
  • clientId string

    the client ID of the GitHub App

  • authorizationEndpoint string
  • tokenEndpoint string
  • userEndpoint string
  • scopes string[]

    the scopes requested by ZITADEL during the request to GitHub

  • gitlab object
  • clientId string

    client id of the GitLab application

  • scopes string[]

    the scopes requested by ZITADEL during the request to GitLab

  • gitlabSelfHosted object
  • issuer string
  • clientId string

    client id of the GitLab application

  • scopes string[]

    the scopes requested by ZITADEL during the request to GitLab

  • azureAd object
  • clientId string

    client id of the Azure AD application

  • tenant object

    Defines what user accounts should be able to login (Personal, Organizational, All)

  • tenantType string

    Possible values: [AZURE_AD_TENANT_TYPE_COMMON, AZURE_AD_TENANT_TYPE_ORGANISATIONS, AZURE_AD_TENANT_TYPE_CONSUMERS]

    Default value: AZURE_AD_TENANT_TYPE_COMMON

  • tenantId string
  • emailVerified boolean

    Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent)

  • scopes string[]

    the scopes requested by ZITADEL during the request to Azure AD

Loading...