Add Azure AD Identity Provider

Add Azure AD Identity Provider

application/json

Request Body required

• name string
• clientId string

  client id generated by the Azure AD

• clientSecret string

  client secret generated by the Azure AD

• tenant object

  Defines what kind of accounts are allowed to authenticate (Personal, Organizational, All). If not provided the common tenant will be used (All accounts)

  tenantType string

  Possible values: [AZURE_AD_TENANT_TYPE_COMMON, AZURE_AD_TENANT_TYPE_ORGANISATIONS, AZURE_AD_TENANT_TYPE_CONSUMERS]

  Default value: AZURE_AD_TENANT_TYPE_COMMON

  tenantId string
• emailVerified boolean

  Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent)

• scopes string[]

  the scopes requested by ZITADEL during the request to Azure AD

• providerOptions object

  isLinkingAllowed boolean

  Enable if users should be able to link an existing ZITADEL user with an external account.

  isCreationAllowed boolean

  Enable if users should be able to create a new account in ZITADEL when using an external account.

  isAutoCreation boolean

  Enable if a new account in ZITADEL should be created automatically when login with an external account.

  isAutoUpdate boolean

  Enable if a the ZITADEL account fields should be updated automatically on each login.

application/grpc

Request Body required

• name string
• clientId string

  client id generated by the Azure AD

• clientSecret string

  client secret generated by the Azure AD

• tenant object

  Defines what kind of accounts are allowed to authenticate (Personal, Organizational, All). If not provided the common tenant will be used (All accounts)

  tenantType string

  Possible values: [AZURE_AD_TENANT_TYPE_COMMON, AZURE_AD_TENANT_TYPE_ORGANISATIONS, AZURE_AD_TENANT_TYPE_CONSUMERS]

  Default value: AZURE_AD_TENANT_TYPE_COMMON

  tenantId string
• emailVerified boolean

  Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent)

• scopes string[]

  the scopes requested by ZITADEL during the request to Azure AD

• providerOptions object

  isLinkingAllowed boolean

  Enable if users should be able to link an existing ZITADEL user with an external account.

  isCreationAllowed boolean

  Enable if users should be able to create a new account in ZITADEL when using an external account.

  isAutoCreation boolean

  Enable if a new account in ZITADEL should be created automatically when login with an external account.

  isAutoUpdate boolean

  Enable if a the ZITADEL account fields should be updated automatically on each login.

application/grpc-web+proto

Request Body required

• name string
• clientId string

  client id generated by the Azure AD

• clientSecret string

  client secret generated by the Azure AD

• tenant object

  Defines what kind of accounts are allowed to authenticate (Personal, Organizational, All). If not provided the common tenant will be used (All accounts)

  tenantType string

  Possible values: [AZURE_AD_TENANT_TYPE_COMMON, AZURE_AD_TENANT_TYPE_ORGANISATIONS, AZURE_AD_TENANT_TYPE_CONSUMERS]

  Default value: AZURE_AD_TENANT_TYPE_COMMON

  tenantId string
• emailVerified boolean

  Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent)

• scopes string[]

  the scopes requested by ZITADEL during the request to Azure AD

• providerOptions object

  isLinkingAllowed boolean

  Enable if users should be able to link an existing ZITADEL user with an external account.

  isCreationAllowed boolean

  Enable if users should be able to create a new account in ZITADEL when using an external account.

  isAutoCreation boolean

  Enable if a new account in ZITADEL should be created automatically when login with an external account.

  isAutoUpdate boolean

  Enable if a the ZITADEL account fields should be updated automatically on each login.

Responses

• 200
• default

---

A successful response.

application/json

• Schema
• Example (from schema)

---

Schema

• details object

  sequence uint64

  on read: the sequence of the last event reduced by the projection

  on manipulation: the timestamp of the event(s) added by the manipulation

  creationDate date-time

  on read: the timestamp of the first event of the object

  on create: the timestamp of the event(s) added by the manipulation

  changeDate date-time

  on read: the timestamp of the last event reduced by the projection

  on manipulation: the

  resourceOwner resource_owner is the organization an object belongs to
• id string

{
  "details": {
    "sequence": "2",
    "creationDate": "2023-05-10",
    "changeDate": "2023-05-10",
    "resourceOwner": "69629023906488334"
  },
  "id": "string"
}

application/grpc

• Schema
• Example (from schema)

---

Schema

• details object

  sequence uint64

  on read: the sequence of the last event reduced by the projection

  on manipulation: the timestamp of the event(s) added by the manipulation

  creationDate date-time

  on read: the timestamp of the first event of the object

  on create: the timestamp of the event(s) added by the manipulation

  changeDate date-time

  on read: the timestamp of the last event reduced by the projection

  on manipulation: the

  resourceOwner resource_owner is the organization an object belongs to
• id string

{
  "details": {
    "sequence": "2",
    "creationDate": "2023-05-10",
    "changeDate": "2023-05-10",
    "resourceOwner": "69629023906488334"
  },
  "id": "string"
}

application/grpc-web+proto

• Schema
• Example (from schema)

---

Schema

• details object

  sequence uint64

  on read: the sequence of the last event reduced by the projection

  on manipulation: the timestamp of the event(s) added by the manipulation

  creationDate date-time

  on read: the timestamp of the first event of the object

  on create: the timestamp of the event(s) added by the manipulation

  changeDate date-time

  on read: the timestamp of the last event reduced by the projection

  on manipulation: the

  resourceOwner resource_owner is the organization an object belongs to
• id string

{
  "details": {
    "sequence": "2",
    "creationDate": "2023-05-10",
    "changeDate": "2023-05-10",
    "resourceOwner": "69629023906488334"
  },
  "id": "string"
}

An unexpected error response.

application/json

• Schema
• Example (from schema)

---

Schema

• code int32
• message string
• details object[]

  Array [

  @type string

  ]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc

• Schema
• Example (from schema)

---

Schema

• code int32
• message string
• details object[]

  Array [

  @type string

  ]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc-web+proto

• Schema
• Example (from schema)

---

Schema

• code int32
• message string
• details object[]

  Array [

  @type string

  ]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Loading...