Deprecated: Add OIDC Identity Provider (IDP)

deprecated

This endpoint has been deprecated and may be removed in future versions of the API.

Create a new identity provider configuration on the organization to enable your users to log in with social/enterprise login. The provider has to be OIDC-compliant. This configuration can only be used by the organization itself.

Header Parameters

x-zitadel-orgid string
The default is always the organization of the requesting user. If you like to get/set a result of another organization include the header. Make sure the user has permission to access the requested data.

application/json
application/grpc
application/grpc-web+proto

Request Body required

name string required
Possible values: non-empty and <= 200 characters
stylingType string
Possible values: [STYLING_TYPE_UNSPECIFIED, STYLING_TYPE_GOOGLE]
Default value: STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
clientId string required
Possible values: non-empty and <= 200 characters
client id generated by the identity provider
clientSecret string required
Possible values: non-empty and <= 200 characters
client secret generated by the identity provider
issuer string required
the OIDC issuer of the identity provider
scopes string[]
the scopes requested by ZITADEL during the request on the identity provider
displayNameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
usernameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
autoRegister boolean

Request Body required

name string required
Possible values: non-empty and <= 200 characters
stylingType string
Possible values: [STYLING_TYPE_UNSPECIFIED, STYLING_TYPE_GOOGLE]
Default value: STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
clientId string required
Possible values: non-empty and <= 200 characters
client id generated by the identity provider
clientSecret string required
Possible values: non-empty and <= 200 characters
client secret generated by the identity provider
issuer string required
the OIDC issuer of the identity provider
scopes string[]
the scopes requested by ZITADEL during the request on the identity provider
displayNameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
usernameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
autoRegister boolean

Request Body required

name string required
Possible values: non-empty and <= 200 characters
stylingType string
Possible values: [STYLING_TYPE_UNSPECIFIED, STYLING_TYPE_GOOGLE]
Default value: STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
clientId string required
Possible values: non-empty and <= 200 characters
client id generated by the identity provider
clientSecret string required
Possible values: non-empty and <= 200 characters
client secret generated by the identity provider
issuer string required
the OIDC issuer of the identity provider
scopes string[]
the scopes requested by ZITADEL during the request on the identity provider
displayNameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
usernameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
autoRegister boolean

Responses

200
default

A successful response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
idpId string

{
  "details": {
    "sequence": "2",
    "creationDate": "2023-05-10",
    "changeDate": "2023-05-10",
    "resourceOwner": "69629023906488334"
  },
  "idpId": "69234230193872955"
}

Schema
Example (from schema)

Schema

details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
idpId string

{
  "details": {
    "sequence": "2",
    "creationDate": "2023-05-10",
    "changeDate": "2023-05-10",
    "resourceOwner": "69629023906488334"
  },
  "idpId": "69234230193872955"
}

Schema
Example (from schema)

Schema

details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
idpId string

{
  "details": {
    "sequence": "2",
    "creationDate": "2023-05-10",
    "changeDate": "2023-05-10",
    "resourceOwner": "69629023906488334"
  },
  "idpId": "69234230193872955"
}

An unexpected error response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Deprecated: Add OIDC Identity Provider (IDP)​

Deprecated: Add OIDC Identity Provider (IDP)