Deprecated: Add OIDC Identity Provider (IDP)
This endpoint has been deprecated and may be removed in future versions of the API.
Create a new identity provider configuration on the organization to enable your users to log in with social/enterprise login. The provider has to be OIDC-compliant. This configuration can only be used by the organization itself.
Header Parameters
- x-zitadel-orgid string
The default is always the organization of the requesting user. If you like to get/set a result of another organization include the header. Make sure the user has permission to access the requested data.
- application/json
- application/grpc
- application/grpc-web+proto
Request Body required
- name string required
Possible values:
non-empty
and<= 200 characters
- stylingType string
Possible values: [
STYLING_TYPE_UNSPECIFIED
,STYLING_TYPE_GOOGLE
]Default value:
STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
- clientId string required
Possible values:
non-empty
and<= 200 characters
client id generated by the identity provider
- clientSecret string required
Possible values:
non-empty
and<= 200 characters
client secret generated by the identity provider
- issuer string required
the OIDC issuer of the identity provider
- scopes string[]
the scopes requested by ZITADEL during the request on the identity provider
- displayNameMapping string
Possible values: [
OIDC_MAPPING_FIELD_UNSPECIFIED
,OIDC_MAPPING_FIELD_PREFERRED_USERNAME
,OIDC_MAPPING_FIELD_EMAIL
]Default value:
OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
- usernameMapping string
Possible values: [
OIDC_MAPPING_FIELD_UNSPECIFIED
,OIDC_MAPPING_FIELD_PREFERRED_USERNAME
,OIDC_MAPPING_FIELD_EMAIL
]Default value:
OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
- autoRegister boolean
Request Body required
- name string required
Possible values:
non-empty
and<= 200 characters
- stylingType string
Possible values: [
STYLING_TYPE_UNSPECIFIED
,STYLING_TYPE_GOOGLE
]Default value:
STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
- clientId string required
Possible values:
non-empty
and<= 200 characters
client id generated by the identity provider
- clientSecret string required
Possible values:
non-empty
and<= 200 characters
client secret generated by the identity provider
- issuer string required
the OIDC issuer of the identity provider
- scopes string[]
the scopes requested by ZITADEL during the request on the identity provider
- displayNameMapping string
Possible values: [
OIDC_MAPPING_FIELD_UNSPECIFIED
,OIDC_MAPPING_FIELD_PREFERRED_USERNAME
,OIDC_MAPPING_FIELD_EMAIL
]Default value:
OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
- usernameMapping string
Possible values: [
OIDC_MAPPING_FIELD_UNSPECIFIED
,OIDC_MAPPING_FIELD_PREFERRED_USERNAME
,OIDC_MAPPING_FIELD_EMAIL
]Default value:
OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
- autoRegister boolean
Request Body required
- name string required
Possible values:
non-empty
and<= 200 characters
- stylingType string
Possible values: [
STYLING_TYPE_UNSPECIFIED
,STYLING_TYPE_GOOGLE
]Default value:
STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
- clientId string required
Possible values:
non-empty
and<= 200 characters
client id generated by the identity provider
- clientSecret string required
Possible values:
non-empty
and<= 200 characters
client secret generated by the identity provider
- issuer string required
the OIDC issuer of the identity provider
- scopes string[]
the scopes requested by ZITADEL during the request on the identity provider
- displayNameMapping string
Possible values: [
OIDC_MAPPING_FIELD_UNSPECIFIED
,OIDC_MAPPING_FIELD_PREFERRED_USERNAME
,OIDC_MAPPING_FIELD_EMAIL
]Default value:
OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
- usernameMapping string
Possible values: [
OIDC_MAPPING_FIELD_UNSPECIFIED
,OIDC_MAPPING_FIELD_PREFERRED_USERNAME
,OIDC_MAPPING_FIELD_EMAIL
]Default value:
OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
- autoRegister boolean
- 200
- default
A successful response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
details object
sequence uint64on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-timeon read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
changeDate date-timeon read: the timestamp of the last event reduced by the projection
on manipulation: the
resourceOwner resource_owner is the organization an object belongs to- idpId string
{
"details": {
"sequence": "2",
"creationDate": "2023-05-10",
"changeDate": "2023-05-10",
"resourceOwner": "69629023906488334"
},
"idpId": "69234230193872955"
}
- Schema
- Example (from schema)
Schema
details object
sequence uint64on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-timeon read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
changeDate date-timeon read: the timestamp of the last event reduced by the projection
on manipulation: the
resourceOwner resource_owner is the organization an object belongs to- idpId string
{
"details": {
"sequence": "2",
"creationDate": "2023-05-10",
"changeDate": "2023-05-10",
"resourceOwner": "69629023906488334"
},
"idpId": "69234230193872955"
}
- Schema
- Example (from schema)
Schema
details object
sequence uint64on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-timeon read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
changeDate date-timeon read: the timestamp of the last event reduced by the projection
on manipulation: the
resourceOwner resource_owner is the organization an object belongs to- idpId string
{
"details": {
"sequence": "2",
"creationDate": "2023-05-10",
"changeDate": "2023-05-10",
"resourceOwner": "69629023906488334"
},
"idpId": "69234230193872955"
}
An unexpected error response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}