Skip to main content

Code examples

Actions are a powerful tool to extend ZITADEL and you might wonder what use cases actions can be used for.

This page provides a non-exhaustive list of possibilities which is provided by examples. If a use case is missing feel free to contribute an issue or pull request to the repository, thanks in advance 🤗.

Customize OIDC response

Append claims returned on OIDC requests.

Triggers

Set hardcoded claim

Extend the claims by a hardcoded value.

Code example
examples/add_claim.js
loading...

Set dynamic claim from user metadata

Extend the claims by dynamically read metadata from a user and sets the picture-claim if idpPicture-metadata value is present.

Code example
examples/add_picture_claim_from_idp_metadata.js
loading...

Set dynamic claim from organization metadata

Extend the claims by dynamically read metadata from an organization and sets the present metadata.

Code example
examples/org_metadata_claim.js
loading...

Custom role mapping in claims

Some products require specific role mapping from ZITADEL, no worries we got you covered 😉

Code example
examples/custom_roles.js
loading...

Custom role mapping including org metadata in claims

There's even a possibility to use the metadata of organizations the user is granted to

Code example
examples/custom_roles_org_metadata.js
loading...

Customize SAML response

Append attributes returned on SAML requests.

Triggers

Custom role mapping in attributes

Some products require specific role mapping from ZITADEL, no worries we got you covered 😉

Code example
examples/set_custom_attribute.js
loading...

Set dynamic attribute from organization metadata

Extend the attributes by dynamically read metadata from an organization and sets the present metadata.

Code example
examples/org_metadata_attribute.js
loading...

Manipulate user

You can automate manual tasks like setting default grants during user creation.

Set email always verified

Useful if you trust the provided information or don't want the users to verify their e-mail addresses.

Triggers

Code example
examples/verify_email.js
loading...

Add grants to users

Allows you to add default user grants to a user after it was created or federated.

Triggers

Code example
examples/add_user_grant.js
loading...

Add metadata to users

Adding metadata to users allows you to set default metadata on users.

Triggers

Code example
examples/add_metadata.js
loading...

Use provided fields of identity providers

If you want to ensure that the data of a user are always update you can automatically update user fields during authentication and safe time of your customers and your team. 🤯

Trigger

Fields provided by Okta as OIDC IdP

If you use Okta as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
examples/okta_identity_provider.js
loading...

Fields provided by Gitlab

If you use Gitlab as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
examples/gitlab_identity_provider.js
loading...

Fields provided by Github

If you use Github as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
examples/github_identity_provider.js
loading...

Claims provided by a generic OIDC identity provider

If you use a generic OIDC identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
examples/set_idp_picture_metadata.js
loading...

Attributes provided by Okta as SAML IDP

If you use Okta as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
examples/okta_saml_prefil_register_form.js
loading...

Attributes provided by Microsoft Entra as SAML IDP

If you use Microsoft Entra as SAML identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
examples/entra_id_saml_prefil_register_form.js
loading...

Attributes provided by a generic SAML identity provider

If you use a SAML identity provider like mocksaml you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
examples/post_auth_saml.js
loading...

Context aware execution

Based on the context the execution path of an action can change. ZITADEL allows complex execution paths of course. 😎

Based on auth request information

Execution paths might change based on the application initiating the authentication.

Triggers

Code example
examples/execute_action_on_specific_app.js
loading...

This example uses zitadel's log module

Check authentication error

Your action can also check for errors during the login process.

Triggers

Code example
examples/post_auth_log.js
loading...

This example uses zitadel's log module

Throw an error

Allows you to limit the user interaction. The error thrown will be shown to the user if the action is not allowed to fail.

Code example
examples/throw_error.js
loading...