External Authentication Flow
This flow is executed if the user logs in using an identity provider.
The flow is represented by the following Ids in the API: FLOW_TYPE_EXTERNAL_AUTHENTICATION and 1
Post Authentication
A user has authenticated externally. ZITADEL retrieved and mapped the external information.
The trigger is represented by the following Ids in the API: TRIGGER_TYPE_POST_AUTHENTICATION or 1.
Parameters of Post Authentication Action
ctxThe first parameter contains the following fieldsaccessTokenstring The access token returned by the identity provider. This can be an opaque token or a JWTrefreshTokenstring The refresh token returned by the identity provider if there is one. This is most likely to be an opaque token.claimsJSON()idTokenClaims Returns all claims of the id tokengetClaim(key)Any Returns the requested id token claimidTokenstring The id token provided by the identity provider.v1externalUserexternalUserauthErrorstring This is a verification errors string representation. If the verification succeeds, this is "none"authRequestauth requesthttpRequesthttp requestproviderInfoAny Returns the response of the provider. In case the provider is a Generic OAuth Provider, the information is accessible through:rawInfoAny
orggetMetadata()metadataResult
apiThe second parameter contains the following fieldsv1userappendMetadata(string, Any)The first parameter represents the key and the second a value which will be stored
setFirstName(string)Sets the first namesetLastName(string)Sets the last namesetNickName(string)Sets the nicknamesetDisplayName(string)Sets the display namesetPreferredLanguage(string)Sets the preferred language. Please use the format defined in RFC 5646setPreferredUsername(string)Sets the preferred usernamesetEmail(string)Sets the email address of the usersetEmailVerified(boolean)Sets the email address verified or unverifiedsetPhone(string)Sets the phone number of the usersetPhoneVerified(boolean)Sets the phone number verified or unverifiedmetadataArray of metadata. This function is deprecated, please useapi.v1.user.appendMetadata
Pre Creation
A user selected Register on the overview page after external authentication. ZITADEL did not create the user yet.
The trigger is represented by the following Ids in the API: TRIGGER_TYPE_PRE_CREATION or 2.
Parameters of Pre Creation
ctxThe first parameter contains the following fieldsv1userhumanauthRequestauth requesthttpRequesthttp requestorggetMetadata()metadataResult
apiThe second parameter contains the following fieldsmetadataArray of metadata. This function is deprecated, please useapi.v1.user.appendMetadatasetFirstName(string)Sets the first namesetLastName(string)Sets the last namesetNickName(string)Sets the nick namesetDisplayName(string)Sets the display namesetPreferredLanguage(string)Sets the preferred language, the string has to be a valid language tag as defined in RFC 5646setGender(int)Sets the gender.- 0: unspecified
- 1: female
- 2: male
- 3: diverse
setUsername(string)Sets the usernamesetEmail(string)Sets the emailsetEmailVerified(bool)If true the email set is verified without user interactionsetPhone(string)Sets the phone numbersetPhoneVerified(bool)If true the phone number set is verified without user interactionv1userappendMetadata(string, Any)The first parameter represents the key and the second a value which will be stored
Post Creation
A user selected Register on the overview page after external authentication and ZITADEL successfully created the user.
The trigger is represented by the following Ids in the API: TRIGGER_TYPE_POST_CREATION or 3.
Parameters of Post Creation
ctxThe first parameter contains the following fieldsv1getUser()userauthRequestauth requesthttpRequesthttp requestorggetMetadata()metadataResult
apiThe second parameter contains the following fields
Was this page helpful?