ZITADEL Docs
Integrate & AuthenticateActionsV1

Objects

External User

  • externalId string User id from the identity provider
  • externalIdpId string Id of the identity provider
  • human
    • firstName string
    • lastName string
    • nickName string
    • displayName string
    • preferredLanguage string In RFC 5646 format
    • email string
    • isEmailVerified boolean
    • phone string
    • isPhoneVerified boolean

metadata with value as bytes

  • key string
  • value Array of byte

metadata result

  • count number
  • sequence number
  • timestamp Date
  • metadata Array of metadata

metadata

  • creationDate Date
  • changeDate Date
  • resourceOwner string
  • sequence number
  • key string
  • value Any

user grant

  • projectID string Required. Id of the project to be granted
  • projectGrantID string Optional. If the grant is for a project grant, include projectGrantID
  • roles Array of string Containing the roles

user

  • id string
  • creationDate Date
  • changeDate Date
  • resourceOwner string
  • sequence number Unsigned 64 bit integer
  • state number
    • 0: unspecified
    • 1: active
    • 2: inactive
    • 3: deleted
    • 4: locked
    • 5: suspended
    • 6: initial
  • username string
  • loginNames Array of string
  • preferredLoginName string
  • human Set if the user is human
    • firstName string
    • lastName string
    • nickName string
    • displayName string
    • avatarKey string
    • preferredLanguage string In RFC 5646 format
    • gender number
      • 0: unspecified
      • 1: female
      • 2: male
      • 3: diverse
    • email string
    • isEmailVerified boolean
    • phone string
    • isPhoneVerified boolean
  • machine Set if the user is a machine
    • name string
    • description string

human user

  • id string
  • creationDate Date
  • changeDate Date
  • resourceOwner string
  • sequence number
  • state number
    • 0: unspecified
    • 1: active
    • 2: inactive
    • 3: deleted
    • 4: locked
    • 5: suspended
    • 6: initial
  • username string
  • loginNames Array of string
  • preferredLoginName string
  • profile
    • firstName string
    • lastName string
    • nickName string
    • displayName string
    • preferredLanguage string In RFC 5646 format
  • email
    • email string
    • isEmailVerified boolean
  • phone
    • phone string
    • isPhoneVerified boolean

Auth Request

This object contains context information about the request to the authorization endpoint.

  • id string
  • agentId string
  • creationDate Date
  • changeDate Date
  • browserInfo browserInfo
    • userAgent string
    • acceptLanguage string
    • remoteIp string
  • applicationId string
  • callbackUri string
  • transferState string
  • prompt Array of Number
    • 0: not specified
    • 1: none
    • 2: login
    • 3: consent
    • 4: select_account
    • 5: create
  • uiLocales Array of string
  • loginHint string
  • maxAuthAge Number Duration in nanoseconds
  • instanceId string
  • request
    • oidc
      • scopes Array of string
  • userId string
  • userName string
  • loginName string
  • displayName string
  • resourceOwner string
  • requestedOrgId string
  • requestedOrgName string
  • requestedPrimaryDomain string
  • requestedOrgDomain bool
  • applicationResourceOwner string
  • privateLabelingSetting Number
    • 0: Unspecified
    • 1: Enforce project's policy
    • 2: Allow user's organization login policy
  • selectedIdpConfigId string
  • linkingUsers Array of ExternalUser
  • passwordVerified bool
  • mfasVerified Array of Number
    • 0: OTP
    • 1: U2F
    • 2: U2F User verification
  • audience Array of string
  • authTime Date

HTTP Request

This object is based on the Golang struct http.Request, some attributes are removed as not all provided information is usable in this context.

  • method string
  • url string
  • proto string
  • contentLength number
  • host string
  • form Map string of Array of string
  • postForm Map string of Array of string
  • remoteAddr string
  • headers Map string of Array of string

Claims

This object represents the claims which will be written into the oidc token.

  • sub string
  • name string
  • email string
  • locale string
  • given_name string
  • family_name string
  • preferred_username string
  • email_verified bool
  • updated_at Number

Additionally there could additional fields depending on the configuration of your project and your application

user grant list

This object represents a list of user grant stored in ZITADEL.

  • count Number
  • sequence Number
  • timestamp Date
  • grants Array of
    • id string
    • projectGrantId string The id of the project grant
    • state Number
      • 0: unspecified
      • 1: active
      • 2: inactive
      • 3: removed
    • creationDate Date
    • changeDate Date
    • sequence Number
    • userId string
    • roles Array of string
    • userResourceOwner string The id of the organization of the user
    • userGrantResourceOwner string The id of the organization, where the user was granted
    • userGrantResourceOwnerName string The name of the organization, where the user was granted
    • projectId string
    • projectName string
    • getOrgMetadata() metadataResult Get the metadata of the organization where the user was granted

Was this page helpful?

Complement SAMLResponse

Previous Page

Behavior Customization

Next Page

On this page

External Usermetadata with value as bytesmetadata resultmetadatauser grantuserhuman userAuth RequestHTTP RequestClaimsuser grant list