Skip to main content

Objects

External User​

  • externalId string
    User id from the identity provider
  • externalIdpId string
    Id of the identity provider
  • human
    • firstName string
    • lastName string
    • nickName string
    • displayName string
    • preferredLanguage string
      In RFC 5646 fromat
    • email string
    • isEmailVerified boolean
    • phone string
    • isPhoneVerified boolean

metadata with value as bytes​

  • key string
  • value Array of byte

metadata result​

  • count number
  • sequence number
  • timestamp Date
  • metadata Array of metadata

metadata​

  • creationDate Date
  • changeDate Date
  • resourceOwner string
  • sequence number
  • key string
  • value Any

user grant​

  • projectID string
    Required. Id of the project to be granted
  • projectGrantID string
    Optional. If the grant is for a project grant, include projectGrantID
  • roles Array of string
    Containing the roles

user​

  • id string
  • creationDate Date
  • changeDate Date
  • resourceOwner string
  • sequence number
    Unsigned 64 bit integer
  • state number
    • 0: unspecified
    • 1: active
    • 2: inactive
    • 3: deleted
    • 4: locked
    • 5: suspended
    • 6: initial
  • username string
  • loginNames Array of string
  • preferredLoginName string
  • human
    Set if the user is human
    • firstName string
    • lastName string
    • nickName string
    • displayName string
    • avatarKey string
    • preferredLanguage string
      In RFC 5646 fromat
    • gender number
      • 0: unspecified
      • 1: female
      • 2: male
      • 3: diverse
    • email string
    • isEmailVerified boolean
    • phone string
    • isPhoneVerified boolean
  • machine
    Set if the user is a machine
    • name string
    • description string

human user​

  • id string
  • creationDate Date
  • changeDate Date
  • resourceOwner string
  • sequence number
  • state number
    • 0: unspecified
    • 1: active
    • 2: inactive
    • 3: deleted
    • 4: locked
    • 5: suspended
    • 6: initial
  • username string
  • loginNames Array of string
  • preferredLoginName string
  • profile
    • firstName string
    • lastName string
    • nickName string
    • displayName string
    • preferredLanguage string
      In RFC 5646 fromat
  • email
    • email string
    • isEmailVerified boolean
  • phone
    • phone string
    • isPhoneVerified boolean

Auth Request​

This object contains context information about the request to the authorization endpoint.

  • id string
  • agentId string
  • creationDate Date
  • changeDate Date
  • browserInfo browserInfo
    • userAgent string
    • acceptLanguage string
    • remoteIp string
  • applicationId string
  • callbackUri string
  • transferState string
  • prompt Array of Number
    • 0: not specified
    • 1: none
    • 2: login
    • 3: consent
    • 4: select_account
    • 5: create
  • uiLocales Array of string
  • loginHint string
  • maxAuthAge Number
    Duration in nanoseconds
  • instanceId string
  • request
    • oidc
      • scopes Array of string
  • userId string
  • userName string
  • loginName string
  • displayName string
  • resourceOwner string
  • requestedOrgId string
  • requestedOrgName string
  • requestedPrimaryDomain string
  • requestedOrgDomain bool
  • applicationResourceOwner string
  • privateLabelingSetting Number
    • 0: Unspecified
    • 1: Enforce project resource owner policy
    • 2: Allow login user resource owner policy
  • selectedIdpConfigId string
  • linkingUsers Array of ExternalUser
  • passwordVerified bool
  • mfasVerified Array of Number
    • 0: OTP
    • 1: U2F
    • 2: U2F User verification
  • audience Array of string
  • authTime Date

HTTP Request​

This object is based on the Golang struct http.Request, some attributes are removed as not all provided information is usable in this context.

  • method string
  • url string
  • proto string
  • contentLength number
  • host string
  • form Map string of Array of string
  • postForm Map string of Array of string
  • remoteAddr string
  • headers Map string of Array of string

Claims​

This object represents the claims which will be written into the oidc token.

  • sub string
  • name string
  • email string
  • locale string
  • given_name string
  • family_name string
  • preferred_username string
  • email_verified bool
  • updated_at Number

Additionally there could additional fields depending on the configuration of your project and your application

user grant list​

This object represents a list of user grant stored in ZITADEL.

  • count Number
  • sequence Number
  • timestamp Date
  • grants Array of
    • id string
    • projectGrantId string
      The id of the project grant
    • state Number
      • 0: unspecified
      • 1: active
      • 2: inactive
      • 3: removed
    • creationDate Date
    • changeDate Date
    • sequence Number
    • userId string
    • roles Array of string
    • userResourceOwner string
      The id of the organization of the user
    • userGrantResourceOwner string
      The id of the organization, where the user was granted
    • userGrantResourceOwnerName string
      The name of the organization, where the user was granted
    • projectId string
    • projectName string