Search Applications
POST/projects/:projectId/apps/_search
Returns all applications within a project, that match the query.
Request​
Path Parameters
Header Parameters
The default is always the organization of the requesting user. If you like to change/get objects of another organization include the header. Make sure the requesting user has permission to access the requested data.
- application/json
- application/grpc
- application/grpc-web+proto
Body
required
Array [
]
query
object
Object unspecific list filters like offset, limit and asc/desc.
Maximum amount of events returned. The default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If the limit exceeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.
default is descending
queries
object[]
nameQuery
object
Possible values: [TEXT_QUERY_METHOD_EQUALS
, TEXT_QUERY_METHOD_EQUALS_IGNORE_CASE
, TEXT_QUERY_METHOD_STARTS_WITH
, TEXT_QUERY_METHOD_STARTS_WITH_IGNORE_CASE
, TEXT_QUERY_METHOD_CONTAINS
, TEXT_QUERY_METHOD_CONTAINS_IGNORE_CASE
, TEXT_QUERY_METHOD_ENDS_WITH
, TEXT_QUERY_METHOD_ENDS_WITH_IGNORE_CASE
]
Default value: TEXT_QUERY_METHOD_EQUALS
defines which text equality method is used
Body
required
Array [
]
query
object
Object unspecific list filters like offset, limit and asc/desc.
Maximum amount of events returned. The default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If the limit exceeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.
default is descending
queries
object[]
nameQuery
object
Possible values: [TEXT_QUERY_METHOD_EQUALS
, TEXT_QUERY_METHOD_EQUALS_IGNORE_CASE
, TEXT_QUERY_METHOD_STARTS_WITH
, TEXT_QUERY_METHOD_STARTS_WITH_IGNORE_CASE
, TEXT_QUERY_METHOD_CONTAINS
, TEXT_QUERY_METHOD_CONTAINS_IGNORE_CASE
, TEXT_QUERY_METHOD_ENDS_WITH
, TEXT_QUERY_METHOD_ENDS_WITH_IGNORE_CASE
]
Default value: TEXT_QUERY_METHOD_EQUALS
defines which text equality method is used
Body
required
Array [
]
query
object
Object unspecific list filters like offset, limit and asc/desc.
Maximum amount of events returned. The default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If the limit exceeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.
default is descending
queries
object[]
nameQuery
object
Possible values: [TEXT_QUERY_METHOD_EQUALS
, TEXT_QUERY_METHOD_EQUALS_IGNORE_CASE
, TEXT_QUERY_METHOD_STARTS_WITH
, TEXT_QUERY_METHOD_STARTS_WITH_IGNORE_CASE
, TEXT_QUERY_METHOD_CONTAINS
, TEXT_QUERY_METHOD_CONTAINS_IGNORE_CASE
, TEXT_QUERY_METHOD_ENDS_WITH
, TEXT_QUERY_METHOD_ENDS_WITH_IGNORE_CASE
]
Default value: TEXT_QUERY_METHOD_EQUALS
defines which text equality method is used
Responses​
- 200
- default
A successful response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
Array [
]
]
details
object
the last time the view got updated
result
object[]
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
Possible values: [APP_STATE_UNSPECIFIED
, APP_STATE_ACTIVE
, APP_STATE_INACTIVE
]
Default value: APP_STATE_UNSPECIFIED
current state of the application
oidcConfig
object
Callback URI of the authorization request where the code or tokens will be sent to
Possible values: [OIDC_RESPONSE_TYPE_CODE
, OIDC_RESPONSE_TYPE_ID_TOKEN
, OIDC_RESPONSE_TYPE_ID_TOKEN_TOKEN
]
Determines whether a code, id_token token or just id_token will be returned
Possible values: [OIDC_GRANT_TYPE_AUTHORIZATION_CODE
, OIDC_GRANT_TYPE_IMPLICIT
, OIDC_GRANT_TYPE_REFRESH_TOKEN
, OIDC_GRANT_TYPE_DEVICE_CODE
, OIDC_GRANT_TYPE_TOKEN_EXCHANGE
]
The flow type the application uses to gain access
Possible values: [OIDC_APP_TYPE_WEB
, OIDC_APP_TYPE_USER_AGENT
, OIDC_APP_TYPE_NATIVE
]
Default value: OIDC_APP_TYPE_WEB
determines the paradigm of the application
generated oauth2/oidc client id
Possible values: [OIDC_AUTH_METHOD_TYPE_BASIC
, OIDC_AUTH_METHOD_TYPE_POST
, OIDC_AUTH_METHOD_TYPE_NONE
, OIDC_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT
]
Default value: OIDC_AUTH_METHOD_TYPE_BASIC
defines how the application passes login credentials
ZITADEL will redirect to this link after a successful logout
Possible values: [OIDC_VERSION_1_0
]
Default value: OIDC_VERSION_1_0
the OIDC version used by the application
specifies whether the config is OIDC compliant. A production configuration SHOULD be compliant
complianceProblems
object[]
lists the problems for non-compliancy
used for development
Possible values: [OIDC_TOKEN_TYPE_BEARER
, OIDC_TOKEN_TYPE_JWT
]
Default value: OIDC_TOKEN_TYPE_BEARER
type of the access token returned from ZITADEL
adds roles to the claims of the access token (only if type == JWT) even if they are not requested by scopes
adds roles to the claims of the id token even if they are not requested by scopes
claims of profile, email, address and phone scopes are added to the id token even if an access token is issued. Attention this violates the OIDC specification
Used to compensate time difference of servers. Duration added to the "exp" claim and subtracted from "iat", "auth_time" and "nbf" claims
additional origins (other than the redirect_uris) from where the API can be used
all allowed origins from where the API can be used
Skip the successful login page on native apps and directly redirect the user to the callback.
ZITADEL will use this URI to notify the application about terminated session according to the OIDC Back-Channel Logout (https://openid.net/specs/openid-connect-backchannel-1_0.html)
loginVersion
object
Specify the preferred login UI, where the user is redirected to for authentication. If unset, the login UI is chosen by the instance default.
loginV2
object
Optionally specify a base uri of the login UI. If unspecified the default URI will be used.
apiConfig
object
generated oauth2/oidc client_id
Possible values: [API_AUTH_METHOD_TYPE_BASIC
, API_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT
]
Default value: API_AUTH_METHOD_TYPE_BASIC
defines how the API passes the login credentials
samlConfig
object
{
"details": {
"totalResult": "2",
"processedSequence": "267831",
"viewTimestamp": "2024-12-20T16:04:46.752Z"
},
"result": [
{
"id": "69629023906488334",
"details": {
"sequence": "2",
"creationDate": "2024-12-20T16:04:46.752Z",
"changeDate": "2024-12-20T16:04:46.752Z",
"resourceOwner": "69629023906488334"
},
"state": "APP_STATE_UNSPECIFIED",
"name": "Console",
"oidcConfig": {
"redirectUris": [
"https://console.zitadel.ch/auth/callback"
],
"responseTypes": [
"OIDC_RESPONSE_TYPE_CODE"
],
"grantTypes": [
"OIDC_GRANT_TYPE_AUTHORIZATION_CODE"
],
"appType": "OIDC_APP_TYPE_WEB",
"clientId": "69629023906488334@ZITADEL",
"authMethodType": "OIDC_AUTH_METHOD_TYPE_BASIC",
"postLogoutRedirectUris": [
"https://console.zitadel.ch/logout"
],
"version": "OIDC_VERSION_1_0",
"noneCompliant": true,
"complianceProblems": [
{
"key": "string",
"localizedMessage": "string"
}
],
"devMode": true,
"accessTokenType": "OIDC_TOKEN_TYPE_BEARER",
"accessTokenRoleAssertion": true,
"idTokenRoleAssertion": true,
"idTokenUserinfoAssertion": true,
"clockSkew": "string",
"additionalOrigins": [
"https://console.zitadel.ch/auth/callback"
],
"allowedOrigins": [
"https://console.zitadel.ch/auth/callback"
],
"skipNativeAppSuccessPage": true,
"backChannelLogoutUri": [
"https://example.com/auth/backchannel"
],
"loginVersion": {
"loginV1": {},
"loginV2": {
"baseUri": "string"
}
}
},
"apiConfig": {
"clientId": "69629023906488334@ZITADEL",
"authMethodType": "API_AUTH_METHOD_TYPE_BASIC"
},
"samlConfig": {
"metadataXml": "string",
"metadataUrl": "string"
}
}
]
}
- Schema
- Example (from schema)
Schema
Array [
Array [
]
]
details
object
the last time the view got updated
result
object[]
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
Possible values: [APP_STATE_UNSPECIFIED
, APP_STATE_ACTIVE
, APP_STATE_INACTIVE
]
Default value: APP_STATE_UNSPECIFIED
current state of the application
oidcConfig
object
Callback URI of the authorization request where the code or tokens will be sent to
Possible values: [OIDC_RESPONSE_TYPE_CODE
, OIDC_RESPONSE_TYPE_ID_TOKEN
, OIDC_RESPONSE_TYPE_ID_TOKEN_TOKEN
]
Determines whether a code, id_token token or just id_token will be returned
Possible values: [OIDC_GRANT_TYPE_AUTHORIZATION_CODE
, OIDC_GRANT_TYPE_IMPLICIT
, OIDC_GRANT_TYPE_REFRESH_TOKEN
, OIDC_GRANT_TYPE_DEVICE_CODE
, OIDC_GRANT_TYPE_TOKEN_EXCHANGE
]
The flow type the application uses to gain access
Possible values: [OIDC_APP_TYPE_WEB
, OIDC_APP_TYPE_USER_AGENT
, OIDC_APP_TYPE_NATIVE
]
Default value: OIDC_APP_TYPE_WEB
determines the paradigm of the application
generated oauth2/oidc client id
Possible values: [OIDC_AUTH_METHOD_TYPE_BASIC
, OIDC_AUTH_METHOD_TYPE_POST
, OIDC_AUTH_METHOD_TYPE_NONE
, OIDC_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT
]
Default value: OIDC_AUTH_METHOD_TYPE_BASIC
defines how the application passes login credentials
ZITADEL will redirect to this link after a successful logout
Possible values: [OIDC_VERSION_1_0
]
Default value: OIDC_VERSION_1_0
the OIDC version used by the application
specifies whether the config is OIDC compliant. A production configuration SHOULD be compliant
complianceProblems
object[]
lists the problems for non-compliancy
used for development
Possible values: [OIDC_TOKEN_TYPE_BEARER
, OIDC_TOKEN_TYPE_JWT
]
Default value: OIDC_TOKEN_TYPE_BEARER
type of the access token returned from ZITADEL
adds roles to the claims of the access token (only if type == JWT) even if they are not requested by scopes
adds roles to the claims of the id token even if they are not requested by scopes
claims of profile, email, address and phone scopes are added to the id token even if an access token is issued. Attention this violates the OIDC specification
Used to compensate time difference of servers. Duration added to the "exp" claim and subtracted from "iat", "auth_time" and "nbf" claims
additional origins (other than the redirect_uris) from where the API can be used
all allowed origins from where the API can be used
Skip the successful login page on native apps and directly redirect the user to the callback.
ZITADEL will use this URI to notify the application about terminated session according to the OIDC Back-Channel Logout (https://openid.net/specs/openid-connect-backchannel-1_0.html)
loginVersion
object
Specify the preferred login UI, where the user is redirected to for authentication. If unset, the login UI is chosen by the instance default.
loginV2
object
Optionally specify a base uri of the login UI. If unspecified the default URI will be used.
apiConfig
object
generated oauth2/oidc client_id
Possible values: [API_AUTH_METHOD_TYPE_BASIC
, API_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT
]
Default value: API_AUTH_METHOD_TYPE_BASIC
defines how the API passes the login credentials
samlConfig
object
{
"details": {
"totalResult": "2",
"processedSequence": "267831",
"viewTimestamp": "2024-12-20T16:04:46.755Z"
},
"result": [
{
"id": "69629023906488334",
"details": {
"sequence": "2",
"creationDate": "2024-12-20T16:04:46.755Z",
"changeDate": "2024-12-20T16:04:46.755Z",
"resourceOwner": "69629023906488334"
},
"state": "APP_STATE_UNSPECIFIED",
"name": "Console",
"oidcConfig": {
"redirectUris": [
"https://console.zitadel.ch/auth/callback"
],
"responseTypes": [
"OIDC_RESPONSE_TYPE_CODE"
],
"grantTypes": [
"OIDC_GRANT_TYPE_AUTHORIZATION_CODE"
],
"appType": "OIDC_APP_TYPE_WEB",
"clientId": "69629023906488334@ZITADEL",
"authMethodType": "OIDC_AUTH_METHOD_TYPE_BASIC",
"postLogoutRedirectUris": [
"https://console.zitadel.ch/logout"
],
"version": "OIDC_VERSION_1_0",
"noneCompliant": true,
"complianceProblems": [
{
"key": "string",
"localizedMessage": "string"
}
],
"devMode": true,
"accessTokenType": "OIDC_TOKEN_TYPE_BEARER",
"accessTokenRoleAssertion": true,
"idTokenRoleAssertion": true,
"idTokenUserinfoAssertion": true,
"clockSkew": "string",
"additionalOrigins": [
"https://console.zitadel.ch/auth/callback"
],
"allowedOrigins": [
"https://console.zitadel.ch/auth/callback"
],
"skipNativeAppSuccessPage": true,
"backChannelLogoutUri": [
"https://example.com/auth/backchannel"
],
"loginVersion": {
"loginV1": {},
"loginV2": {
"baseUri": "string"
}
}
},
"apiConfig": {
"clientId": "69629023906488334@ZITADEL",
"authMethodType": "API_AUTH_METHOD_TYPE_BASIC"
},
"samlConfig": {
"metadataXml": "string",
"metadataUrl": "string"
}
}
]
}
- Schema
- Example (from schema)
Schema
Array [
Array [
]
]
details
object
the last time the view got updated
result
object[]
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
Possible values: [APP_STATE_UNSPECIFIED
, APP_STATE_ACTIVE
, APP_STATE_INACTIVE
]
Default value: APP_STATE_UNSPECIFIED
current state of the application
oidcConfig
object
Callback URI of the authorization request where the code or tokens will be sent to
Possible values: [OIDC_RESPONSE_TYPE_CODE
, OIDC_RESPONSE_TYPE_ID_TOKEN
, OIDC_RESPONSE_TYPE_ID_TOKEN_TOKEN
]
Determines whether a code, id_token token or just id_token will be returned
Possible values: [OIDC_GRANT_TYPE_AUTHORIZATION_CODE
, OIDC_GRANT_TYPE_IMPLICIT
, OIDC_GRANT_TYPE_REFRESH_TOKEN
, OIDC_GRANT_TYPE_DEVICE_CODE
, OIDC_GRANT_TYPE_TOKEN_EXCHANGE
]
The flow type the application uses to gain access
Possible values: [OIDC_APP_TYPE_WEB
, OIDC_APP_TYPE_USER_AGENT
, OIDC_APP_TYPE_NATIVE
]
Default value: OIDC_APP_TYPE_WEB
determines the paradigm of the application
generated oauth2/oidc client id
Possible values: [OIDC_AUTH_METHOD_TYPE_BASIC
, OIDC_AUTH_METHOD_TYPE_POST
, OIDC_AUTH_METHOD_TYPE_NONE
, OIDC_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT
]
Default value: OIDC_AUTH_METHOD_TYPE_BASIC
defines how the application passes login credentials
ZITADEL will redirect to this link after a successful logout
Possible values: [OIDC_VERSION_1_0
]
Default value: OIDC_VERSION_1_0
the OIDC version used by the application
specifies whether the config is OIDC compliant. A production configuration SHOULD be compliant
complianceProblems
object[]
lists the problems for non-compliancy
used for development
Possible values: [OIDC_TOKEN_TYPE_BEARER
, OIDC_TOKEN_TYPE_JWT
]
Default value: OIDC_TOKEN_TYPE_BEARER
type of the access token returned from ZITADEL
adds roles to the claims of the access token (only if type == JWT) even if they are not requested by scopes
adds roles to the claims of the id token even if they are not requested by scopes
claims of profile, email, address and phone scopes are added to the id token even if an access token is issued. Attention this violates the OIDC specification
Used to compensate time difference of servers. Duration added to the "exp" claim and subtracted from "iat", "auth_time" and "nbf" claims
additional origins (other than the redirect_uris) from where the API can be used
all allowed origins from where the API can be used
Skip the successful login page on native apps and directly redirect the user to the callback.
ZITADEL will use this URI to notify the application about terminated session according to the OIDC Back-Channel Logout (https://openid.net/specs/openid-connect-backchannel-1_0.html)
loginVersion
object
Specify the preferred login UI, where the user is redirected to for authentication. If unset, the login UI is chosen by the instance default.
loginV2
object
Optionally specify a base uri of the login UI. If unspecified the default URI will be used.
apiConfig
object
generated oauth2/oidc client_id
Possible values: [API_AUTH_METHOD_TYPE_BASIC
, API_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT
]
Default value: API_AUTH_METHOD_TYPE_BASIC
defines how the API passes the login credentials
samlConfig
object
{
"details": {
"totalResult": "2",
"processedSequence": "267831",
"viewTimestamp": "2024-12-20T16:04:46.757Z"
},
"result": [
{
"id": "69629023906488334",
"details": {
"sequence": "2",
"creationDate": "2024-12-20T16:04:46.758Z",
"changeDate": "2024-12-20T16:04:46.758Z",
"resourceOwner": "69629023906488334"
},
"state": "APP_STATE_UNSPECIFIED",
"name": "Console",
"oidcConfig": {
"redirectUris": [
"https://console.zitadel.ch/auth/callback"
],
"responseTypes": [
"OIDC_RESPONSE_TYPE_CODE"
],
"grantTypes": [
"OIDC_GRANT_TYPE_AUTHORIZATION_CODE"
],
"appType": "OIDC_APP_TYPE_WEB",
"clientId": "69629023906488334@ZITADEL",
"authMethodType": "OIDC_AUTH_METHOD_TYPE_BASIC",
"postLogoutRedirectUris": [
"https://console.zitadel.ch/logout"
],
"version": "OIDC_VERSION_1_0",
"noneCompliant": true,
"complianceProblems": [
{
"key": "string",
"localizedMessage": "string"
}
],
"devMode": true,
"accessTokenType": "OIDC_TOKEN_TYPE_BEARER",
"accessTokenRoleAssertion": true,
"idTokenRoleAssertion": true,
"idTokenUserinfoAssertion": true,
"clockSkew": "string",
"additionalOrigins": [
"https://console.zitadel.ch/auth/callback"
],
"allowedOrigins": [
"https://console.zitadel.ch/auth/callback"
],
"skipNativeAppSuccessPage": true,
"backChannelLogoutUri": [
"https://example.com/auth/backchannel"
],
"loginVersion": {
"loginV1": {},
"loginV2": {
"baseUri": "string"
}
}
},
"apiConfig": {
"clientId": "69629023906488334@ZITADEL",
"authMethodType": "API_AUTH_METHOD_TYPE_BASIC"
},
"samlConfig": {
"metadataXml": "string",
"metadataUrl": "string"
}
}
]
}
An unexpected error response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}