Skip to main content

Deprecated: Add OIDC Identity Provider (IDP)

POST 
https://$CUSTOM-DOMAIN/admin/v1/idps/oidc
deprecated

Create a new identity provider configuration to enable your users to log in with social/enterprise login. The provider has to be OIDC compliant.

Request​

Body

required

    name stringrequired

    Possible values: non-empty and <= 200 characters

    stylingType string

    Possible values: [STYLING_TYPE_UNSPECIFIED, STYLING_TYPE_GOOGLE]

    Default value: STYLING_TYPE_UNSPECIFIED

    some identity providers specify the styling of the button to their login

    clientId stringrequired

    Possible values: non-empty and <= 200 characters

    client id generated by the identity provider

    clientSecret stringrequired

    Possible values: non-empty and <= 200 characters

    client secret generated by the identity provider

    issuer stringrequired

    Possible values: <= 200 characters

    the oidc issuer of the identity provider

    scopes string[]

    the scopes requested by ZITADEL during the request on the identity provider

    displayNameMapping string

    Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]

    Default value: OIDC_MAPPING_FIELD_UNSPECIFIED

    definition which field is mapped to the display name of the user

    usernameMapping string

    Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]

    Default value: OIDC_MAPPING_FIELD_UNSPECIFIED

    definition which field is mapped to the email of the user

    autoRegister boolean

Responses​

idp created

Schema

    details

    object

    sequence uint64

    on read: the sequence of the last event reduced by the projection

    on manipulation: the timestamp of the event(s) added by the manipulation

    creationDate date-time

    on read: the timestamp of the first event of the object

    on create: the timestamp of the event(s) added by the manipulation

    changeDate date-time

    on read: the timestamp of the last event reduced by the projection

    on manipulation: the

    resourceOwner resource_owner is the organization an object belongs to (string)
    idpId string
curl -L 'https://$CUSTOM-DOMAIN/admin/v1/idps/oidc' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
-d '{
  "name": "google",
  "stylingType": "STYLING_TYPE_UNSPECIFIED",
  "clientId": "string",
  "clientSecret": "string",
  "issuer": "https://accounts.google.com",
  "scopes": [
    "openid",
    "profile",
    "email"
  ],
  "displayNameMapping": "OIDC_MAPPING_FIELD_UNSPECIFIED",
  "usernameMapping": "OIDC_MAPPING_FIELD_UNSPECIFIED",
  "autoRegister": true
}'
Request Collapse all
Base URL
https://$CUSTOM-DOMAIN/admin/v1
Auth
Body required
{
  "name": "google",
  "stylingType": "STYLING_TYPE_UNSPECIFIED",
  "clientId": "string",
  "clientSecret": "string",
  "issuer": "https://accounts.google.com",
  "scopes": [
    "openid",
    "profile",
    "email"
  ],
  "displayNameMapping": "OIDC_MAPPING_FIELD_UNSPECIFIED",
  "usernameMapping": "OIDC_MAPPING_FIELD_UNSPECIFIED",
  "autoRegister": true
}
ResponseClear

Click the Send API Request button above and see the response here!