2022-02-09 15:01:19 +01:00
Log :
Level : debug
Formatter :
2022-02-11 11:02:47 +01:00
Format : text
2022-02-14 17:22:30 +01:00
Port : 8080
ExternalPort : 8080
2022-04-28 10:30:41 +02:00
ExternalDomain : #must be provided
2022-02-14 17:22:30 +01:00
ExternalSecure : true
2022-03-29 11:53:19 +02:00
HTTP2HostHeader : ":authority"
HTTP1HostHeader : "host"
2022-02-14 17:22:30 +01:00
2022-04-25 10:01:17 +02:00
WebAuthNName : ZITADEL
2022-02-14 17:22:30 +01:00
Database :
Host : localhost
Port : 26257
Database : zitadel
MaxOpenConns : 20
MaxConnLifetime : 30m
MaxConnIdleTime : 30m
Options : ""
2022-02-16 13:30:49 +01:00
User :
Username : zitadel
Password : ""
SSL :
2022-03-14 07:55:09 +01:00
Mode : disable
2022-02-16 13:30:49 +01:00
RootCert : ""
Cert : ""
Key : ""
AdminUser :
Username : root
2022-03-14 07:55:09 +01:00
Password : ""
SSL :
Mode : disable
RootCert : ""
Cert : ""
Key : ""
2022-02-14 17:22:30 +01:00
Projections :
2022-03-28 10:05:09 +02:00
RequeueEvery : 10s
RetryFailedAfter : 1s
MaxFailureCount : 5
BulkLimit : 200
MaxIterators : 1
Customizations :
projects :
BulkLimit : 2000
2022-02-14 17:22:30 +01:00
AuthZ :
Repository :
Spooler :
ConcurrentWorkers : 1
BulkLimit : 10000
FailureCountUntilSkip : 5
Auth :
SearchLimit : 1000
Spooler :
ConcurrentWorkers : 1
BulkLimit : 10000
FailureCountUntilSkip : 5
Admin :
SearchLimit : 1000
Spooler :
ConcurrentWorkers : 1
BulkLimit : 10000
FailureCountUntilSkip : 5
UserAgentCookie :
Name : zitadel.useragent
MaxAge : 8760h #365*24h (1 year)
OIDC :
CodeMethodS256 : true
AuthMethodPost : true
AuthMethodPrivateKeyJWT : true
GrantTypeRefreshToken : true
RequestObjectSupported : true
SigningKeyAlgorithm : RS256
DefaultAccessTokenLifetime : 12h
DefaultIdTokenLifetime : 12h
DefaultRefreshTokenIdleExpiration : 720h #30d
DefaultRefreshTokenExpiration : 2160h #90d
Cache :
MaxAge : 12h
SharedMaxAge : 168h #7d
CustomEndpoints :
Login :
LanguageCookieName : zitadel.login.lang
2022-03-14 07:55:09 +01:00
CSRFCookieName : zitadel.login.csrf
2022-02-14 17:22:30 +01:00
Cache :
MaxAge : 12h
SharedMaxAge : 168h #7d
Console :
ShortCache :
MaxAge : 5m
SharedMaxAge : 15m
LongCache :
MaxAge : 12h
SharedMaxAge : 168h
Notification :
Repository :
Spooler :
ConcurrentWorkers : 1
BulkLimit : 10000
FailureCountUntilSkip : 5
Handlers :
2022-03-14 07:55:09 +01:00
EncryptionKeys :
DomainVerification :
EncryptionKeyID : "domainVerificationKey"
DecryptionKeyIDs :
IDPConfig :
EncryptionKeyID : "idpConfigKey"
DecryptionKeyIDs :
OIDC :
EncryptionKeyID : "oidcKey"
DecryptionKeyIDs :
OTP :
EncryptionKeyID : "otpKey"
DecryptionKeyIDs :
SMS :
EncryptionKeyID : "smsKey"
DecryptionKeyIDs :
SMTP :
EncryptionKeyID : "smtpKey"
DecryptionKeyIDs :
User :
EncryptionKeyID : "userKey"
DecryptionKeyIDs :
CSRFCookieKeyID : "csrfCookieKey"
UserAgentCookieKeyID : "userAgentCookieKey"
2022-02-14 17:22:30 +01:00
#TODO: remove as soon as possible
SystemDefaults :
SecretGenerators :
PasswordSaltCost : 14
MachineKeySize : 2048
ApplicationKeySize : 2048
Multifactors :
OTP :
2022-04-29 10:25:12 +02:00
Issuer : "ZITADEL"
2022-02-14 17:22:30 +01:00
DomainVerification :
VerificationGenerator :
Length : 32
IncludeLowerLetters : true
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
Notifications :
2022-04-29 10:25:12 +02:00
FileSystemPath : ".notifications/"
2022-02-14 17:22:30 +01:00
KeyConfig :
Size : 2048
PrivateKeyLifetime : 6h
PublicKeyLifetime : 30h
2022-03-29 11:53:19 +02:00
2022-04-21 12:37:39 +02:00
DefaultInstance :
InstanceName :
Org :
Name :
Human :
UserName : zitadel-admin
FirstName : ZITADEL
LastName : Admin
NickName :
DisplayName :
Email :
Address :
Verified : false
2022-04-28 10:30:41 +02:00
PreferredLanguage : en
2022-04-21 12:37:39 +02:00
Gender :
Phone :
Number :
Verified :
Password :
SecretGenerators :
PasswordSaltCost : 14
ClientSecret :
Length : 64
IncludeLowerLetters : true
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
InitializeUserCode :
Length : 6
2022-04-29 10:25:12 +02:00
Expiry : "72h"
2022-04-21 12:37:39 +02:00
IncludeLowerLetters : false
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
EmailVerificationCode :
Length : 6
2022-04-29 10:25:12 +02:00
Expiry : "1h"
2022-04-21 12:37:39 +02:00
IncludeLowerLetters : false
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
PhoneVerificationCode :
Length : 6
2022-04-29 10:25:12 +02:00
Expiry : "1h"
2022-04-21 12:37:39 +02:00
IncludeLowerLetters : false
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
PasswordVerificationCode :
Length : 6
2022-04-29 10:25:12 +02:00
Expiry : "1h"
2022-04-21 12:37:39 +02:00
IncludeLowerLetters : false
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
PasswordlessInitCode :
Length : 12
2022-04-29 10:25:12 +02:00
Expiry : "1h"
2022-04-21 12:37:39 +02:00
IncludeLowerLetters : true
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
DomainVerification :
Length : 32
IncludeLowerLetters : true
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
PasswordComplexityPolicy :
MinLength : 8
HasLowercase : true
HasUppercase : true
HasNumber : true
HasSymbol : true
PasswordAgePolicy :
ExpireWarnDays : 0
MaxAgeDays : 0
DomainPolicy :
UserLoginMustBeDomain : true
ValidateOrgDomains : true
LoginPolicy :
AllowUsernamePassword : true
AllowRegister : true
AllowExternalIDP : true
ForceMFA : false
HidePasswordReset : false
PasswordlessType: 1 #1: allowed 0 : not allowed
PasswordCheckLifetime : 240h #10d
ExternalLoginCheckLifetime : 240h #10d
MfaInitSkipLifetime : 720h #30d
SecondFactorCheckLifetime : 18h
MultiFactorCheckLifetime : 12h
PrivacyPolicy :
TOSLink : https://docs.zitadel.ch/docs/legal/terms-of-service
PrivacyLink : https://docs.zitadel.ch/docs/legal/privacy-policy
2022-04-29 10:25:12 +02:00
HelpLink : ""
2022-04-21 12:37:39 +02:00
LabelPolicy :
2022-04-29 10:25:12 +02:00
PrimaryColor : "#5469d4"
BackgroundColor : "#fafafa"
WarnColor : "#cd3d56"
FontColor : "#000000"
PrimaryColorDark : "#bbbafa"
BackgroundColorDark : "#111827"
WarnColorDark : "#ff3b5b"
FontColorDark : "#ffffff"
2022-04-21 12:37:39 +02:00
HideLoginNameSuffix : false
ErrorMsgPopup : false
DisableWatermark : false
LockoutPolicy :
MaxAttempts : 0
ShouldShowLockoutFailure : true
2022-05-02 16:41:57 +02:00
EmailTemplate : CjwhZG9jdHlwZSBodG1sPgo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCIgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSI+CjxoZWFkPgogIDx0aXRsZT4KCiAgPC90aXRsZT4KICA8IS0tW2lmICFtc29dPjwhLS0+CiAgPG1ldGEgaHR0cC1lcXVpdj0iWC1VQS1Db21wYXRpYmxlIiBjb250ZW50PSJJRT1lZGdlIj4KICA8IS0tPCFbZW5kaWZdLS0+CiAgPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9VVRGLTgiPgogIDxtZXRhIG5hbWU9InZpZXdwb3J0IiBjb250ZW50PSJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSI+CiAgPHN0eWxlIHR5cGU9InRleHQvY3NzIj4KICAgICNvdXRsb29rIGEgeyBwYWRkaW5nOjA7IH0KICAgIGJvZHkgeyBtYXJnaW46MDtwYWRkaW5nOjA7LXdlYmtpdC10ZXh0LXNpemUtYWRqdXN0OjEwMCU7LW1zLXRleHQtc2l6ZS1hZGp1c3Q6MTAwJTsgfQogICAgdGFibGUsIHRkIHsgYm9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21zby10YWJsZS1sc3BhY2U6MHB0O21zby10YWJsZS1yc3BhY2U6MHB0OyB9CiAgICBpbWcgeyBib3JkZXI6MDtoZWlnaHQ6YXV0bztsaW5lLWhlaWdodDoxMDAlOyBvdXRsaW5lOm5vbmU7dGV4dC1kZWNvcmF0aW9uOm5vbmU7LW1zLWludGVycG9sYXRpb24tbW9kZTpiaWN1YmljOyB9CiAgICBwIHsgZGlzcGxheTpibG9jazttYXJnaW46MTNweCAwOyB9CiAgPC9zdHlsZT4KICA8IS0tW2lmIG1zb10+CiAgPHhtbD4KICAgIDxvOk9mZmljZURvY3VtZW50U2V0dGluZ3M+CiAgICAgIDxvOkFsbG93UE5HLz4KICAgICAgPG86UGl4ZWxzUGVySW5jaD45NjwvbzpQaXhlbHNQZXJJbmNoPgogICAgPC9vOk9mZmljZURvY3VtZW50U2V0dGluZ3M+CiAgPC94bWw+CiAgPCFbZW5kaWZdLS0+CiAgPCEtLVtpZiBsdGUgbXNvIDExXT4KICA8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgogICAgLm1qLW91dGxvb2stZ3JvdXAtZml4IHsgd2lkdGg6MTAwJSAhaW1wb3J0YW50OyB9CiAgPC9zdHlsZT4KICA8IVtlbmRpZl0tLT4KCiAgPHN0eWxlIHR5cGU9InRleHQvY3NzIj4KICAgIEBtZWRpYSBvbmx5IHNjcmVlbiBhbmQgKG1pbi13aWR0aDo0ODBweCkgewogICAgICAubWotY29sdW1uLXBlci0xMDAgeyB3aWR0aDoxMDAlICFpbXBvcnRhbnQ7IG1heC13aWR0aDogMTAwJTsgfQogICAgICAubWotY29sdW1uLXBlci02MCB7IHdpZHRoOjYwJSAhaW1wb3J0YW50OyBtYXgtd2lkdGg6IDYwJTsgfQogICAgfQogIDwvc3R5bGU+CgoKICA8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoKCgogICAgQG1lZGlhIG9ubHkgc2NyZWVuIGFuZCAobWF4LXdpZHRoOjQ4MHB4KSB7CiAgICAgIHRhYmxlLm1qLWZ1bGwtd2lkdGgtbW9iaWxlIHsgd2lkdGg6IDEwMCUgIWltcG9ydGFudDsgfQogICAgICB0ZC5tai1mdWxsLXdpZHRoLW1vYmlsZSB7IHdpZHRoOiBhdXRvICFpbXBvcnRhbnQ7IH0KICAgIH0KCiAgPC9zdHlsZT4KICA8c3R5bGUgdHlwZT0idGV4dC9jc3MiPi5zaGFkb3cgYSB7CiAgICBib3gtc2hhZG93OiAwcHggM3B4IDFweCAtMnB4IHJnYmEoMCwgMCwgMCwgMC4yKSwgMHB4IDJweCAycHggMHB4IHJnYmEoMCwgMCwgMCwgMC4xNCksIDBweCAxcHggNXB4IDBweCByZ2JhKDAsIDAsIDAsIDAuMTIpOwogIH08L3N0eWxlPgoKICB7e2lmIC5Gb250VVJMfX0KICA8c3R5bGU+CiAgICBAZm9udC1mYWNlIHsKICAgICAgZm9udC1mYW1pbHk6ICd7ey5Gb250RmFjZUZhbWlseX19JzsKICAgICAgZm9udC1zdHlsZTogbm9ybWFsOwogICAgICBmb250LWRpc3BsYXk6IHN3YXA7CiAgICAgIHNyYzogdXJsKHt7LkZvbnRVUkx9fSk7CiAgICB9CiAgPC9zdHlsZT4KICB7e2VuZH19Cgo8L2hlYWQ+Cjxib2R5IHN0eWxlPSJ3b3JkLXNwYWNpbmc6bm9ybWFsOyI+CgoKPGRpdgogICAgICAgIHN0eWxlPSIiCj4KCiAgPHRhYmxlCiAgICAgICAgICBhbGlnbj0iY2VudGVyIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgcm9sZT0icHJlc2VudGF0aW9uIiBzdHlsZT0iYmFja2dyb3VuZDp7ey5CYWNrZ3JvdW5kQ29sb3J9fTtiYWNrZ3JvdW5kLWNvbG9yOnt7LkJhY2tncm91bmRDb2xvcn19O3dpZHRoOjEwMCU7Ym9yZGVyLXJhZGl1czoxNnB4OyIKICA+CiAgICA8dGJvZHk+CiAgICA8dHI+CiAgICAgIDx0ZD4KCgogICAgICAgIDwhLS1baWYgbXNvIHwgSUVdPjx0YWJsZSBhbGlnbj0iY2VudGVyIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgY2xhc3M9IiIgc3R5bGU9IndpZHRoOjgwMHB4OyIgd2lkdGg9IjgwMCIgPjx0cj48dGQgc3R5bGU9ImxpbmUtaGVpZ2h0OjBweDtmb250LXNpemU6MHB4O21zby1saW5lLWhlaWdodC1ydWxlOmV4YWN0bHk7Ij48IVtlbmRpZl0tLT4KCgogICAgICAgIDxkaXYgIHN0eWxlPSJtYXJnaW46MHB4IGF1dG87Ym9yZGVyLXJhZGl1czoxNnB4O21heC13aWR0aDo4MDBweDsiPgoKICAgICAgICAgIDx0YWJsZQogICAgICAgICAgICAgICAgICBhbGlnbj0iY2VudGVyIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgcm9sZT0icHJlc2VudGF0aW9uIiBzdHlsZT0id2lkdGg6MTAwJTtib3JkZXItcmFkaXVzOjE2cHg7IgogICAgICAgICAgPgogICAgICAgICAgICA8dGJvZHk+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQKICAgICAgICAgICAgICAgICAgICAgIHN0eWxlPSJkaXJlY3Rpb246bHRyO2ZvbnQtc2l6ZTowcHg7cGFkZGluZzoyMHB4IDA7cGFkZGluZy1sZWZ0OjA7dGV4dC1hbGlnbjpjZW50ZXI7IgogICAgICAgICAgICAgID4KICAgICAgICAgICAgICAgIDwhLS1baWYgbXNvIHwgSUVdPjx0YWJsZSByb2xlPSJwcmVzZW50YXRpb24iIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj48dHI+PHRkIGNsYXNzPSIiIHdpZHRoPSI4MDBweCIgPjwhW2VuZGlmXS0tPgoKICAgICAgICAgICAgICAgID
2022-04-21 12:37:39 +02:00
MessageTexts :
- MessageTextType : InitCode
Language : de
Title : Zitadel - User initialisieren
PreHeader : User initialisieren
Subject : User initialisieren
Greeting : Hallo {{.FirstName}} {{.LastName}},
Text : Dieser Benutzer wurde soeben im Zitadel erstellt. Mit dem Benutzernamen <br><strong>{{.PreferredLoginName}}</strong><br> kannst du dich anmelden. Nutze den untenstehenden Button, um die Initialisierung abzuschliessen <br>(Code <strong>{{.Code}}</strong>).<br> Falls du dieses Mail nicht angefordert hast, kannst du es einfach ignorieren.
ButtonText : Initialisierung abschliessen
- MessageTextType : PasswordReset
Language : de
Title : Zitadel - Passwort zurücksetzen
PreHeader : Passwort zurücksetzen
Subject : Passwort zurücksetzen
Greeting : Hallo {{.FirstName}} {{.LastName}},
Text : Wir haben eine Anfrage für das Zurücksetzen deines Passwortes bekommen. Du kannst den untenstehenden Button verwenden, um dein Passwort zurückzusetzen <br>(Code <strong>{{.Code}}</strong>).<br> Falls du dieses Mail nicht angefordert hast, kannst du es ignorieren.
ButtonText : Passwort zurücksetzen
- MessageTextType : VerifyEmail
Language : de
Title : Zitadel - Email verifizieren
PreHeader : Email verifizieren
Subject : Email verifizieren
Greeting : Hallo {{.FirstName}} {{.LastName}},
Text : Eine neue E-Mail Adresse wurde hinzugefügt. Bitte verwende den untenstehenden Button um diese zu verifizieren <br>(Code <strong>{{.Code}}</strong>).<br> Falls du deine E-Mail Adresse nicht selber hinzugefügt hast, kannst du dieses E-Mail ignorieren.
ButtonText : Email verifizieren
- MessageTextType : VerifyPhone
Language : de
Title : Zitadel - Telefonnummer verifizieren
PreHeader : Telefonnummer verifizieren
Subject : Telefonnummer verifizieren
Greeting : Hallo {{.FirstName}} {{.LastName}},
Text : Eine Telefonnummer wurde hinzugefügt. Bitte verifiziere diese in dem du folgenden Code eingibst (Code {{.Code}})
ButtonText : Telefon verifizieren
- MessageTextType : DomainClaimed
Language : de
Title : Zitadel - Domain wurde beansprucht
PreHeader : Email / Username ändern
Subject : Domain wurde beansprucht
Greeting : Hallo {{.FirstName}} {{.LastName}},
Text : Die Domain {{.Domain}} wurde von einer Organisation beansprucht. Dein derzeitiger User {{.Username}} ist nicht Teil dieser Organisation. Daher musst du beim nächsten Login eine neue Email hinterlegen. Für diesen Login haben wir dir einen temporären Usernamen ({{.TempUsername}}) erstellt.
ButtonText : Login
- MessageTextType : InitCode
Language : en
Title : Zitadel - Initialize User
PreHeader : Initialize User
Subject : Initialize User
Greeting : Hello {{.FirstName}} {{.LastName}},
Text : This user was created in Zitadel. Use the username {{.PreferredLoginName}} to login. Please click the button below to finish the initialization process. (Code {{.Code}}) If you didn't ask for this mail, please ignore it.
ButtonText : Finish initialization
- MessageTextType : PasswordReset
Language : en
Title : Zitadel - Reset password
PreHeader : Reset password
Subject : Reset password
Greeting : Hello {{.FirstName}} {{.LastName}},
Text : We received a password reset request. Please use the button below to reset your password. (Code {{.Code}}) If you didn't ask for this mail, please ignore it.
ButtonText : Reset password
- MessageTextType : VerifyEmail
Language : en
Title : Zitadel - Verify email
PreHeader : Verify email
Subject : Verify email
Greeting : Hello {{.FirstName}} {{.LastName}},
Text : A new email has been added. Please use the button below to verify your mail. (Code {{.Code}}) If you din't add a new email, please ignore this email.
ButtonText : Verify email
- MessageTextType : VerifyPhone
Language : en
Title : Zitadel - Verify phone
PreHeader : Verify phone
Subject : Verify phone
Greeting : Hello {{.FirstName}} {{.LastName}},
Text : A new phonenumber has been added. Please use the following code to verify it {{.Code}}.
ButtonText : Verify phone
- MessageTextType : DomainClaimed
Language : en
Title : Zitadel - Domain has been claimed
PreHeader : Change email / username
Subject : Domain has been claimed
Greeting : Hello {{.FirstName}} {{.LastName}},
Text : The domain {{.Domain}} has been claimed by an organisation. Your current user {{.UserName}} is not part of this organisation. Therefore you'll have to change your email when you login. We have created a temporary username ({{.TempUsername}}) for this login.
ButtonText : Login
2022-03-29 11:53:19 +02:00
InternalAuthZ :
RolePermissionMappings :
2022-04-29 10:25:12 +02:00
- Role : "IAM_OWNER"
2022-03-29 11:53:19 +02:00
Permissions :
- "iam.read"
- "iam.write"
- "iam.policy.read"
- "iam.policy.write"
- "iam.policy.delete"
- "iam.member.read"
- "iam.member.write"
- "iam.member.delete"
- "iam.idp.read"
- "iam.idp.write"
- "iam.idp.delete"
- "iam.action.read"
- "iam.action.write"
- "iam.action.delete"
- "iam.flow.read"
- "iam.flow.write"
- "iam.flow.delete"
- "org.read"
- "org.global.read"
- "org.create"
- "org.write"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- "org.idp.read"
- "org.idp.write"
- "org.idp.delete"
- "org.action.read"
- "org.action.write"
- "org.action.delete"
- "org.flow.read"
- "org.flow.write"
- "org.flow.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "user.credential.write"
- "policy.read"
- "policy.write"
- "policy.delete"
- "project.read"
- "project.create"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
2022-04-29 10:25:12 +02:00
- Role : "IAM_OWNER_VIEWER"
2022-03-29 11:53:19 +02:00
Permissions :
- "iam.read"
- "iam.policy.read"
- "iam.member.read"
- "iam.idp.read"
- "iam.action.read"
- "iam.flow.read"
- "org.read"
- "org.member.read"
- "org.idp.read"
- "org.action.read"
- "org.flow.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
2022-04-29 10:25:12 +02:00
- Role : "IAM_ORG_MANAGER"
2022-03-29 11:53:19 +02:00
Permissions :
- "org.read"
- "org.global.read"
- "org.create"
- "org.write"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- "org.idp.read"
- "org.idp.write"
- "org.idp.delete"
- "org.action.read"
- "org.action.write"
- "org.action.delete"
- "org.flow.read"
- "org.flow.write"
- "org.flow.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "user.credential.write"
- "policy.read"
- "policy.write"
- "policy.delete"
- "project.read"
- "project.create"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
2022-04-29 10:25:12 +02:00
- Role : "IAM_USER_MANAGER"
2022-03-29 11:53:19 +02:00
Permissions :
- "org.read"
- "org.global.read"
- "org.member.read"
- "org.member.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
2022-04-29 10:25:12 +02:00
- Role : "ORG_OWNER"
2022-03-29 11:53:19 +02:00
Permissions :
- "org.read"
- "org.global.read"
- "org.create"
- "org.write"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- "org.idp.read"
- "org.idp.write"
- "org.idp.delete"
- "org.action.read"
- "org.action.write"
- "org.action.delete"
- "org.flow.read"
- "org.flow.write"
- "org.flow.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "user.credential.write"
- "policy.read"
- "policy.write"
- "policy.delete"
- "project.read"
- "project.create"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
2022-04-29 10:25:12 +02:00
- Role : "ORG_USER_MANAGER"
2022-03-29 11:53:19 +02:00
Permissions :
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "project.read"
- "project.role.read"
2022-04-29 10:25:12 +02:00
- Role : "ORG_OWNER_VIEWER"
2022-03-29 11:53:19 +02:00
Permissions :
- "org.read"
- "org.member.read"
- "org.idp.read"
- "org.action.read"
- "org.flow.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- "project.grant.user.grant.read"
2022-04-29 10:25:12 +02:00
- Role : "ORG_USER_PERMISSION_EDITOR"
2022-03-29 11:53:19 +02:00
Permissions :
- "org.read"
- "org.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
2022-04-29 10:25:12 +02:00
- Role : "ORG_PROJECT_PERMISSION_EDITOR"
2022-03-29 11:53:19 +02:00
Permissions :
- "org.read"
- "org.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
2022-04-29 10:25:12 +02:00
- Role : "ORG_PROJECT_CREATOR"
2022-03-29 11:53:19 +02:00
Permissions :
- "user.global.read"
- "policy.read"
- "project.read:self"
- "project.create"
2022-04-29 10:25:12 +02:00
- Role : "PROJECT_OWNER"
2022-03-29 11:53:19 +02:00
Permissions :
- "org.global.read"
- "policy.read"
- "project.read"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
2022-04-29 10:25:12 +02:00
- Role : "PROJECT_OWNER_VIEWER"
2022-03-29 11:53:19 +02:00
Permissions :
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
2022-04-29 10:25:12 +02:00
- Role : "SELF_MANAGEMENT_GLOBAL"
2022-03-29 11:53:19 +02:00
Permissions :
- "org.create"
- "policy.read"
- "user.self.delete"
2022-04-29 10:25:12 +02:00
- Role : "PROJECT_OWNER_GLOBAL"
2022-03-29 11:53:19 +02:00
Permissions :
- "org.global.read"
- "policy.read"
- "project.read"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
2022-04-29 10:25:12 +02:00
- Role : "PROJECT_OWNER_VIEWER_GLOBAL"
2022-03-29 11:53:19 +02:00
Permissions :
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
2022-04-29 10:25:12 +02:00
- Role : "PROJECT_GRANT_OWNER"
2022-03-29 11:53:19 +02:00
Permissions :
- "policy.read"
- "org.global.read"
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
2022-04-29 10:25:12 +02:00
- Role : "PROJECT_GRANT_OWNER_VIEWER"
2022-03-29 11:53:19 +02:00
Permissions :
- "policy.read"
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"