feat(console): getuserbyid, fix password policy validation, read iam (#233)

* remove displayname, show policy desc on patternerr

* provide password complexity string, org create

* user getuserbyid in userdetail, remove displayname

* show multiple org domains

* show zitadel project warnings, read iam

* add missing ngondestroy impl

console/src/app/pages/apps/app-detail/app-detail.component.html

@@ -6,6 +6,8 @@
         <h1>{{ 'APP.PAGES.TITLE' | translate }} {{app?.name}}</h1>
 
         <p class="desc">{{ 'APP.PAGES.DESCRIPTION' | translate }}</p>
+        <p *ngIf="isZitadel" class="zitadel-warning">This belongs to Zitadel project. If you change something, Zitadel
+            may not behave as intended!</p>
     </div>
 
     <span *ngIf="errorMessage" class="err-container">{{errorMessage}}</span>
@@ -86,7 +88,7 @@
 
                 <mat-form-field class="full-width" appearance="outline">
                     <mat-label>{{ 'APP.OIDC.REDIRECT' | translate }}</mat-label>
-                    <mat-chip-list #chipRedirectList [disabled]="isZitadel">
+                    <mat-chip-list #chipRedirectList>
                         <mat-chip *ngFor="let redirect of redirectUrisList" [selectable]="selectable"
                             (removed)="remove(redirect, RedirectType.REDIRECT)">
                             {{redirect}}
@@ -100,7 +102,7 @@
 
                 <mat-form-field class="full-width" appearance="outline">
                     <mat-label>{{ 'APP.OIDC.POSTLOGOUTREDIRECT' | translate }}</mat-label>
-                    <mat-chip-list #chipPostRedirectList [disabled]="isZitadel">
+                    <mat-chip-list #chipPostRedirectList>
                         <mat-chip *ngFor="let redirect of postLogoutRedirectUrisList" [selectable]="selectable"
                             (removed)="remove(redirect, RedirectType.POSTREDIRECT)">
                             {{redirect}}

console/src/app/pages/apps/app-detail/app-detail.component.scss

@@ -21,6 +21,11 @@
         font-size: .9rem;
         color: #81868a;
     }
+
+    .zitadel-warning {
+        font-size: 14px;
+        color: rgb(201,51,71);
+    }
   }
 
   .err-container {

console/src/app/pages/apps/app-detail/app-detail.component.ts

@@ -18,6 +18,7 @@ import {
     OIDCResponseType,
 } from 'src/app/proto/generated/management_pb';
 import { GrpcService } from 'src/app/services/grpc.service';
+import { OrgService } from 'src/app/services/org.service';
 import { ProjectService } from 'src/app/services/project.service';
 import { ToastService } from 'src/app/services/toast.service';
 
@@ -84,6 +85,7 @@ export class AppDetailComponent implements OnInit, OnDestroy {
         private _location: Location,
         private dialog: MatDialog,
         private grpcService: GrpcService,
+        private orgService: OrgService,
     ) {
         this.appNameForm = this.fb.group({
             state: ['', []],
@@ -108,12 +110,8 @@ export class AppDetailComponent implements OnInit, OnDestroy {
 
     private async getData({ projectid, id }: Params): Promise<void> {
         this.projectId = projectid;
-        this.projectService.GetProjectById(this.projectId).then(project => {
-            this.isZitadel = project.toObject().name === 'Zitadel';
-            if (this.isZitadel) {
-                this.appNameForm.disable();
-                this.appForm.disable();
-            }
+        this.orgService.GetIam().then(iam => {
+            this.isZitadel = iam.toObject().iamProjectId === this.projectId;
         });
 
 
@@ -122,8 +120,7 @@ export class AppDetailComponent implements OnInit, OnDestroy {
             this.appNameForm.patchValue(this.app);
             console.log(this.grpcService.clientid, this.app.oidcConfig?.clientId);
 
-            console.log(this.isZitadel);
-            if (this.app.state !== AppState.APPSTATE_ACTIVE || this.isZitadel) {
+            if (this.app.state !== AppState.APPSTATE_ACTIVE) {
                 this.appNameForm.controls['name'].disable();
                 this.appForm.disable();
             } else {

console/src/app/pages/orgs/org-create/org-create.component.html

@@ -74,13 +74,6 @@
                             {{ 'USER.VALIDATION.REQUIRED' | translate }}
                         </mat-error>
                     </mat-form-field>
-                    <mat-form-field class="formfield">
-                        <mat-label>{{ 'USER.PROFILE.DISPLAYNAME' | translate }}</mat-label>
-                        <input matInput formControlName="displayName" />
-                        <mat-error *ngIf="displayName?.invalid && displayName?.errors?.required">
-                            {{ 'USER.VALIDATION.REQUIRED' | translate }}
-                        </mat-error>
-                    </mat-form-field>
 
                     <p class="section">{{ 'USER.CREATE.GENDERLANGSECTION' | translate }}</p>
 
@@ -115,7 +108,10 @@
                             type="password" />
                         <mat-error *ngIf="password?.errors?.required">{{ 'USER.VALIDATION.REQUIRED' | translate }}
                         </mat-error>
-                        <mat-error *ngIf="password?.errors?.pattern">{{ 'USER.VALIDATION.INVALIDPATTERN' | translate }}
+                        <mat-error *ngIf="password?.errors?.pattern">{{ policy | passwordPattern | translate }}
+                        </mat-error>
+                        <mat-error *ngIf="password?.errors?.minlength">
+                            {{ 'USER.VALIDATION.MINLENGTH' | translate:policy }}
                         </mat-error>
                     </mat-form-field>
                     <mat-form-field class="formfield">
@@ -125,6 +121,11 @@
                         <mat-error *ngIf="confirmPassword?.errors?.required">
                             {{ 'USER.VALIDATION.REQUIRED' | translate }}
                         </mat-error>
+                        <mat-error *ngIf="password?.errors?.pattern">{{ policy | passwordPattern | translate }}
+                        </mat-error>
+                        <mat-error *ngIf="password?.errors?.minlength">
+                            {{ 'USER.VALIDATION.MINLENGTH' | translate:policy }}
+                        </mat-error>
                     </mat-form-field>
 
                 </div>

console/src/app/pages/orgs/org-create/org-create.component.ts

@@ -4,7 +4,9 @@ import { Component } from '@angular/core';
 import { AbstractControl, FormBuilder, FormGroup, Validators } from '@angular/forms';
 import { Router } from '@angular/router';
 import { CreateOrgRequest, CreateUserRequest, Gender, OrgSetUpResponse } from 'src/app/proto/generated/admin_pb';
+import { PasswordComplexityPolicy } from 'src/app/proto/generated/management_pb';
 import { AdminService } from 'src/app/services/admin.service';
+import { OrgService } from 'src/app/services/org.service';
 import { ToastService } from 'src/app/services/toast.service';
 
 function passwordConfirmValidator(c: AbstractControl): any {
@@ -44,28 +46,65 @@ export class OrgCreateComponent {
 
     public genders: Gender[] = [Gender.GENDER_FEMALE, Gender.GENDER_MALE, Gender.GENDER_UNSPECIFIED];
     public languages: string[] = ['de', 'en'];
+
+    public policy!: PasswordComplexityPolicy.AsObject;
+
     constructor(
         private router: Router,
         private toast: ToastService,
         private adminService: AdminService,
         private _location: Location,
         private fb: FormBuilder,
+        private orgService: OrgService,
     ) {
+        const validators: Validators[] = [Validators.required];
+
         this.orgForm = this.fb.group({
             name: ['', [Validators.required]],
             domain: ['', [Validators.required]],
         });
+        this.orgService.GetPasswordComplexityPolicy().then(data => {
+            this.policy = data.toObject();
+            if (this.policy.minLength) {
+                validators.push(Validators.minLength(this.policy.minLength));
+            }
+            if (this.policy.hasLowercase) {
+                validators.push(Validators.pattern(/[a-z]/g));
+            }
+            if (this.policy.hasUppercase) {
+                validators.push(Validators.pattern(/[A-Z]/g));
+            }
+            if (this.policy.hasNumber) {
+                validators.push(Validators.pattern(/[0-9]/g));
+            }
+            if (this.policy.hasSymbol) {
+                // All characters that are not a digit or an English letter \W or a whitespace \S
+                validators.push(Validators.pattern(/[\W\S]/));
+            }
 
             this.userForm = this.fb.group({
                 firstName: ['', [Validators.required]],
                 lastName: ['', [Validators.required]],
-            displayName: [''],
                 email: ['', [Validators.required]],
                 gender: [''],
                 nickName: [''],
                 preferredLanguage: [''],
-            password: ['', [Validators.required]],
-            confirmPassword: ['', [Validators.required, passwordConfirmValidator]],
+                password: ['', validators],
+                confirmPassword: ['', [...validators, passwordConfirmValidator]],
+            });
+        }).catch(error => {
+            console.log('no password complexity policy defined!');
+            console.error(error);
+            this.userForm = this.fb.group({
+                firstName: ['', [Validators.required]],
+                lastName: ['', [Validators.required]],
+                email: ['', [Validators.required]],
+                gender: [''],
+                nickName: [''],
+                preferredLanguage: [''],
+                password: ['', validators],
+                confirmPassword: ['', [...validators, passwordConfirmValidator]],
+            });
         });
     }
 
@@ -82,7 +121,6 @@ export class OrgCreateComponent {
         registerUserRequest.setFirstName(this.firstName?.value);
         registerUserRequest.setLastName(this.lastName?.value);
         registerUserRequest.setNickName(this.nickName?.value);
-        registerUserRequest.setDisplayName(this.displayName?.value);
         registerUserRequest.setGender(this.gender?.value);
         registerUserRequest.setPassword(this.password?.value);
         registerUserRequest.setPreferredLanguage(this.preferredLanguage?.value);
@@ -122,10 +160,6 @@ export class OrgCreateComponent {
         return this.userForm.get('lastName');
     }
 
-    public get displayName(): AbstractControl | null {
-        return this.userForm.get('displayName');
-    }
-
     public get email(): AbstractControl | null {
         return this.userForm.get('email');
     }

console/src/app/pages/orgs/org-create/org-create.module.ts

@@ -9,6 +9,7 @@ import { MatInputModule } from '@angular/material/input';
 import { MatSelectModule } from '@angular/material/select';
 import { TranslateLoader, TranslateModule } from '@ngx-translate/core';
 import { HttpLoaderFactory } from 'src/app/app.module';
+import { PipesModule } from 'src/app/pipes/pipes.module';
 
 import { OrgCreateRoutingModule } from './org-create-routing.module';
 import { OrgCreateComponent } from './org-create.component';
@@ -25,6 +26,7 @@ import { OrgCreateComponent } from './org-create.component';
         MatButtonModule,
         MatIconModule,
         MatSelectModule,
+        PipesModule,
         TranslateModule.forChild({
             loader: {
                 provide: TranslateLoader,

console/src/app/pages/orgs/org-detail/org-detail.component.html

@@ -11,8 +11,8 @@
     <metainfo class="side">
         <div class="details">
             <div class="row">
-                <span class="first">Domain:</span>
-                <span class="second" *ngIf="org?.domain">{{org.domain}}</span>
+                <span class="first">Domains:</span>
+                <span *ngFor="let domain of domains" class="second">{{domain.domain}}</span>
             </div>
             <div class="row">
                 <span class="first">State:</span>

console/src/app/pages/orgs/org-detail/org-detail.component.ts

@@ -6,7 +6,7 @@ import { ActivatedRoute, Params } from '@angular/router';
 import { TranslateService } from '@ngx-translate/core';
 import { Subscription } from 'rxjs';
 import { ChangeType } from 'src/app/modules/changes/changes.component';
-import { Org, OrgMember, OrgMemberSearchResponse, OrgState } from 'src/app/proto/generated/management_pb';
+import { Org, OrgDomainView, OrgMember, OrgMemberSearchResponse, OrgState } from 'src/app/proto/generated/management_pb';
 import { OrgService } from 'src/app/services/org.service';
 import { ToastService } from 'src/app/services/toast.service';
 
@@ -29,6 +29,8 @@ export class OrgDetailComponent implements OnInit, OnDestroy {
 
     private subscription: Subscription = new Subscription();
 
+    public domains: OrgDomainView.AsObject[] = [];
+
     constructor(
         public translate: TranslateService,
         private route: ActivatedRoute,
@@ -52,6 +54,11 @@ export class OrgDetailComponent implements OnInit, OnDestroy {
         }).catch(error => {
             this.toast.showError(error.message);
         });
+
+        this.orgService.SearchMyOrgDomains(0, 100).then(result => {
+            console.log(result.toObject().resultList);
+            this.domains = result.toObject().resultList;
+        });
     }
 
     public changeState(event: MatButtonToggleChange | any): void {

console/src/app/pages/projects/granted-project-detail/granted-project-detail.component.html

@@ -8,13 +8,15 @@
 
             <div class="full-width">
                 <p class="desc">{{ 'PROJECT.PAGES.DESCRIPTION' | translate }}</p>
+                <p *ngIf="isZitadel" class="zitadel-warning">This belongs to Zitadel project. If you change something,
+                    Zitadel
+                    may not behave as intended!</p>
             </div>
         </div>
 
         <app-card>
             <app-project-grant-members *ngIf="project && project.projectId && project.id"
-                [disabled]="project?.state !== ProjectState.PROJECTSTATE_ACTIVE || (isZitadel$ | async)"
-                [project]="project">
+                [disabled]="project?.state !== ProjectState.PROJECTSTATE_ACTIVE || isZitadel" [project]="project">
             </app-project-grant-members>
         </app-card>
     </div>

console/src/app/pages/projects/granted-project-detail/granted-project-detail.component.scss

@@ -33,6 +33,11 @@
             font-size: .9rem;
             color: #81868a;
         }
+
+        .zitadel-warning {
+            font-size: 14px;
+            color: rgb(201,51,71);
+        }
     }
 }
 

console/src/app/pages/projects/granted-project-detail/granted-project-detail.component.ts

@@ -4,7 +4,7 @@ import { Component, OnDestroy, OnInit } from '@angular/core';
 import { MatTableDataSource } from '@angular/material/table';
 import { ActivatedRoute, Params } from '@angular/router';
 import { TranslateService } from '@ngx-translate/core';
-import { from, Observable, of, Subscription } from 'rxjs';
+import { Subscription } from 'rxjs';
 import { ChangeType } from 'src/app/modules/changes/changes.component';
 import {
     Application,
@@ -17,7 +17,7 @@ import {
     ProjectState,
     ProjectType,
 } from 'src/app/proto/generated/management_pb';
-import { GrpcService } from 'src/app/services/grpc.service';
+import { OrgService } from 'src/app/services/org.service';
 import { ProjectService } from 'src/app/services/project.service';
 import { ToastService } from 'src/app/services/toast.service';
 
@@ -55,8 +55,7 @@ export class GrantedProjectDetailComponent implements OnInit, OnDestroy {
     private subscription?: Subscription;
     public editstate: boolean = false;
 
-    public isZitadel$: Observable<boolean> = of(false);
-    private zitadelsub: Subscription = new Subscription();
+    public isZitadel: boolean = false;
 
     constructor(
         public translate: TranslateService,
@@ -64,7 +63,7 @@ export class GrantedProjectDetailComponent implements OnInit, OnDestroy {
         private toast: ToastService,
         private projectService: ProjectService,
         private _location: Location,
-        private grpcService: GrpcService,
+        private orgService: OrgService,
     ) {
     }
 
@@ -74,28 +73,24 @@ export class GrantedProjectDetailComponent implements OnInit, OnDestroy {
 
     public ngOnDestroy(): void {
         this.subscription?.unsubscribe();
-        this.zitadelsub.unsubscribe();
     }
 
     private async getData({ id, grantId }: Params): Promise<void> {
         this.projectId = id;
         this.grantId = grantId;
 
+        this.orgService.GetIam().then(iam => {
+            this.isZitadel = iam.toObject().iamProjectId === this.projectId;
+        });
+
         if (this.projectId && this.grantId) {
             this.projectService.GetGrantedProjectByID(this.projectId, this.grantId).then(proj => {
                 this.project = proj.toObject();
                 console.log(this.project);
-                this.isZitadel$ = from(this.projectService.SearchApplications(this.project.id, 100, 0).then(appsResp => {
-                    const ret = appsResp.toObject().resultList
-                        .filter(app => app.oidcConfig?.clientId === this.grpcService.clientid).length > 0;
-                    return ret;
-                }));
             }).catch(error => {
                 this.toast.showError(error.message);
             });
         }
-
-        this.zitadelsub = this.isZitadel$.subscribe(isZita => console.log(`zitade: ${isZita}`));
     }
 
     public navigateBack(): void {

console/src/app/pages/projects/owned-project-detail/owned-project-detail.component.html

@@ -7,7 +7,7 @@
             <h1>{{ 'PROJECT.PAGES.TITLE' | translate }} {{project?.name}}</h1>
             <ng-template appHasRole [appHasRole]="['project.write:'+projectId, 'project.write']">
                 <button mat-icon-button (click)="editstate = !editstate" aria-label="Edit project name"
-                    *ngIf="(isZitadel$ | async) === false">
+                    *ngIf="isZitadel === false">
                     <mat-icon *ngIf="!editstate">edit</mat-icon>
                     <mat-icon *ngIf="editstate">close</mat-icon>
                 </button>
@@ -23,14 +23,17 @@
                     <button class="icon-button" *ngIf="editstate" mat-icon-button (click)="updateName()">
                         <mat-icon>check</mat-icon>
                     </button>
-                    <button mat-stroked-button color="accent" [disabled]="(isZitadel$ | async)"
+                    <button mat-stroked-button color="accent" [disabled]="isZitadel"
                         *ngIf="project?.state === ProjectState.PROJECTSTATE_ACTIVE" class="second"
                         (click)="changeState(ProjectState.PROJECTSTATE_INACTIVE)">{{'PROJECT.TABLE.DEACTIVATE' | translate}}</button>
-                    <button mat-stroked-button color="accent" [disabled]="(isZitadel$ | async)"
+                    <button mat-stroked-button color="accent" [disabled]="isZitadel"
                         *ngIf="project?.state === ProjectState.PROJECTSTATE_INACTIVE" class="second"
                         (click)="changeState(ProjectState.PROJECTSTATE_ACTIVE)">{{'PROJECT.TABLE.ACTIVATE' | translate}}</button>
                 </ng-container>
                 <p class="desc">{{ 'PROJECT.PAGES.DESCRIPTION' | translate }}</p>
+                <p *ngIf="isZitadel" class="zitadel-warning">This belongs to Zitadel project. If you change something,
+                    Zitadel
+                    may not behave as intended!</p>
             </div>
         </div>
 
@@ -38,7 +41,7 @@
         <ng-container *ngIf="project">
             <ng-template appHasRole [appHasRole]="['project.app.read:' + project.id, 'project.app.read']">
                 <app-project-application-grid *ngIf="grid"
-                    [disabled]="project?.state !== ProjectState.PROJECTSTATE_ACTIVE || (isZitadel$ | async)"
+                    [disabled]="project?.state !== ProjectState.PROJECTSTATE_ACTIVE || isZitadel"
                     (changeView)="grid = false" [projectId]="projectId"></app-project-application-grid>
                 <app-card *ngIf="!grid" title="{{ 'PROJECT.APP.TITLE' | translate }}">
                     <card-actions class="card-actions">
@@ -47,12 +50,12 @@
                         </button>
                     </card-actions>
                     <app-project-applications
-                        [disabled]="project?.state !== ProjectState.PROJECTSTATE_ACTIVE || (isZitadel$ | async)"
+                        [disabled]="project?.state !== ProjectState.PROJECTSTATE_ACTIVE || isZitadel"
                         [projectId]="projectId"></app-project-applications>
                 </app-card>
             </ng-template>
 
-            <ng-container *ngIf="(isZitadel$ | async) == false">
+            <ng-container *ngIf="isZitadel == false">
                 <ng-template appHasRole [appHasRole]="['project.grant.read:' + project.id, 'project.grant.read']">
                     <app-card title="{{ 'PROJECT.GRANT.TITLE' | translate }}"
                         description="{{ 'PROJECT.GRANT.DESCRIPTION' | translate }}">

console/src/app/pages/projects/owned-project-detail/owned-project-detail.component.scss

@@ -33,6 +33,11 @@
             font-size: .9rem;
             color: #81868a;
         }
+
+        .zitadel-warning {
+            font-size: 14px;
+            color: rgb(201,51,71);
+        }
     }
 }
 

console/src/app/pages/projects/owned-project-detail/owned-project-detail.component.ts

@@ -4,7 +4,7 @@ import { Component, OnDestroy, OnInit } from '@angular/core';
 import { MatTableDataSource } from '@angular/material/table';
 import { ActivatedRoute, Params } from '@angular/router';
 import { TranslateService } from '@ngx-translate/core';
-import { from, Observable, of, Subscription } from 'rxjs';
+import { Subscription } from 'rxjs';
 import { ChangeType } from 'src/app/modules/changes/changes.component';
 import {
     Application,
@@ -17,7 +17,7 @@ import {
     ProjectState,
     ProjectType,
 } from 'src/app/proto/generated/management_pb';
-import { GrpcService } from 'src/app/services/grpc.service';
+import { OrgService } from 'src/app/services/org.service';
 import { ProjectService } from 'src/app/services/project.service';
 import { ToastService } from 'src/app/services/toast.service';
 
@@ -55,8 +55,7 @@ export class OwnedProjectDetailComponent implements OnInit, OnDestroy {
     private subscription?: Subscription;
     public editstate: boolean = false;
 
-    public isZitadel$: Observable<boolean> = of(false);
-    private zitadelsub: Subscription = new Subscription();
+    public isZitadel: boolean = false;
 
     constructor(
         public translate: TranslateService,
@@ -64,7 +63,7 @@ export class OwnedProjectDetailComponent implements OnInit, OnDestroy {
         private toast: ToastService,
         private projectService: ProjectService,
         private _location: Location,
-        private grpcService: GrpcService,
+        private orgService: OrgService,
     ) {
     }
 
@@ -74,27 +73,23 @@ export class OwnedProjectDetailComponent implements OnInit, OnDestroy {
 
     public ngOnDestroy(): void {
         this.subscription?.unsubscribe();
-        this.zitadelsub.unsubscribe();
     }
 
     private async getData({ id }: Params): Promise<void> {
         this.projectId = id;
 
+        this.orgService.GetIam().then(iam => {
+            this.isZitadel = iam.toObject().iamProjectId === this.projectId;
+        });
+
         if (this.projectId) {
             this.projectService.GetProjectById(id).then(proj => {
                 this.project = proj.toObject();
                 console.log(this.project);
-                this.isZitadel$ = from(this.projectService.SearchApplications(this.project.id, 100, 0).then(appsResp => {
-                    const ret = appsResp.toObject().resultList
-                        .filter(app => app.oidcConfig?.clientId === this.grpcService.clientid).length > 0;
-                    return ret;
-                }));
             }).catch(error => {
                 this.toast.showError(error.message);
             });
         }
-
-        this.zitadelsub = this.isZitadel$.subscribe(isZita => console.log(`zitade: ${isZita}`));
     }
 
     public changeState(newState: ProjectState): void {

console/src/app/pages/user-create/user-create.component.html

@@ -52,13 +52,6 @@
                             {{ 'USER.VALIDATION.REQUIRED' | translate }}
                         </mat-error>
                     </mat-form-field>
-                    <mat-form-field class="formfield">
-                        <mat-label>{{ 'USER.PROFILE.DISPLAYNAME' | translate }}</mat-label>
-                        <input matInput formControlName="displayName" />
-                        <mat-error *ngIf="displayName?.invalid && displayName?.errors?.required">
-                            {{ 'USER.VALIDATION.REQUIRED' | translate }}
-                        </mat-error>
-                    </mat-form-field>
 
                     <p class="section">{{ 'USER.CREATE.GENDERLANGSECTION' | translate }}</p>
 

console/src/app/pages/user-create/user-create.component.ts

@@ -28,7 +28,6 @@ export class UserCreateComponent implements OnDestroy {
             firstName: ['', Validators.required],
             lastName: ['', Validators.required],
             nickName: [''],
-            displayName: [{ value: '', disabled: false }],
             gender: [Gender.GENDER_UNSPECIFIED],
             preferredLanguage: [''],
             phone: [''],
@@ -75,9 +74,6 @@ export class UserCreateComponent implements OnDestroy {
     public get nickName(): AbstractControl | null {
         return this.userForm.get('nickName');
     }
-    public get displayName(): AbstractControl | null {
-        return this.userForm.get('displayName');
-    }
     public get gender(): AbstractControl | null {
         return this.userForm.get('gender');
     }

console/src/app/pages/user-detail/auth-user-detail/auth-user-detail.component.html

@@ -36,10 +36,10 @@
                         formControlName="newPassword" />
                     <mat-error *ngIf="newPassword?.errors?.required">{{ 'USER.VALIDATION.REQUIRED' | translate }}
                     </mat-error>
-                    <mat-error *ngIf="newPassword?.errors?.pattern">{{ 'USER.VALIDATION.INVALIDPATTERN' | translate }}
+                    <mat-error *ngIf="newPassword?.errors?.pattern">{{ policy | passwordPattern | translate }}
                     </mat-error>
                     <mat-error *ngIf="newPassword?.errors?.minlength">
-                        {{ 'USER.PASSWORD.MINLENGTHERROR' | translate: minLengthPassword }}
+                        {{ 'USER.VALIDATION.MINLENGTH' | translate:policy }}
                     </mat-error>
                 </mat-form-field>
                 <mat-form-field class="formfield">
@@ -49,10 +49,10 @@
                     <mat-error *ngIf="confirmPassword?.errors?.required">{{ 'USER.VALIDATION.REQUIRED' | translate }}
                     </mat-error>
                     <mat-error *ngIf="confirmPassword?.errors?.pattern">
-                        {{ 'USER.VALIDATION.INVALIDPATTERN' | translate }}
+                        {{ policy | passwordPattern | translate }}
                     </mat-error>
                     <mat-error *ngIf="confirmPassword?.errors?.minlength">
-                        {{ 'USER.PASSWORD.MINLENGTHERROR' | translate: minLengthPassword }}
+                        {{ 'USER.VALIDATION.MINLENGTH' | translate:policy }}
                     </mat-error>
                     <mat-error *ngIf="confirmPassword?.errors?.notequal">{{ 'USER.PASSWORD.NOTEQUAL' | translate }}
                     </mat-error>

console/src/app/pages/user-detail/auth-user-detail/auth-user-detail.component.ts

@@ -3,9 +3,10 @@ import { AbstractControl, FormBuilder, FormGroup, Validators } from '@angular/fo
 import { MatDialog } from '@angular/material/dialog';
 import { TranslateService } from '@ngx-translate/core';
 import { Subscription } from 'rxjs';
-import { Gender, UserAddress, UserEmail, UserPhone, UserProfile } from 'src/app/proto/generated/auth_pb';
+import { Gender, User, UserAddress, UserEmail, UserPhone, UserProfile } from 'src/app/proto/generated/auth_pb';
 import { PasswordComplexityPolicy } from 'src/app/proto/generated/management_pb';
 import { AuthUserService } from 'src/app/services/auth-user.service';
+import { MgmtUserService } from 'src/app/services/mgmt-user.service';
 import { OrgService } from 'src/app/services/org.service';
 import { ToastService } from 'src/app/services/toast.service';
 
@@ -32,6 +33,8 @@ function passwordConfirmValidator(c: AbstractControl): any {
     styleUrls: ['./auth-user-detail.component.scss'],
 })
 export class AuthUserDetailComponent implements OnDestroy {
+    public user!: User.AsObject;
+
     public profile!: UserProfile.AsObject;
     public email: UserEmail.AsObject = { email: '' } as any;
     public phone: UserPhone.AsObject = { phone: '' } as any;
@@ -48,13 +51,12 @@ export class AuthUserDetailComponent implements OnDestroy {
 
     public loading: boolean = false;
 
-    public minLengthPassword: any = {
-        value: 0,
-    };
+    public policy!: PasswordComplexityPolicy.AsObject;
 
     constructor(
         public translate: TranslateService,
         private toast: ToastService,
+        private mgmtUserService: MgmtUserService,
         private userService: AuthUserService,
         private fb: FormBuilder,
         private dialog: MatDialog,
@@ -62,21 +64,20 @@ export class AuthUserDetailComponent implements OnDestroy {
     ) {
         const validators: Validators[] = [Validators.required];
         this.orgService.GetPasswordComplexityPolicy().then(data => {
-            const policy: PasswordComplexityPolicy.AsObject = data.toObject();
-            this.minLengthPassword.value = data.toObject().minLength;
-            if (policy.minLength) {
-                validators.push(Validators.minLength(policy.minLength));
+            this.policy = data.toObject();
+            if (this.policy.minLength) {
+                validators.push(Validators.minLength(this.policy.minLength));
             }
-            if (policy.hasLowercase) {
+            if (this.policy.hasLowercase) {
                 validators.push(Validators.pattern(/[a-z]/g));
             }
-            if (policy.hasUppercase) {
+            if (this.policy.hasUppercase) {
                 validators.push(Validators.pattern(/[A-Z]/g));
             }
-            if (policy.hasNumber) {
+            if (this.policy.hasNumber) {
                 validators.push(Validators.pattern(/[0-9]/g));
             }
-            if (policy.hasSymbol) {
+            if (this.policy.hasSymbol) {
                 // All characters that are not a digit or an English letter \W or a whitespace \S
                 validators.push(Validators.pattern(/[\W\S]/));
             }
@@ -266,6 +267,12 @@ export class AuthUserDetailComponent implements OnDestroy {
     }
 
     private async getData(): Promise<void> {
+        // this.mgmtUserService.GetUserByID(id).then(user => {
+        //     console.log(user.toObject());
+        //     this.user = user.toObject();
+        // }).catch(err => {
+        //     console.error(err);
+        // });
         this.profile = (await this.userService.GetMyUserProfile()).toObject();
         this.email = (await this.userService.GetMyUserEmail()).toObject();
         this.phone = (await this.userService.GetMyUserPhone()).toObject();

console/src/app/pages/user-detail/detail-form/detail-form.component.html

@@ -16,10 +16,6 @@
             <mat-label>{{ 'USER.PROFILE.NICKNAME' | translate }}</mat-label>
             <input matInput formControlName="nickName" />
         </mat-form-field>
-        <mat-form-field class="formfield">
-            <mat-label>{{ 'USER.PROFILE.DISPLAYNAME' | translate }}</mat-label>
-            <input matInput formControlName="displayName" />
-        </mat-form-field>
         <mat-form-field class="formfield">
             <mat-label>{{ 'USER.PROFILE.GENDER' | translate }}</mat-label>
             <mat-select formControlName="gender">

console/src/app/pages/user-detail/detail-form/detail-form.component.ts

@@ -27,7 +27,6 @@ export class DetailFormComponent implements OnInit, OnDestroy {
             firstName: [{ value: '', disabled: this.disabled }, Validators.required],
             lastName: [{ value: '', disabled: this.disabled }, Validators.required],
             nickName: [{ value: '', disabled: this.disabled }],
-            displayName: [{ value: '', disabled: this.disabled }],
             gender: [{ value: 0 }, { disabled: this.disabled }],
             preferredLanguage: [{ value: '', disabled: this.disabled }],
         });
@@ -62,9 +61,6 @@ export class DetailFormComponent implements OnInit, OnDestroy {
     public get nickName(): AbstractControl | null {
         return this.profileForm.get('nickName');
     }
-    public get displayName(): AbstractControl | null {
-        return this.profileForm.get('displayName');
-    }
     public get gender(): AbstractControl | null {
         return this.profileForm.get('gender');
     }

console/src/app/pages/user-detail/user-detail.module.ts

@@ -16,6 +16,7 @@ import { HasRoleModule } from 'src/app/directives/has-role/has-role.module';
 import { CardModule } from 'src/app/modules/card/card.module';
 import { ChangesModule } from 'src/app/modules/changes/changes.module';
 import { MetaLayoutModule } from 'src/app/modules/meta-layout/meta-layout.module';
+import { PipesModule } from 'src/app/pipes/pipes.module';
 
 import { AuthUserDetailComponent } from './auth-user-detail/auth-user-detail.component';
 import { AuthUserMfaComponent } from './auth-user-mfa/auth-user-mfa.component';
@@ -47,6 +48,7 @@ import { UserMfaComponent } from './user-mfa/user-mfa.component';
         MatDialogModule,
         QRCodeModule,
         MetaLayoutModule,
+        PipesModule,
         MatFormFieldModule,
         UserGrantsModule,
         CodeDialogModule,

console/src/app/pages/user-detail/user-detail/user-detail.component.html

@@ -1,23 +1,23 @@
 <app-meta-layout>
 
-    <div *ngIf="profile" class="max-width-container">
+    <div *ngIf="user" class="max-width-container">
         <div class="head">
             <a (click)="navigateBack()" mat-icon-button>
                 <mat-icon class="icon">arrow_back</mat-icon>
             </a>
-            <h1>{{ 'USER.PROFILE.TITLE' | translate }} {{profile?.firstName}}</h1>
+            <h1>{{ 'USER.PROFILE.TITLE' | translate }} {{user?.firstName}}</h1>
 
             <p class="desc">{{ 'USER.PROFILE.DESCRIPTION' | translate }}</p>
         </div>
 
         <mat-progress-bar *ngIf="loading" color="accent" mode="indeterminate"></mat-progress-bar>
 
-        <ng-template appHasRole [appHasRole]="['user.read', 'user.read:'+profile?.id]">
+        <ng-template appHasRole [appHasRole]="['user.read', 'user.read:'+user?.id]">
             <app-card title="{{ 'USER.PROFILE.TITLE' | translate }}"
                 description="{{'USER.PROFILE.DESCRIPTION' | translate}}">
                 <app-detail-form
-                    *ngIf="((authUserService.isAllowed(['user.write:' + profile?.id, 'user.write']) | async) || false) as canwrite"
-                    [disabled]="canwrite" [genders]="genders" [languages]="languages" [profile]="profile"
+                    *ngIf="((authUserService.isAllowed(['user.write:' + user?.id, 'user.write']) | async) || false) as canwrite"
+                    [disabled]="canwrite" [genders]="genders" [languages]="languages" [profile]="user"
                     (submitData)="saveProfile($event)">
                 </app-detail-form>
             </app-card>
@@ -26,11 +26,12 @@
         <app-card title="{{'USER.PASSWORD.TITLE' | translate}}"
             description="{{'USER.PASSWORD.DESCRIPTION' | translate}}">
             <card-actions class="card-actions">
-                <button mat-stroked-button color="primary"
+                <button *ngIf="user.state === UserState.USERSTATE_INITIAL" mat-stroked-button color="primary"
                     (click)="sendSetPasswordNotification()">{{ 'USER.PASSWORD.RESENDNOTIFICATION' | translate }}</button>
             </card-actions>
             <form *ngIf="passwordForm" autocomplete="new-password" [formGroup]="passwordForm"
                 (ngSubmit)="setInitialPassword()">
+                <!-- {{USERSTATE_INITIAL}} -->
                 <div class="content center">
                     <mat-form-field class="formfield">
                         <mat-label>{{ 'USER.PASSWORD.NEW' | translate }}</mat-label>
@@ -38,9 +39,9 @@
                         <mat-error *ngIf="password?.errors?.required">{{ 'USER.VALIDATION.REQUIRED' | translate }}
                         </mat-error>
                         <mat-error *ngIf="password?.errors?.minlength">
-                            {{ 'USER.PASSWORD.MINLENGTHERROR' | translate: minLengthPassword }}
+                            {{ 'USER.VALIDATION.MINLENGTH' | translate: policy }}
                         </mat-error>
-                        <mat-error *ngIf="password?.errors?.pattern">{{ 'USER.VALIDATION.INVALIDPATTERN' | translate }}
+                        <mat-error *ngIf="password?.errors?.pattern">{{ policy | passwordPattern | translate }}
                         </mat-error>
                     </mat-form-field>
                     <mat-form-field class="formfield">
@@ -51,7 +52,9 @@
                             {{ 'USER.VALIDATION.REQUIRED' | translate }}
                         </mat-error>
                         <mat-error *ngIf="confirmPassword?.errors?.minlength">
-                            {{ 'USER.PASSWORD.MINLENGTHERROR' | translate: minLengthPassword }}
+                            {{ 'USER.VALIDATION.MINLENGTH' | translate: policy }}
+                        </mat-error>
+                        <mat-error *ngIf="confirmPassword?.errors?.pattern">{{ policy | passwordPattern | translate }}
                         </mat-error>
                         <mat-error *ngIf="confirmPassword?.errors?.notequal">{{ 'USER.PASSWORD.NOTEQUAL' | translate }}
                         </mat-error>
@@ -72,11 +75,11 @@
 
                     <ng-container *ngIf="!emailEditState; else emailEdit">
                         <div class="actions">
-                            <span class="name">{{email?.email}}</span>
-                            <mat-icon *ngIf="email?.isEmailVerified" color="primary" aria-hidden="false"
+                            <span class="name">{{user?.email}}</span>
+                            <mat-icon *ngIf="user?.isEmailVerified" color="primary" aria-hidden="false"
                                 aria-label="verified icon">
                                 check_circle_outline</mat-icon>
-                            <ng-container *ngIf="email?.email && !email?.isEmailVerified">
+                            <ng-container *ngIf="user?.email && !user?.isEmailVerified">
                                 <mat-icon color="warn" aria-hidden="false" aria-label="not verified icon">highlight_off
                                 </mat-icon>
                                 <a class="verify" matTooltip="{{'USER.LOGINMETHODS.EMAIL.RESEND' | translate}}"
@@ -93,12 +96,12 @@
                     <ng-template #emailEdit>
                         <mat-form-field class="name">
                             <mat-label>{{ 'USER.EMAIL' | translate }}</mat-label>
-                            <input matInput [(ngModel)]="email.email" />
+                            <input matInput [(ngModel)]="user.email" />
                         </mat-form-field>
                         <button (click)="emailEditState = false" mat-icon-button>
                             <mat-icon>close</mat-icon>
                         </button>
-                        <button [disabled]="!email.email" class="submit-button" type="button" color="primary"
+                        <button [disabled]="!user.email" class="submit-button" type="button" color="primary"
                             (click)="saveEmail()" mat-raised-button>{{ 'ACTIONS.SAVE' | translate }}</button>
                     </ng-template>
                 </div>
@@ -108,11 +111,11 @@
 
                     <ng-container *ngIf="!phoneEditState; else phoneEdit">
                         <div class="actions">
-                            <span class="name">{{phone?.phone}}</span>
-                            <mat-icon *ngIf="phone?.isPhoneVerified" color="primary" aria-hidden="false"
+                            <span class="name">{{user?.phone}}</span>
+                            <mat-icon *ngIf="user?.isPhoneVerified" color="primary" aria-hidden="false"
                                 aria-label="verified icon">
                                 check_circle_outline</mat-icon>
-                            <ng-container *ngIf="phone?.phone && !phone?.isPhoneVerified">
+                            <ng-container *ngIf="user?.phone && !user?.isPhoneVerified">
                                 <mat-icon color="warn" aria-hidden="false" aria-label="not verified icon">highlight_off
                                 </mat-icon>
 
@@ -125,7 +128,7 @@
                             <button (click)="phoneEditState = true" mat-icon-button>
                                 <mat-icon>edit</mat-icon>
                             </button>
-                            <button *ngIf="phone?.phone" (click)="deletePhone()" mat-icon-button>
+                            <button *ngIf="user?.phone" (click)="deletePhone()" mat-icon-button>
                                 <mat-icon>delete_outline</mat-icon>
                             </button>
                         </div>
@@ -134,19 +137,19 @@
                     <ng-template #phoneEdit>
                         <mat-form-field class="name">
                             <mat-label>{{ 'USER.PHONE' | translate }}</mat-label>
-                            <input matInput [(ngModel)]="phone.phone" />
+                            <input matInput [(ngModel)]="user.phone" />
                         </mat-form-field>
                         <button (click)="phoneEditState = false" mat-icon-button>
                             <mat-icon>close</mat-icon>
                         </button>
-                        <button [disabled]="!phone.phone" type="button" color="primary" (click)="savePhone()"
+                        <button [disabled]="!user.phone" type="button" color="primary" (click)="savePhone()"
                             mat-raised-button>{{ 'ACTIONS.SAVE' | translate }}</button>
                     </ng-template>
                 </div>
             </div>
         </app-card>
 
-        <app-auth-user-mfa *ngIf="profile" [profile]="profile"></app-auth-user-mfa>
+        <app-auth-user-mfa *ngIf="user" [profile]="user"></app-auth-user-mfa>
 
         <app-card title="{{ 'USER.ADDRESS.TITLE' | translate }}">
             <form [formGroup]="addressForm" (ngSubmit)="saveAddress()">
@@ -178,14 +181,14 @@
             </form>
         </app-card>
 
-        <app-card *ngIf="profile?.id" title="{{ 'USER.GRANTS.TITLE' | translate }}"
+        <app-card *ngIf="user?.id" title="{{ 'USER.GRANTS.TITLE' | translate }}"
             description="{{'USER.GRANTS.DESCRIPTION' | translate }}">
-            <app-user-grants [userId]="profile?.id"></app-user-grants>
+            <app-user-grants [userId]="user?.id"></app-user-grants>
         </app-card>
     </div>
 
-    <metainfo *ngIf="profile" class="side">
+    <metainfo *ngIf="user" class="side">
         <p class="side-section">{{ 'CHANGES.USER.TITLE' | translate }}</p>
-        <app-changes [changeType]="ChangeType.USER" [id]="profile.id"></app-changes>
+        <app-changes [changeType]="ChangeType.USER" [id]="user.id"></app-changes>
     </metainfo>
 </app-meta-layout>

console/src/app/pages/user-detail/user-detail/user-detail.component.ts

@@ -10,10 +10,12 @@ import {
     Gender,
     NotificationType,
     PasswordComplexityPolicy,
+    User,
     UserAddress,
     UserEmail,
     UserPhone,
     UserProfile,
+    UserState,
 } from 'src/app/proto/generated/management_pb';
 import { AuthUserService } from 'src/app/services/auth-user.service';
 import { MgmtUserService } from 'src/app/services/mgmt-user.service';
@@ -43,9 +45,9 @@ function passwordConfirmValidator(c: AbstractControl): any {
     styleUrls: ['./user-detail.component.scss'],
 })
 export class UserDetailComponent implements OnInit, OnDestroy {
-    public profile!: UserProfile.AsObject;
-    public email: UserEmail.AsObject = { email: '' } as any;
-    public phone: UserPhone.AsObject = { phone: '' } as any;
+    public user!: User.AsObject;
+    // public email: UserEmail.AsObject = { email: '' } as any;
+    // public phone: UserPhone.AsObject = { phone: '' } as any;
     public address: UserAddress.AsObject = { id: '' } as any;
     public genders: Gender[] = [Gender.GENDER_MALE, Gender.GENDER_FEMALE, Gender.GENDER_DIVERSE];
     public languages: string[] = ['de', 'en'];
@@ -61,10 +63,8 @@ export class UserDetailComponent implements OnInit, OnDestroy {
     public ChangeType: any = ChangeType;
     public loading: boolean = false;
 
-
-    public minLengthPassword: any = {
-        value: 0,
-    };
+    public UserState: any = UserState;
+    public policy!: PasswordComplexityPolicy.AsObject;
     constructor(
         public translate: TranslateService,
         private route: ActivatedRoute,
@@ -77,22 +77,22 @@ export class UserDetailComponent implements OnInit, OnDestroy {
         public authUserService: AuthUserService,
     ) {
         const validators: Validators[] = [Validators.required];
+
         this.orgService.GetPasswordComplexityPolicy().then(data => {
-            const policy: PasswordComplexityPolicy.AsObject = data.toObject();
-            this.minLengthPassword.value = data.toObject().minLength;
-            if (policy.minLength) {
-                validators.push(Validators.minLength(policy.minLength));
+            this.policy = data.toObject();
+            if (this.policy.minLength) {
+                validators.push(Validators.minLength(this.policy.minLength));
             }
-            if (policy.hasLowercase) {
+            if (this.policy.hasLowercase) {
                 validators.push(Validators.pattern(/[a-z]/g));
             }
-            if (policy.hasUppercase) {
+            if (this.policy.hasUppercase) {
                 validators.push(Validators.pattern(/[A-Z]/g));
             }
-            if (policy.hasNumber) {
+            if (this.policy.hasNumber) {
                 validators.push(Validators.pattern(/[0-9]/g));
             }
-            if (policy.hasSymbol) {
+            if (this.policy.hasSymbol) {
                 // All characters that are not a digit or an English letter \W or a whitespace \S
                 validators.push(Validators.pattern(/[\W\S]/));
             }
@@ -101,7 +101,6 @@ export class UserDetailComponent implements OnInit, OnDestroy {
                 password: ['', validators],
                 confirmPassword: ['', [...validators, passwordConfirmValidator]],
             });
-            // TODO custom validator for pattern
         }).catch(error => {
             console.log('no password complexity policy defined!');
             this.passwordForm = this.fb.group({
@@ -135,14 +134,14 @@ export class UserDetailComponent implements OnInit, OnDestroy {
     }
 
     public deletePhone(): void {
-        this.phone.phone = '';
+        this.user.phone = '';
         this.savePhone();
     }
 
     public enterCode(): void {
         const dialogRef = this.dialog.open(CodeDialogComponent, {
             data: {
-                number: this.phone.phone,
+                number: this.user.phone,
             },
         });
 
@@ -154,17 +153,18 @@ export class UserDetailComponent implements OnInit, OnDestroy {
     }
 
     public saveProfile(profileData: UserProfile.AsObject): void {
-        this.profile.firstName = profileData.firstName;
-        this.profile.lastName = profileData.lastName;
-        this.profile.nickName = profileData.nickName;
-        this.profile.displayName = profileData.displayName;
-        this.profile.gender = profileData.gender;
-        this.profile.preferredLanguage = profileData.preferredLanguage;
+        this.user.firstName = profileData.firstName;
+        this.user.lastName = profileData.lastName;
+        this.user.nickName = profileData.nickName;
+        this.user.displayName = profileData.displayName;
+        this.user.gender = profileData.gender;
+        this.user.preferredLanguage = profileData.preferredLanguage;
+        console.log(this.user);
         this.mgmtUserService
-            .SaveUserProfile(this.profile)
+            .SaveUserProfile(this.user)
             .then((data: UserProfile) => {
                 this.toast.showInfo('Saved Profile');
-                this.profile = data.toObject();
+                this.user = Object.assign(this.user, data.toObject());
             })
             .catch(data => {
                 this.toast.showError(data.message);
@@ -173,7 +173,7 @@ export class UserDetailComponent implements OnInit, OnDestroy {
 
     public resendVerification(): void {
         console.log('resendverification');
-        this.mgmtUserService.ResendEmailVerification(this.profile.id).then(() => {
+        this.mgmtUserService.ResendEmailVerification(this.user.id).then(() => {
             this.toast.showInfo('Email was successfully sent!');
         }).catch(data => {
             this.toast.showError(data.message);
@@ -181,7 +181,7 @@ export class UserDetailComponent implements OnInit, OnDestroy {
     }
 
     public resendPhoneVerification(): void {
-        this.mgmtUserService.ResendPhoneVerification(this.profile.id).then(() => {
+        this.mgmtUserService.ResendPhoneVerification(this.user.id).then(() => {
             this.toast.showInfo('Phoneverification was successfully sent!');
         }).catch(data => {
             this.toast.showError(data.message);
@@ -190,9 +190,9 @@ export class UserDetailComponent implements OnInit, OnDestroy {
 
     public setInitialPassword(): void {
         if (this.passwordForm.valid && this.password && this.password.value) {
-            this.mgmtUserService.SetInitialPassword(this.profile.id, this.password.value).then((data: any) => {
+            this.mgmtUserService.SetInitialPassword(this.user.id, this.password.value).then((data: any) => {
                 this.toast.showInfo('Set initial Password');
-                this.email = data.toObject();
+                this.user.email = data.toObject();
             }).catch(data => {
                 this.toast.showError(data.message);
             });
@@ -200,10 +200,10 @@ export class UserDetailComponent implements OnInit, OnDestroy {
     }
 
     public sendSetPasswordNotification(): void {
-        this.mgmtUserService.SendSetPasswordNotification(this.profile.id, NotificationType.NOTIFICATIONTYPE_EMAIL)
+        this.mgmtUserService.SendSetPasswordNotification(this.user.id, NotificationType.NOTIFICATIONTYPE_EMAIL)
             .then((data: any) => {
                 this.toast.showInfo('Set initial Password');
-                this.email = data.toObject();
+                this.user.email = data.toObject();
             }).catch(data => {
                 this.toast.showError(data.message);
             });
@@ -212,9 +212,9 @@ export class UserDetailComponent implements OnInit, OnDestroy {
     public saveEmail(): void {
         this.emailEditState = false;
         this.mgmtUserService
-            .SaveUserEmail(this.email).then((data: UserEmail) => {
+            .SaveUserEmail(this.user.id, this.user.email).then((data: UserEmail) => {
                 this.toast.showInfo('Saved Email');
-                this.email = data.toObject();
+                this.user.email = data.toObject().email;
             }).catch(data => {
                 this.toast.showError(data.message);
             });
@@ -222,13 +222,10 @@ export class UserDetailComponent implements OnInit, OnDestroy {
 
     public savePhone(): void {
         this.phoneEditState = false;
-        if (!this.phone.id) {
-            this.phone.id = this.profile.id;
-        }
         this.mgmtUserService
-            .SaveUserPhone(this.phone).then((data: UserPhone) => {
+            .SaveUserPhone(this.user.id, this.user.phone).then((data: UserPhone) => {
                 this.toast.showInfo('Saved Phone');
-                this.phone = data.toObject();
+                this.user.phone = data.toObject().phone;
             }).catch(data => {
                 this.toast.showError(data.message);
             });
@@ -236,7 +233,7 @@ export class UserDetailComponent implements OnInit, OnDestroy {
 
     public saveAddress(): void {
         if (!this.address.id) {
-            this.address.id = this.profile.id;
+            this.address.id = this.user.id;
         }
 
         this.address.streetAddress = this.streetAddress?.value;
@@ -283,9 +280,15 @@ export class UserDetailComponent implements OnInit, OnDestroy {
 
     private async getData({ id }: Params): Promise<void> {
         this.isMgmt = true;
-        this.profile = (await this.mgmtUserService.GetUserProfile(id)).toObject();
-        this.email = (await this.mgmtUserService.GetUserEmail(id)).toObject();
-        this.phone = (await this.mgmtUserService.GetUserPhone(id)).toObject();
+        this.mgmtUserService.GetUserByID(id).then(user => {
+            console.log(user.toObject());
+            this.user = user.toObject();
+        }).catch(err => {
+            console.error(err);
+        });
+        // this.profile = (await this.mgmtUserService.GetUserProfile(id)).toObject();
+        // this.email = (await this.mgmtUserService.GetUserEmail(id)).toObject();
+        // this.phone = (await this.mgmtUserService.GetUserPhone(id)).toObject();
         this.address = (await this.mgmtUserService.GetUserAddress(id)).toObject();
         this.addressForm.patchValue(this.address);
     }

console/src/app/pipes/password-pattern.pipe.spec.ts

@@ -0,0 +1,8 @@
+import { PasswordPatternPipe } from './password-pattern.pipe';
+
+describe('PasswordPatternPipe', () => {
+  it('create an instance', () => {
+    const pipe = new PasswordPatternPipe();
+    expect(pipe).toBeTruthy();
+  });
+});

console/src/app/pipes/password-pattern.pipe.ts

@@ -0,0 +1,17 @@
+import { Pipe, PipeTransform } from '@angular/core';
+
+import { PasswordComplexityPolicy } from '../proto/generated/management_pb';
+import { OrgService } from '../services/org.service';
+
+@Pipe({
+    name: 'passwordPattern',
+})
+export class PasswordPatternPipe implements PipeTransform {
+
+    constructor(private orgService: OrgService) { }
+
+    transform(policy: PasswordComplexityPolicy.AsObject, ...args: unknown[]): string {
+        return this.orgService.getLocalizedComplexityPolicyPatternErrorString(policy);
+    }
+
+}

console/src/app/pipes/pipes.module.ts

@@ -3,11 +3,13 @@ import { NgModule } from '@angular/core';
 import { MomentModule } from 'ngx-moment';
 
 import { LocalizedDatePipe } from './localized-date.pipe';
+import { PasswordPatternPipe } from './password-pattern.pipe';
 
 
 @NgModule({
     declarations: [
         LocalizedDatePipe,
+        PasswordPatternPipe,
     ],
     imports: [
         CommonModule,
@@ -15,6 +17,7 @@ import { LocalizedDatePipe } from './localized-date.pipe';
     ],
     exports: [
         LocalizedDatePipe,
+        PasswordPatternPipe,
     ],
 })
 export class PipesModule { }

console/src/app/proto/generated/admin_grpc_web_pb.d.ts

@@ -11,6 +11,9 @@ import * as authoption_options_pb from './authoption/options_pb';
 import {
   Org,
   OrgID,
+  OrgIamPolicy,
+  OrgIamPolicyID,
+  OrgIamPolicyRequest,
   OrgSearchRequest,
   OrgSearchResponse,
   OrgSetUpRequest,
@@ -72,6 +75,34 @@ export class AdminServiceClient {
                response: OrgSetUpResponse) => void
   ): grpcWeb.ClientReadableStream<OrgSetUpResponse>;
 
+  getOrgIamPolicy(
+    request: OrgIamPolicyID,
+    metadata: grpcWeb.Metadata | undefined,
+    callback: (err: grpcWeb.Error,
+               response: OrgIamPolicy) => void
+  ): grpcWeb.ClientReadableStream<OrgIamPolicy>;
+
+  createOrgIamPolicy(
+    request: OrgIamPolicyRequest,
+    metadata: grpcWeb.Metadata | undefined,
+    callback: (err: grpcWeb.Error,
+               response: OrgIamPolicy) => void
+  ): grpcWeb.ClientReadableStream<OrgIamPolicy>;
+
+  updateOrgIamPolicy(
+    request: OrgIamPolicyRequest,
+    metadata: grpcWeb.Metadata | undefined,
+    callback: (err: grpcWeb.Error,
+               response: OrgIamPolicy) => void
+  ): grpcWeb.ClientReadableStream<OrgIamPolicy>;
+
+  deleteOrgIamPolicy(
+    request: OrgIamPolicyID,
+    metadata: grpcWeb.Metadata | undefined,
+    callback: (err: grpcWeb.Error,
+               response: google_protobuf_empty_pb.Empty) => void
+  ): grpcWeb.ClientReadableStream<google_protobuf_empty_pb.Empty>;
+
 }
 
 export class AdminServicePromiseClient {
@@ -114,5 +145,25 @@ export class AdminServicePromiseClient {
     metadata?: grpcWeb.Metadata
   ): Promise<OrgSetUpResponse>;
 
+  getOrgIamPolicy(
+    request: OrgIamPolicyID,
+    metadata?: grpcWeb.Metadata
+  ): Promise<OrgIamPolicy>;
+
+  createOrgIamPolicy(
+    request: OrgIamPolicyRequest,
+    metadata?: grpcWeb.Metadata
+  ): Promise<OrgIamPolicy>;
+
+  updateOrgIamPolicy(
+    request: OrgIamPolicyRequest,
+    metadata?: grpcWeb.Metadata
+  ): Promise<OrgIamPolicy>;
+
+  deleteOrgIamPolicy(
+    request: OrgIamPolicyID,
+    metadata?: grpcWeb.Metadata
+  ): Promise<google_protobuf_empty_pb.Empty>;
+
 }
 

console/src/app/proto/generated/admin_grpc_web_pb.js

@@ -644,5 +644,325 @@ proto.caos.zitadel.admin.api.v1.AdminServicePromiseClient.prototype.setUpOrg =
 };
 
 
+/**
+ * @const
+ * @type {!grpc.web.MethodDescriptor<
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicyID,
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicy>}
+ */
+const methodDescriptor_AdminService_GetOrgIamPolicy = new grpc.web.MethodDescriptor(
+  '/caos.zitadel.admin.api.v1.AdminService/GetOrgIamPolicy',
+  grpc.web.MethodType.UNARY,
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicyID,
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy,
+  /**
+   * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyID} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy.deserializeBinary
+);
+
+
+/**
+ * @const
+ * @type {!grpc.web.AbstractClientBase.MethodInfo<
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicyID,
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicy>}
+ */
+const methodInfo_AdminService_GetOrgIamPolicy = new grpc.web.AbstractClientBase.MethodInfo(
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy,
+  /**
+   * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyID} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy.deserializeBinary
+);
+
+
+/**
+ * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyID} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.admin.api.v1.OrgIamPolicy)}
+ *     callback The callback function(error, response)
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.admin.api.v1.OrgIamPolicy>|undefined}
+ *     The XHR Node Readable Stream
+ */
+proto.caos.zitadel.admin.api.v1.AdminServiceClient.prototype.getOrgIamPolicy =
+    function(request, metadata, callback) {
+  return this.client_.rpcCall(this.hostname_ +
+      '/caos.zitadel.admin.api.v1.AdminService/GetOrgIamPolicy',
+      request,
+      metadata || {},
+      methodDescriptor_AdminService_GetOrgIamPolicy,
+      callback);
+};
+
+
+/**
+ * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyID} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @return {!Promise<!proto.caos.zitadel.admin.api.v1.OrgIamPolicy>}
+ *     A native promise that resolves to the response
+ */
+proto.caos.zitadel.admin.api.v1.AdminServicePromiseClient.prototype.getOrgIamPolicy =
+    function(request, metadata) {
+  return this.client_.unaryCall(this.hostname_ +
+      '/caos.zitadel.admin.api.v1.AdminService/GetOrgIamPolicy',
+      request,
+      metadata || {},
+      methodDescriptor_AdminService_GetOrgIamPolicy);
+};
+
+
+/**
+ * @const
+ * @type {!grpc.web.MethodDescriptor<
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest,
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicy>}
+ */
+const methodDescriptor_AdminService_CreateOrgIamPolicy = new grpc.web.MethodDescriptor(
+  '/caos.zitadel.admin.api.v1.AdminService/CreateOrgIamPolicy',
+  grpc.web.MethodType.UNARY,
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest,
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy,
+  /**
+   * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy.deserializeBinary
+);
+
+
+/**
+ * @const
+ * @type {!grpc.web.AbstractClientBase.MethodInfo<
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest,
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicy>}
+ */
+const methodInfo_AdminService_CreateOrgIamPolicy = new grpc.web.AbstractClientBase.MethodInfo(
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy,
+  /**
+   * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy.deserializeBinary
+);
+
+
+/**
+ * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.admin.api.v1.OrgIamPolicy)}
+ *     callback The callback function(error, response)
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.admin.api.v1.OrgIamPolicy>|undefined}
+ *     The XHR Node Readable Stream
+ */
+proto.caos.zitadel.admin.api.v1.AdminServiceClient.prototype.createOrgIamPolicy =
+    function(request, metadata, callback) {
+  return this.client_.rpcCall(this.hostname_ +
+      '/caos.zitadel.admin.api.v1.AdminService/CreateOrgIamPolicy',
+      request,
+      metadata || {},
+      methodDescriptor_AdminService_CreateOrgIamPolicy,
+      callback);
+};
+
+
+/**
+ * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @return {!Promise<!proto.caos.zitadel.admin.api.v1.OrgIamPolicy>}
+ *     A native promise that resolves to the response
+ */
+proto.caos.zitadel.admin.api.v1.AdminServicePromiseClient.prototype.createOrgIamPolicy =
+    function(request, metadata) {
+  return this.client_.unaryCall(this.hostname_ +
+      '/caos.zitadel.admin.api.v1.AdminService/CreateOrgIamPolicy',
+      request,
+      metadata || {},
+      methodDescriptor_AdminService_CreateOrgIamPolicy);
+};
+
+
+/**
+ * @const
+ * @type {!grpc.web.MethodDescriptor<
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest,
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicy>}
+ */
+const methodDescriptor_AdminService_UpdateOrgIamPolicy = new grpc.web.MethodDescriptor(
+  '/caos.zitadel.admin.api.v1.AdminService/UpdateOrgIamPolicy',
+  grpc.web.MethodType.UNARY,
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest,
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy,
+  /**
+   * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy.deserializeBinary
+);
+
+
+/**
+ * @const
+ * @type {!grpc.web.AbstractClientBase.MethodInfo<
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest,
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicy>}
+ */
+const methodInfo_AdminService_UpdateOrgIamPolicy = new grpc.web.AbstractClientBase.MethodInfo(
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy,
+  /**
+   * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicy.deserializeBinary
+);
+
+
+/**
+ * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.admin.api.v1.OrgIamPolicy)}
+ *     callback The callback function(error, response)
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.admin.api.v1.OrgIamPolicy>|undefined}
+ *     The XHR Node Readable Stream
+ */
+proto.caos.zitadel.admin.api.v1.AdminServiceClient.prototype.updateOrgIamPolicy =
+    function(request, metadata, callback) {
+  return this.client_.rpcCall(this.hostname_ +
+      '/caos.zitadel.admin.api.v1.AdminService/UpdateOrgIamPolicy',
+      request,
+      metadata || {},
+      methodDescriptor_AdminService_UpdateOrgIamPolicy,
+      callback);
+};
+
+
+/**
+ * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyRequest} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @return {!Promise<!proto.caos.zitadel.admin.api.v1.OrgIamPolicy>}
+ *     A native promise that resolves to the response
+ */
+proto.caos.zitadel.admin.api.v1.AdminServicePromiseClient.prototype.updateOrgIamPolicy =
+    function(request, metadata) {
+  return this.client_.unaryCall(this.hostname_ +
+      '/caos.zitadel.admin.api.v1.AdminService/UpdateOrgIamPolicy',
+      request,
+      metadata || {},
+      methodDescriptor_AdminService_UpdateOrgIamPolicy);
+};
+
+
+/**
+ * @const
+ * @type {!grpc.web.MethodDescriptor<
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicyID,
+ *   !proto.google.protobuf.Empty>}
+ */
+const methodDescriptor_AdminService_DeleteOrgIamPolicy = new grpc.web.MethodDescriptor(
+  '/caos.zitadel.admin.api.v1.AdminService/DeleteOrgIamPolicy',
+  grpc.web.MethodType.UNARY,
+  proto.caos.zitadel.admin.api.v1.OrgIamPolicyID,
+  google_protobuf_empty_pb.Empty,
+  /**
+   * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyID} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  google_protobuf_empty_pb.Empty.deserializeBinary
+);
+
+
+/**
+ * @const
+ * @type {!grpc.web.AbstractClientBase.MethodInfo<
+ *   !proto.caos.zitadel.admin.api.v1.OrgIamPolicyID,
+ *   !proto.google.protobuf.Empty>}
+ */
+const methodInfo_AdminService_DeleteOrgIamPolicy = new grpc.web.AbstractClientBase.MethodInfo(
+  google_protobuf_empty_pb.Empty,
+  /**
+   * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyID} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  google_protobuf_empty_pb.Empty.deserializeBinary
+);
+
+
+/**
+ * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyID} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @param {function(?grpc.web.Error, ?proto.google.protobuf.Empty)}
+ *     callback The callback function(error, response)
+ * @return {!grpc.web.ClientReadableStream<!proto.google.protobuf.Empty>|undefined}
+ *     The XHR Node Readable Stream
+ */
+proto.caos.zitadel.admin.api.v1.AdminServiceClient.prototype.deleteOrgIamPolicy =
+    function(request, metadata, callback) {
+  return this.client_.rpcCall(this.hostname_ +
+      '/caos.zitadel.admin.api.v1.AdminService/DeleteOrgIamPolicy',
+      request,
+      metadata || {},
+      methodDescriptor_AdminService_DeleteOrgIamPolicy,
+      callback);
+};
+
+
+/**
+ * @param {!proto.caos.zitadel.admin.api.v1.OrgIamPolicyID} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @return {!Promise<!proto.google.protobuf.Empty>}
+ *     A native promise that resolves to the response
+ */
+proto.caos.zitadel.admin.api.v1.AdminServicePromiseClient.prototype.deleteOrgIamPolicy =
+    function(request, metadata) {
+  return this.client_.unaryCall(this.hostname_ +
+      '/caos.zitadel.admin.api.v1.AdminService/DeleteOrgIamPolicy',
+      request,
+      metadata || {},
+      methodDescriptor_AdminService_DeleteOrgIamPolicy);
+};
+
+
 module.exports = proto.caos.zitadel.admin.api.v1;
 

console/src/app/proto/generated/admin_pb.d.ts

@@ -267,9 +267,6 @@ export class CreateUserRequest extends jspb.Message {
   getNickName(): string;
   setNickName(value: string): void;
 
-  getDisplayName(): string;
-  setDisplayName(value: string): void;
-
   getPreferredLanguage(): string;
   setPreferredLanguage(value: string): void;
 
@@ -320,7 +317,6 @@ export namespace CreateUserRequest {
     firstName: string,
     lastName: string,
     nickName: string,
-    displayName: string,
     preferredLanguage: string,
     gender: Gender,
     email: string,
@@ -460,6 +456,96 @@ export namespace CreateOrgRequest {
   }
 }
 
+export class OrgIamPolicy extends jspb.Message {
+  getOrgId(): string;
+  setOrgId(value: string): void;
+
+  getDescription(): string;
+  setDescription(value: string): void;
+
+  getUserLoginMustBeDomain(): boolean;
+  setUserLoginMustBeDomain(value: boolean): void;
+
+  getDefault(): boolean;
+  setDefault(value: boolean): void;
+
+  getSequence(): number;
+  setSequence(value: number): void;
+
+  getCreationDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setCreationDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasCreationDate(): boolean;
+  clearCreationDate(): void;
+
+  getChangeDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setChangeDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasChangeDate(): boolean;
+  clearChangeDate(): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): OrgIamPolicy.AsObject;
+  static toObject(includeInstance: boolean, msg: OrgIamPolicy): OrgIamPolicy.AsObject;
+  static serializeBinaryToWriter(message: OrgIamPolicy, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): OrgIamPolicy;
+  static deserializeBinaryFromReader(message: OrgIamPolicy, reader: jspb.BinaryReader): OrgIamPolicy;
+}
+
+export namespace OrgIamPolicy {
+  export type AsObject = {
+    orgId: string,
+    description: string,
+    userLoginMustBeDomain: boolean,
+    pb_default: boolean,
+    sequence: number,
+    creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+  }
+}
+
+export class OrgIamPolicyRequest extends jspb.Message {
+  getOrgId(): string;
+  setOrgId(value: string): void;
+
+  getDescription(): string;
+  setDescription(value: string): void;
+
+  getUserLoginMustBeDomain(): boolean;
+  setUserLoginMustBeDomain(value: boolean): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): OrgIamPolicyRequest.AsObject;
+  static toObject(includeInstance: boolean, msg: OrgIamPolicyRequest): OrgIamPolicyRequest.AsObject;
+  static serializeBinaryToWriter(message: OrgIamPolicyRequest, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): OrgIamPolicyRequest;
+  static deserializeBinaryFromReader(message: OrgIamPolicyRequest, reader: jspb.BinaryReader): OrgIamPolicyRequest;
+}
+
+export namespace OrgIamPolicyRequest {
+  export type AsObject = {
+    orgId: string,
+    description: string,
+    userLoginMustBeDomain: boolean,
+  }
+}
+
+export class OrgIamPolicyID extends jspb.Message {
+  getOrgId(): string;
+  setOrgId(value: string): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): OrgIamPolicyID.AsObject;
+  static toObject(includeInstance: boolean, msg: OrgIamPolicyID): OrgIamPolicyID.AsObject;
+  static serializeBinaryToWriter(message: OrgIamPolicyID, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): OrgIamPolicyID;
+  static deserializeBinaryFromReader(message: OrgIamPolicyID, reader: jspb.BinaryReader): OrgIamPolicyID;
+}
+
+export namespace OrgIamPolicyID {
+  export type AsObject = {
+    orgId: string,
+  }
+}
+
 export enum OrgState { 
   ORGSTATE_UNSPECIFIED = 0,
   ORGSTATE_ACTIVE = 1,

console/src/app/proto/generated/auth_grpc_web_pb.d.ts

@@ -20,11 +20,15 @@ import {
   UpdateUserPhoneRequest,
   UpdateUserProfileRequest,
   UserAddress,
+  UserAddressView,
   UserEmail,
+  UserEmailView,
   UserGrantSearchRequest,
   UserGrantSearchResponse,
   UserPhone,
+  UserPhoneView,
   UserProfile,
+  UserProfileView,
   UserSessionViews,
   VerifyMfaOtp,
   VerifyMyUserEmailRequest,
@@ -67,8 +71,8 @@ export class AuthServiceClient {
     request: google_protobuf_empty_pb.Empty,
     metadata: grpcWeb.Metadata | undefined,
     callback: (err: grpcWeb.Error,
-               response: UserProfile) => void
-  ): grpcWeb.ClientReadableStream<UserProfile>;
+               response: UserProfileView) => void
+  ): grpcWeb.ClientReadableStream<UserProfileView>;
 
   updateMyUserProfile(
     request: UpdateUserProfileRequest,
@@ -81,8 +85,8 @@ export class AuthServiceClient {
     request: google_protobuf_empty_pb.Empty,
     metadata: grpcWeb.Metadata | undefined,
     callback: (err: grpcWeb.Error,
-               response: UserEmail) => void
-  ): grpcWeb.ClientReadableStream<UserEmail>;
+               response: UserEmailView) => void
+  ): grpcWeb.ClientReadableStream<UserEmailView>;
 
   changeMyUserEmail(
     request: UpdateUserEmailRequest,
@@ -109,8 +113,8 @@ export class AuthServiceClient {
     request: google_protobuf_empty_pb.Empty,
     metadata: grpcWeb.Metadata | undefined,
     callback: (err: grpcWeb.Error,
-               response: UserPhone) => void
-  ): grpcWeb.ClientReadableStream<UserPhone>;
+               response: UserPhoneView) => void
+  ): grpcWeb.ClientReadableStream<UserPhoneView>;
 
   changeMyUserPhone(
     request: UpdateUserPhoneRequest,
@@ -137,8 +141,8 @@ export class AuthServiceClient {
     request: google_protobuf_empty_pb.Empty,
     metadata: grpcWeb.Metadata | undefined,
     callback: (err: grpcWeb.Error,
-               response: UserAddress) => void
-  ): grpcWeb.ClientReadableStream<UserAddress>;
+               response: UserAddressView) => void
+  ): grpcWeb.ClientReadableStream<UserAddressView>;
 
   updateMyUserAddress(
     request: UpdateUserAddressRequest,
@@ -233,7 +237,7 @@ export class AuthServicePromiseClient {
   getMyUserProfile(
     request: google_protobuf_empty_pb.Empty,
     metadata?: grpcWeb.Metadata
-  ): Promise<UserProfile>;
+  ): Promise<UserProfileView>;
 
   updateMyUserProfile(
     request: UpdateUserProfileRequest,
@@ -243,7 +247,7 @@ export class AuthServicePromiseClient {
   getMyUserEmail(
     request: google_protobuf_empty_pb.Empty,
     metadata?: grpcWeb.Metadata
-  ): Promise<UserEmail>;
+  ): Promise<UserEmailView>;
 
   changeMyUserEmail(
     request: UpdateUserEmailRequest,
@@ -263,7 +267,7 @@ export class AuthServicePromiseClient {
   getMyUserPhone(
     request: google_protobuf_empty_pb.Empty,
     metadata?: grpcWeb.Metadata
-  ): Promise<UserPhone>;
+  ): Promise<UserPhoneView>;
 
   changeMyUserPhone(
     request: UpdateUserPhoneRequest,
@@ -283,7 +287,7 @@ export class AuthServicePromiseClient {
   getMyUserAddress(
     request: google_protobuf_empty_pb.Empty,
     metadata?: grpcWeb.Metadata
-  ): Promise<UserAddress>;
+  ): Promise<UserAddressView>;
 
   updateMyUserAddress(
     request: UpdateUserAddressRequest,

console/src/app/proto/generated/auth_grpc_web_pb.js

@@ -408,13 +408,13 @@ proto.caos.zitadel.auth.api.v1.AuthServicePromiseClient.prototype.getMyUserSessi
  * @const
  * @type {!grpc.web.MethodDescriptor<
  *   !proto.google.protobuf.Empty,
- *   !proto.caos.zitadel.auth.api.v1.UserProfile>}
+ *   !proto.caos.zitadel.auth.api.v1.UserProfileView>}
  */
 const methodDescriptor_AuthService_GetMyUserProfile = new grpc.web.MethodDescriptor(
   '/caos.zitadel.auth.api.v1.AuthService/GetMyUserProfile',
   grpc.web.MethodType.UNARY,
   google_protobuf_empty_pb.Empty,
-  proto.caos.zitadel.auth.api.v1.UserProfile,
+  proto.caos.zitadel.auth.api.v1.UserProfileView,
   /**
    * @param {!proto.google.protobuf.Empty} request
    * @return {!Uint8Array}
@@ -422,7 +422,7 @@ const methodDescriptor_AuthService_GetMyUserProfile = new grpc.web.MethodDescrip
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.auth.api.v1.UserProfile.deserializeBinary
+  proto.caos.zitadel.auth.api.v1.UserProfileView.deserializeBinary
 );
 
 
@@ -430,10 +430,10 @@ const methodDescriptor_AuthService_GetMyUserProfile = new grpc.web.MethodDescrip
  * @const
  * @type {!grpc.web.AbstractClientBase.MethodInfo<
  *   !proto.google.protobuf.Empty,
- *   !proto.caos.zitadel.auth.api.v1.UserProfile>}
+ *   !proto.caos.zitadel.auth.api.v1.UserProfileView>}
  */
 const methodInfo_AuthService_GetMyUserProfile = new grpc.web.AbstractClientBase.MethodInfo(
-  proto.caos.zitadel.auth.api.v1.UserProfile,
+  proto.caos.zitadel.auth.api.v1.UserProfileView,
   /**
    * @param {!proto.google.protobuf.Empty} request
    * @return {!Uint8Array}
@@ -441,7 +441,7 @@ const methodInfo_AuthService_GetMyUserProfile = new grpc.web.AbstractClientBase.
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.auth.api.v1.UserProfile.deserializeBinary
+  proto.caos.zitadel.auth.api.v1.UserProfileView.deserializeBinary
 );
 
 
@@ -450,9 +450,9 @@ const methodInfo_AuthService_GetMyUserProfile = new grpc.web.AbstractClientBase.
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @param {function(?grpc.web.Error, ?proto.caos.zitadel.auth.api.v1.UserProfile)}
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.auth.api.v1.UserProfileView)}
  *     callback The callback function(error, response)
- * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.auth.api.v1.UserProfile>|undefined}
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.auth.api.v1.UserProfileView>|undefined}
  *     The XHR Node Readable Stream
  */
 proto.caos.zitadel.auth.api.v1.AuthServiceClient.prototype.getMyUserProfile =
@@ -471,7 +471,7 @@ proto.caos.zitadel.auth.api.v1.AuthServiceClient.prototype.getMyUserProfile =
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @return {!Promise<!proto.caos.zitadel.auth.api.v1.UserProfile>}
+ * @return {!Promise<!proto.caos.zitadel.auth.api.v1.UserProfileView>}
  *     A native promise that resolves to the response
  */
 proto.caos.zitadel.auth.api.v1.AuthServicePromiseClient.prototype.getMyUserProfile =
@@ -568,13 +568,13 @@ proto.caos.zitadel.auth.api.v1.AuthServicePromiseClient.prototype.updateMyUserPr
  * @const
  * @type {!grpc.web.MethodDescriptor<
  *   !proto.google.protobuf.Empty,
- *   !proto.caos.zitadel.auth.api.v1.UserEmail>}
+ *   !proto.caos.zitadel.auth.api.v1.UserEmailView>}
  */
 const methodDescriptor_AuthService_GetMyUserEmail = new grpc.web.MethodDescriptor(
   '/caos.zitadel.auth.api.v1.AuthService/GetMyUserEmail',
   grpc.web.MethodType.UNARY,
   google_protobuf_empty_pb.Empty,
-  proto.caos.zitadel.auth.api.v1.UserEmail,
+  proto.caos.zitadel.auth.api.v1.UserEmailView,
   /**
    * @param {!proto.google.protobuf.Empty} request
    * @return {!Uint8Array}
@@ -582,7 +582,7 @@ const methodDescriptor_AuthService_GetMyUserEmail = new grpc.web.MethodDescripto
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.auth.api.v1.UserEmail.deserializeBinary
+  proto.caos.zitadel.auth.api.v1.UserEmailView.deserializeBinary
 );
 
 
@@ -590,10 +590,10 @@ const methodDescriptor_AuthService_GetMyUserEmail = new grpc.web.MethodDescripto
  * @const
  * @type {!grpc.web.AbstractClientBase.MethodInfo<
  *   !proto.google.protobuf.Empty,
- *   !proto.caos.zitadel.auth.api.v1.UserEmail>}
+ *   !proto.caos.zitadel.auth.api.v1.UserEmailView>}
  */
 const methodInfo_AuthService_GetMyUserEmail = new grpc.web.AbstractClientBase.MethodInfo(
-  proto.caos.zitadel.auth.api.v1.UserEmail,
+  proto.caos.zitadel.auth.api.v1.UserEmailView,
   /**
    * @param {!proto.google.protobuf.Empty} request
    * @return {!Uint8Array}
@@ -601,7 +601,7 @@ const methodInfo_AuthService_GetMyUserEmail = new grpc.web.AbstractClientBase.Me
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.auth.api.v1.UserEmail.deserializeBinary
+  proto.caos.zitadel.auth.api.v1.UserEmailView.deserializeBinary
 );
 
 
@@ -610,9 +610,9 @@ const methodInfo_AuthService_GetMyUserEmail = new grpc.web.AbstractClientBase.Me
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @param {function(?grpc.web.Error, ?proto.caos.zitadel.auth.api.v1.UserEmail)}
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.auth.api.v1.UserEmailView)}
  *     callback The callback function(error, response)
- * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.auth.api.v1.UserEmail>|undefined}
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.auth.api.v1.UserEmailView>|undefined}
  *     The XHR Node Readable Stream
  */
 proto.caos.zitadel.auth.api.v1.AuthServiceClient.prototype.getMyUserEmail =
@@ -631,7 +631,7 @@ proto.caos.zitadel.auth.api.v1.AuthServiceClient.prototype.getMyUserEmail =
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @return {!Promise<!proto.caos.zitadel.auth.api.v1.UserEmail>}
+ * @return {!Promise<!proto.caos.zitadel.auth.api.v1.UserEmailView>}
  *     A native promise that resolves to the response
  */
 proto.caos.zitadel.auth.api.v1.AuthServicePromiseClient.prototype.getMyUserEmail =
@@ -888,13 +888,13 @@ proto.caos.zitadel.auth.api.v1.AuthServicePromiseClient.prototype.resendMyEmailV
  * @const
  * @type {!grpc.web.MethodDescriptor<
  *   !proto.google.protobuf.Empty,
- *   !proto.caos.zitadel.auth.api.v1.UserPhone>}
+ *   !proto.caos.zitadel.auth.api.v1.UserPhoneView>}
  */
 const methodDescriptor_AuthService_GetMyUserPhone = new grpc.web.MethodDescriptor(
   '/caos.zitadel.auth.api.v1.AuthService/GetMyUserPhone',
   grpc.web.MethodType.UNARY,
   google_protobuf_empty_pb.Empty,
-  proto.caos.zitadel.auth.api.v1.UserPhone,
+  proto.caos.zitadel.auth.api.v1.UserPhoneView,
   /**
    * @param {!proto.google.protobuf.Empty} request
    * @return {!Uint8Array}
@@ -902,7 +902,7 @@ const methodDescriptor_AuthService_GetMyUserPhone = new grpc.web.MethodDescripto
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.auth.api.v1.UserPhone.deserializeBinary
+  proto.caos.zitadel.auth.api.v1.UserPhoneView.deserializeBinary
 );
 
 
@@ -910,10 +910,10 @@ const methodDescriptor_AuthService_GetMyUserPhone = new grpc.web.MethodDescripto
  * @const
  * @type {!grpc.web.AbstractClientBase.MethodInfo<
  *   !proto.google.protobuf.Empty,
- *   !proto.caos.zitadel.auth.api.v1.UserPhone>}
+ *   !proto.caos.zitadel.auth.api.v1.UserPhoneView>}
  */
 const methodInfo_AuthService_GetMyUserPhone = new grpc.web.AbstractClientBase.MethodInfo(
-  proto.caos.zitadel.auth.api.v1.UserPhone,
+  proto.caos.zitadel.auth.api.v1.UserPhoneView,
   /**
    * @param {!proto.google.protobuf.Empty} request
    * @return {!Uint8Array}
@@ -921,7 +921,7 @@ const methodInfo_AuthService_GetMyUserPhone = new grpc.web.AbstractClientBase.Me
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.auth.api.v1.UserPhone.deserializeBinary
+  proto.caos.zitadel.auth.api.v1.UserPhoneView.deserializeBinary
 );
 
 
@@ -930,9 +930,9 @@ const methodInfo_AuthService_GetMyUserPhone = new grpc.web.AbstractClientBase.Me
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @param {function(?grpc.web.Error, ?proto.caos.zitadel.auth.api.v1.UserPhone)}
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.auth.api.v1.UserPhoneView)}
  *     callback The callback function(error, response)
- * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.auth.api.v1.UserPhone>|undefined}
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.auth.api.v1.UserPhoneView>|undefined}
  *     The XHR Node Readable Stream
  */
 proto.caos.zitadel.auth.api.v1.AuthServiceClient.prototype.getMyUserPhone =
@@ -951,7 +951,7 @@ proto.caos.zitadel.auth.api.v1.AuthServiceClient.prototype.getMyUserPhone =
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @return {!Promise<!proto.caos.zitadel.auth.api.v1.UserPhone>}
+ * @return {!Promise<!proto.caos.zitadel.auth.api.v1.UserPhoneView>}
  *     A native promise that resolves to the response
  */
 proto.caos.zitadel.auth.api.v1.AuthServicePromiseClient.prototype.getMyUserPhone =
@@ -1208,13 +1208,13 @@ proto.caos.zitadel.auth.api.v1.AuthServicePromiseClient.prototype.resendMyPhoneV
  * @const
  * @type {!grpc.web.MethodDescriptor<
  *   !proto.google.protobuf.Empty,
- *   !proto.caos.zitadel.auth.api.v1.UserAddress>}
+ *   !proto.caos.zitadel.auth.api.v1.UserAddressView>}
  */
 const methodDescriptor_AuthService_GetMyUserAddress = new grpc.web.MethodDescriptor(
   '/caos.zitadel.auth.api.v1.AuthService/GetMyUserAddress',
   grpc.web.MethodType.UNARY,
   google_protobuf_empty_pb.Empty,
-  proto.caos.zitadel.auth.api.v1.UserAddress,
+  proto.caos.zitadel.auth.api.v1.UserAddressView,
   /**
    * @param {!proto.google.protobuf.Empty} request
    * @return {!Uint8Array}
@@ -1222,7 +1222,7 @@ const methodDescriptor_AuthService_GetMyUserAddress = new grpc.web.MethodDescrip
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.auth.api.v1.UserAddress.deserializeBinary
+  proto.caos.zitadel.auth.api.v1.UserAddressView.deserializeBinary
 );
 
 
@@ -1230,10 +1230,10 @@ const methodDescriptor_AuthService_GetMyUserAddress = new grpc.web.MethodDescrip
  * @const
  * @type {!grpc.web.AbstractClientBase.MethodInfo<
  *   !proto.google.protobuf.Empty,
- *   !proto.caos.zitadel.auth.api.v1.UserAddress>}
+ *   !proto.caos.zitadel.auth.api.v1.UserAddressView>}
  */
 const methodInfo_AuthService_GetMyUserAddress = new grpc.web.AbstractClientBase.MethodInfo(
-  proto.caos.zitadel.auth.api.v1.UserAddress,
+  proto.caos.zitadel.auth.api.v1.UserAddressView,
   /**
    * @param {!proto.google.protobuf.Empty} request
    * @return {!Uint8Array}
@@ -1241,7 +1241,7 @@ const methodInfo_AuthService_GetMyUserAddress = new grpc.web.AbstractClientBase.
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.auth.api.v1.UserAddress.deserializeBinary
+  proto.caos.zitadel.auth.api.v1.UserAddressView.deserializeBinary
 );
 
 
@@ -1250,9 +1250,9 @@ const methodInfo_AuthService_GetMyUserAddress = new grpc.web.AbstractClientBase.
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @param {function(?grpc.web.Error, ?proto.caos.zitadel.auth.api.v1.UserAddress)}
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.auth.api.v1.UserAddressView)}
  *     callback The callback function(error, response)
- * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.auth.api.v1.UserAddress>|undefined}
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.auth.api.v1.UserAddressView>|undefined}
  *     The XHR Node Readable Stream
  */
 proto.caos.zitadel.auth.api.v1.AuthServiceClient.prototype.getMyUserAddress =
@@ -1271,7 +1271,7 @@ proto.caos.zitadel.auth.api.v1.AuthServiceClient.prototype.getMyUserAddress =
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @return {!Promise<!proto.caos.zitadel.auth.api.v1.UserAddress>}
+ * @return {!Promise<!proto.caos.zitadel.auth.api.v1.UserAddressView>}
  *     A native promise that resolves to the response
  */
 proto.caos.zitadel.auth.api.v1.AuthServicePromiseClient.prototype.getMyUserAddress =

console/src/app/proto/generated/auth_pb.d.ts

@@ -152,6 +152,14 @@ export class User extends jspb.Message {
   getSequence(): number;
   setSequence(value: number): void;
 
+  getLoginNamesList(): Array<string>;
+  setLoginNamesList(value: Array<string>): void;
+  clearLoginNamesList(): void;
+  addLoginNames(value: string, index?: number): void;
+
+  getPreferredLoginName(): string;
+  setPreferredLoginName(value: string): void;
+
   serializeBinary(): Uint8Array;
   toObject(includeInstance?: boolean): User.AsObject;
   static toObject(includeInstance: boolean, msg: User): User.AsObject;
@@ -187,6 +195,8 @@ export namespace User {
     streetAddress: string,
     passwordChangeRequired: boolean,
     sequence: number,
+    loginNamesList: Array<string>,
+    preferredLoginName: string,
   }
 }
 
@@ -252,7 +262,13 @@ export namespace UserProfile {
   }
 }
 
-export class UpdateUserProfileRequest extends jspb.Message {
+export class UserProfileView extends jspb.Message {
+  getId(): string;
+  setId(value: string): void;
+
+  getUserName(): string;
+  setUserName(value: string): void;
+
   getFirstName(): string;
   setFirstName(value: string): void;
 
@@ -271,6 +287,69 @@ export class UpdateUserProfileRequest extends jspb.Message {
   getGender(): Gender;
   setGender(value: Gender): void;
 
+  getSequence(): number;
+  setSequence(value: number): void;
+
+  getCreationDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setCreationDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasCreationDate(): boolean;
+  clearCreationDate(): void;
+
+  getChangeDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setChangeDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasChangeDate(): boolean;
+  clearChangeDate(): void;
+
+  getLoginNamesList(): Array<string>;
+  setLoginNamesList(value: Array<string>): void;
+  clearLoginNamesList(): void;
+  addLoginNames(value: string, index?: number): void;
+
+  getPreferredLoginName(): string;
+  setPreferredLoginName(value: string): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): UserProfileView.AsObject;
+  static toObject(includeInstance: boolean, msg: UserProfileView): UserProfileView.AsObject;
+  static serializeBinaryToWriter(message: UserProfileView, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): UserProfileView;
+  static deserializeBinaryFromReader(message: UserProfileView, reader: jspb.BinaryReader): UserProfileView;
+}
+
+export namespace UserProfileView {
+  export type AsObject = {
+    id: string,
+    userName: string,
+    firstName: string,
+    lastName: string,
+    nickName: string,
+    displayName: string,
+    preferredLanguage: string,
+    gender: Gender,
+    sequence: number,
+    creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    loginNamesList: Array<string>,
+    preferredLoginName: string,
+  }
+}
+
+export class UpdateUserProfileRequest extends jspb.Message {
+  getFirstName(): string;
+  setFirstName(value: string): void;
+
+  getLastName(): string;
+  setLastName(value: string): void;
+
+  getNickName(): string;
+  setNickName(value: string): void;
+
+  getPreferredLanguage(): string;
+  setPreferredLanguage(value: string): void;
+
+  getGender(): Gender;
+  setGender(value: Gender): void;
+
   serializeBinary(): Uint8Array;
   toObject(includeInstance?: boolean): UpdateUserProfileRequest.AsObject;
   static toObject(includeInstance: boolean, msg: UpdateUserProfileRequest): UpdateUserProfileRequest.AsObject;
@@ -284,7 +363,6 @@ export namespace UpdateUserProfileRequest {
     firstName: string,
     lastName: string,
     nickName: string,
-    displayName: string,
     preferredLanguage: string,
     gender: Gender,
   }
@@ -332,6 +410,48 @@ export namespace UserEmail {
   }
 }
 
+export class UserEmailView extends jspb.Message {
+  getId(): string;
+  setId(value: string): void;
+
+  getEmail(): string;
+  setEmail(value: string): void;
+
+  getIsemailverified(): boolean;
+  setIsemailverified(value: boolean): void;
+
+  getSequence(): number;
+  setSequence(value: number): void;
+
+  getCreationDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setCreationDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasCreationDate(): boolean;
+  clearCreationDate(): void;
+
+  getChangeDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setChangeDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasChangeDate(): boolean;
+  clearChangeDate(): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): UserEmailView.AsObject;
+  static toObject(includeInstance: boolean, msg: UserEmailView): UserEmailView.AsObject;
+  static serializeBinaryToWriter(message: UserEmailView, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): UserEmailView;
+  static deserializeBinaryFromReader(message: UserEmailView, reader: jspb.BinaryReader): UserEmailView;
+}
+
+export namespace UserEmailView {
+  export type AsObject = {
+    id: string,
+    email: string,
+    isemailverified: boolean,
+    sequence: number,
+    creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+  }
+}
+
 export class VerifyMyUserEmailRequest extends jspb.Message {
   getCode(): string;
   setCode(value: string): void;
@@ -432,6 +552,48 @@ export namespace UserPhone {
   }
 }
 
+export class UserPhoneView extends jspb.Message {
+  getId(): string;
+  setId(value: string): void;
+
+  getPhone(): string;
+  setPhone(value: string): void;
+
+  getIsPhoneVerified(): boolean;
+  setIsPhoneVerified(value: boolean): void;
+
+  getSequence(): number;
+  setSequence(value: number): void;
+
+  getCreationDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setCreationDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasCreationDate(): boolean;
+  clearCreationDate(): void;
+
+  getChangeDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setChangeDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasChangeDate(): boolean;
+  clearChangeDate(): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): UserPhoneView.AsObject;
+  static toObject(includeInstance: boolean, msg: UserPhoneView): UserPhoneView.AsObject;
+  static serializeBinaryToWriter(message: UserPhoneView, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): UserPhoneView;
+  static deserializeBinaryFromReader(message: UserPhoneView, reader: jspb.BinaryReader): UserPhoneView;
+}
+
+export namespace UserPhoneView {
+  export type AsObject = {
+    id: string,
+    phone: string,
+    isPhoneVerified: boolean,
+    sequence: number,
+    creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+  }
+}
+
 export class UpdateUserPhoneRequest extends jspb.Message {
   getPhone(): string;
   setPhone(value: string): void;
@@ -522,6 +684,60 @@ export namespace UserAddress {
   }
 }
 
+export class UserAddressView extends jspb.Message {
+  getId(): string;
+  setId(value: string): void;
+
+  getCountry(): string;
+  setCountry(value: string): void;
+
+  getLocality(): string;
+  setLocality(value: string): void;
+
+  getPostalCode(): string;
+  setPostalCode(value: string): void;
+
+  getRegion(): string;
+  setRegion(value: string): void;
+
+  getStreetAddress(): string;
+  setStreetAddress(value: string): void;
+
+  getSequence(): number;
+  setSequence(value: number): void;
+
+  getCreationDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setCreationDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasCreationDate(): boolean;
+  clearCreationDate(): void;
+
+  getChangeDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setChangeDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasChangeDate(): boolean;
+  clearChangeDate(): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): UserAddressView.AsObject;
+  static toObject(includeInstance: boolean, msg: UserAddressView): UserAddressView.AsObject;
+  static serializeBinaryToWriter(message: UserAddressView, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): UserAddressView;
+  static deserializeBinaryFromReader(message: UserAddressView, reader: jspb.BinaryReader): UserAddressView;
+}
+
+export namespace UserAddressView {
+  export type AsObject = {
+    id: string,
+    country: string,
+    locality: string,
+    postalCode: string,
+    region: string,
+    streetAddress: string,
+    sequence: number,
+    creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+  }
+}
+
 export class UpdateUserAddressRequest extends jspb.Message {
   getCountry(): string;
   setCountry(value: string): void;

console/src/app/proto/generated/management_grpc_web_pb.d.ts

@@ -10,6 +10,7 @@ import * as google_protobuf_descriptor_pb from 'google-protobuf/google/protobuf/
 import * as authoption_options_pb from './authoption/options_pb';
 
 import {
+  AddOrgDomainRequest,
   AddOrgMemberRequest,
   Application,
   ApplicationID,
@@ -24,12 +25,15 @@ import {
   ClientSecret,
   CreateUserRequest,
   GrantedProjectSearchRequest,
+  Iam,
   MultiFactors,
   OIDCApplicationCreate,
   OIDCConfig,
   OIDCConfigUpdate,
   Org,
   OrgDomain,
+  OrgDomainSearchRequest,
+  OrgDomainSearchResponse,
   OrgID,
   OrgMember,
   OrgMemberRoles,
@@ -88,6 +92,7 @@ import {
   ProjectUserGrantID,
   ProjectUserGrantSearchRequest,
   ProjectUserGrantUpdate,
+  RemoveOrgDomainRequest,
   RemoveOrgMemberRequest,
   SetPasswordNotificationRequest,
   UniqueUserRequest,
@@ -98,8 +103,10 @@ import {
   UpdateUserProfileRequest,
   User,
   UserAddress,
+  UserAddressView,
   UserEmail,
   UserEmailID,
+  UserEmailView,
   UserGrant,
   UserGrantCreate,
   UserGrantID,
@@ -108,7 +115,9 @@ import {
   UserGrantUpdate,
   UserID,
   UserPhone,
+  UserPhoneView,
   UserProfile,
+  UserProfileView,
   UserSearchRequest,
   UserSearchResponse,
   UserView} from './management_pb';
@@ -139,12 +148,19 @@ export class ManagementServiceClient {
                response: google_protobuf_struct_pb.Struct) => void
   ): grpcWeb.ClientReadableStream<google_protobuf_struct_pb.Struct>;
 
+  getIam(
+    request: google_protobuf_empty_pb.Empty,
+    metadata: grpcWeb.Metadata | undefined,
+    callback: (err: grpcWeb.Error,
+               response: Iam) => void
+  ): grpcWeb.ClientReadableStream<Iam>;
+
   getUserByID(
     request: UserID,
     metadata: grpcWeb.Metadata | undefined,
     callback: (err: grpcWeb.Error,
-               response: User) => void
-  ): grpcWeb.ClientReadableStream<User>;
+               response: UserView) => void
+  ): grpcWeb.ClientReadableStream<UserView>;
 
   getUserByEmailGlobal(
     request: UserEmailID,
@@ -241,8 +257,8 @@ export class ManagementServiceClient {
     request: UserID,
     metadata: grpcWeb.Metadata | undefined,
     callback: (err: grpcWeb.Error,
-               response: UserProfile) => void
-  ): grpcWeb.ClientReadableStream<UserProfile>;
+               response: UserProfileView) => void
+  ): grpcWeb.ClientReadableStream<UserProfileView>;
 
   updateUserProfile(
     request: UpdateUserProfileRequest,
@@ -255,8 +271,8 @@ export class ManagementServiceClient {
     request: UserID,
     metadata: grpcWeb.Metadata | undefined,
     callback: (err: grpcWeb.Error,
-               response: UserEmail) => void
-  ): grpcWeb.ClientReadableStream<UserEmail>;
+               response: UserEmailView) => void
+  ): grpcWeb.ClientReadableStream<UserEmailView>;
 
   changeUserEmail(
     request: UpdateUserEmailRequest,
@@ -276,8 +292,8 @@ export class ManagementServiceClient {
     request: UserID,
     metadata: grpcWeb.Metadata | undefined,
     callback: (err: grpcWeb.Error,
-               response: UserPhone) => void
-  ): grpcWeb.ClientReadableStream<UserPhone>;
+               response: UserPhoneView) => void
+  ): grpcWeb.ClientReadableStream<UserPhoneView>;
 
   changeUserPhone(
     request: UpdateUserPhoneRequest,
@@ -297,8 +313,8 @@ export class ManagementServiceClient {
     request: UserID,
     metadata: grpcWeb.Metadata | undefined,
     callback: (err: grpcWeb.Error,
-               response: UserAddress) => void
-  ): grpcWeb.ClientReadableStream<UserAddress>;
+               response: UserAddressView) => void
+  ): grpcWeb.ClientReadableStream<UserAddressView>;
 
   updateUserAddress(
     request: UpdateUserAddressRequest,
@@ -440,6 +456,27 @@ export class ManagementServiceClient {
                response: Org) => void
   ): grpcWeb.ClientReadableStream<Org>;
 
+  searchMyOrgDomains(
+    request: OrgDomainSearchRequest,
+    metadata: grpcWeb.Metadata | undefined,
+    callback: (err: grpcWeb.Error,
+               response: OrgDomainSearchResponse) => void
+  ): grpcWeb.ClientReadableStream<OrgDomainSearchResponse>;
+
+  addMyOrgDomain(
+    request: AddOrgDomainRequest,
+    metadata: grpcWeb.Metadata | undefined,
+    callback: (err: grpcWeb.Error,
+               response: OrgDomain) => void
+  ): grpcWeb.ClientReadableStream<OrgDomain>;
+
+  removeMyOrgDomain(
+    request: RemoveOrgDomainRequest,
+    metadata: grpcWeb.Metadata | undefined,
+    callback: (err: grpcWeb.Error,
+               response: google_protobuf_empty_pb.Empty) => void
+  ): grpcWeb.ClientReadableStream<google_protobuf_empty_pb.Empty>;
+
   getOrgMemberRoles(
     request: google_protobuf_empty_pb.Empty,
     metadata: grpcWeb.Metadata | undefined,
@@ -903,10 +940,15 @@ export class ManagementServicePromiseClient {
     metadata?: grpcWeb.Metadata
   ): Promise<google_protobuf_struct_pb.Struct>;
 
+  getIam(
+    request: google_protobuf_empty_pb.Empty,
+    metadata?: grpcWeb.Metadata
+  ): Promise<Iam>;
+
   getUserByID(
     request: UserID,
     metadata?: grpcWeb.Metadata
-  ): Promise<User>;
+  ): Promise<UserView>;
 
   getUserByEmailGlobal(
     request: UserEmailID,
@@ -976,7 +1018,7 @@ export class ManagementServicePromiseClient {
   getUserProfile(
     request: UserID,
     metadata?: grpcWeb.Metadata
-  ): Promise<UserProfile>;
+  ): Promise<UserProfileView>;
 
   updateUserProfile(
     request: UpdateUserProfileRequest,
@@ -986,7 +1028,7 @@ export class ManagementServicePromiseClient {
   getUserEmail(
     request: UserID,
     metadata?: grpcWeb.Metadata
-  ): Promise<UserEmail>;
+  ): Promise<UserEmailView>;
 
   changeUserEmail(
     request: UpdateUserEmailRequest,
@@ -1001,7 +1043,7 @@ export class ManagementServicePromiseClient {
   getUserPhone(
     request: UserID,
     metadata?: grpcWeb.Metadata
-  ): Promise<UserPhone>;
+  ): Promise<UserPhoneView>;
 
   changeUserPhone(
     request: UpdateUserPhoneRequest,
@@ -1016,7 +1058,7 @@ export class ManagementServicePromiseClient {
   getUserAddress(
     request: UserID,
     metadata?: grpcWeb.Metadata
-  ): Promise<UserAddress>;
+  ): Promise<UserAddressView>;
 
   updateUserAddress(
     request: UpdateUserAddressRequest,
@@ -1118,6 +1160,21 @@ export class ManagementServicePromiseClient {
     metadata?: grpcWeb.Metadata
   ): Promise<Org>;
 
+  searchMyOrgDomains(
+    request: OrgDomainSearchRequest,
+    metadata?: grpcWeb.Metadata
+  ): Promise<OrgDomainSearchResponse>;
+
+  addMyOrgDomain(
+    request: AddOrgDomainRequest,
+    metadata?: grpcWeb.Metadata
+  ): Promise<OrgDomain>;
+
+  removeMyOrgDomain(
+    request: RemoveOrgDomainRequest,
+    metadata?: grpcWeb.Metadata
+  ): Promise<google_protobuf_empty_pb.Empty>;
+
   getOrgMemberRoles(
     request: google_protobuf_empty_pb.Empty,
     metadata?: grpcWeb.Metadata

console/src/app/proto/generated/management_grpc_web_pb.js

@@ -326,17 +326,97 @@ proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.va
 };
 
 
+/**
+ * @const
+ * @type {!grpc.web.MethodDescriptor<
+ *   !proto.google.protobuf.Empty,
+ *   !proto.caos.zitadel.management.api.v1.Iam>}
+ */
+const methodDescriptor_ManagementService_GetIam = new grpc.web.MethodDescriptor(
+  '/caos.zitadel.management.api.v1.ManagementService/GetIam',
+  grpc.web.MethodType.UNARY,
+  google_protobuf_empty_pb.Empty,
+  proto.caos.zitadel.management.api.v1.Iam,
+  /**
+   * @param {!proto.google.protobuf.Empty} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.management.api.v1.Iam.deserializeBinary
+);
+
+
+/**
+ * @const
+ * @type {!grpc.web.AbstractClientBase.MethodInfo<
+ *   !proto.google.protobuf.Empty,
+ *   !proto.caos.zitadel.management.api.v1.Iam>}
+ */
+const methodInfo_ManagementService_GetIam = new grpc.web.AbstractClientBase.MethodInfo(
+  proto.caos.zitadel.management.api.v1.Iam,
+  /**
+   * @param {!proto.google.protobuf.Empty} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.management.api.v1.Iam.deserializeBinary
+);
+
+
+/**
+ * @param {!proto.google.protobuf.Empty} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.Iam)}
+ *     callback The callback function(error, response)
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.Iam>|undefined}
+ *     The XHR Node Readable Stream
+ */
+proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.getIam =
+    function(request, metadata, callback) {
+  return this.client_.rpcCall(this.hostname_ +
+      '/caos.zitadel.management.api.v1.ManagementService/GetIam',
+      request,
+      metadata || {},
+      methodDescriptor_ManagementService_GetIam,
+      callback);
+};
+
+
+/**
+ * @param {!proto.google.protobuf.Empty} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @return {!Promise<!proto.caos.zitadel.management.api.v1.Iam>}
+ *     A native promise that resolves to the response
+ */
+proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.getIam =
+    function(request, metadata) {
+  return this.client_.unaryCall(this.hostname_ +
+      '/caos.zitadel.management.api.v1.ManagementService/GetIam',
+      request,
+      metadata || {},
+      methodDescriptor_ManagementService_GetIam);
+};
+
+
 /**
  * @const
  * @type {!grpc.web.MethodDescriptor<
  *   !proto.caos.zitadel.management.api.v1.UserID,
- *   !proto.caos.zitadel.management.api.v1.User>}
+ *   !proto.caos.zitadel.management.api.v1.UserView>}
  */
 const methodDescriptor_ManagementService_GetUserByID = new grpc.web.MethodDescriptor(
   '/caos.zitadel.management.api.v1.ManagementService/GetUserByID',
   grpc.web.MethodType.UNARY,
   proto.caos.zitadel.management.api.v1.UserID,
-  proto.caos.zitadel.management.api.v1.User,
+  proto.caos.zitadel.management.api.v1.UserView,
   /**
    * @param {!proto.caos.zitadel.management.api.v1.UserID} request
    * @return {!Uint8Array}
@@ -344,7 +424,7 @@ const methodDescriptor_ManagementService_GetUserByID = new grpc.web.MethodDescri
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.management.api.v1.User.deserializeBinary
+  proto.caos.zitadel.management.api.v1.UserView.deserializeBinary
 );
 
 
@@ -352,10 +432,10 @@ const methodDescriptor_ManagementService_GetUserByID = new grpc.web.MethodDescri
  * @const
  * @type {!grpc.web.AbstractClientBase.MethodInfo<
  *   !proto.caos.zitadel.management.api.v1.UserID,
- *   !proto.caos.zitadel.management.api.v1.User>}
+ *   !proto.caos.zitadel.management.api.v1.UserView>}
  */
 const methodInfo_ManagementService_GetUserByID = new grpc.web.AbstractClientBase.MethodInfo(
-  proto.caos.zitadel.management.api.v1.User,
+  proto.caos.zitadel.management.api.v1.UserView,
   /**
    * @param {!proto.caos.zitadel.management.api.v1.UserID} request
    * @return {!Uint8Array}
@@ -363,7 +443,7 @@ const methodInfo_ManagementService_GetUserByID = new grpc.web.AbstractClientBase
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.management.api.v1.User.deserializeBinary
+  proto.caos.zitadel.management.api.v1.UserView.deserializeBinary
 );
 
 
@@ -372,9 +452,9 @@ const methodInfo_ManagementService_GetUserByID = new grpc.web.AbstractClientBase
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.User)}
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.UserView)}
  *     callback The callback function(error, response)
- * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.User>|undefined}
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.UserView>|undefined}
  *     The XHR Node Readable Stream
  */
 proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.getUserByID =
@@ -393,7 +473,7 @@ proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.getUserBy
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @return {!Promise<!proto.caos.zitadel.management.api.v1.User>}
+ * @return {!Promise<!proto.caos.zitadel.management.api.v1.UserView>}
  *     A native promise that resolves to the response
  */
 proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.getUserByID =
@@ -1450,13 +1530,13 @@ proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.pr
  * @const
  * @type {!grpc.web.MethodDescriptor<
  *   !proto.caos.zitadel.management.api.v1.UserID,
- *   !proto.caos.zitadel.management.api.v1.UserProfile>}
+ *   !proto.caos.zitadel.management.api.v1.UserProfileView>}
  */
 const methodDescriptor_ManagementService_GetUserProfile = new grpc.web.MethodDescriptor(
   '/caos.zitadel.management.api.v1.ManagementService/GetUserProfile',
   grpc.web.MethodType.UNARY,
   proto.caos.zitadel.management.api.v1.UserID,
-  proto.caos.zitadel.management.api.v1.UserProfile,
+  proto.caos.zitadel.management.api.v1.UserProfileView,
   /**
    * @param {!proto.caos.zitadel.management.api.v1.UserID} request
    * @return {!Uint8Array}
@@ -1464,7 +1544,7 @@ const methodDescriptor_ManagementService_GetUserProfile = new grpc.web.MethodDes
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.management.api.v1.UserProfile.deserializeBinary
+  proto.caos.zitadel.management.api.v1.UserProfileView.deserializeBinary
 );
 
 
@@ -1472,10 +1552,10 @@ const methodDescriptor_ManagementService_GetUserProfile = new grpc.web.MethodDes
  * @const
  * @type {!grpc.web.AbstractClientBase.MethodInfo<
  *   !proto.caos.zitadel.management.api.v1.UserID,
- *   !proto.caos.zitadel.management.api.v1.UserProfile>}
+ *   !proto.caos.zitadel.management.api.v1.UserProfileView>}
  */
 const methodInfo_ManagementService_GetUserProfile = new grpc.web.AbstractClientBase.MethodInfo(
-  proto.caos.zitadel.management.api.v1.UserProfile,
+  proto.caos.zitadel.management.api.v1.UserProfileView,
   /**
    * @param {!proto.caos.zitadel.management.api.v1.UserID} request
    * @return {!Uint8Array}
@@ -1483,7 +1563,7 @@ const methodInfo_ManagementService_GetUserProfile = new grpc.web.AbstractClientB
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.management.api.v1.UserProfile.deserializeBinary
+  proto.caos.zitadel.management.api.v1.UserProfileView.deserializeBinary
 );
 
 
@@ -1492,9 +1572,9 @@ const methodInfo_ManagementService_GetUserProfile = new grpc.web.AbstractClientB
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.UserProfile)}
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.UserProfileView)}
  *     callback The callback function(error, response)
- * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.UserProfile>|undefined}
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.UserProfileView>|undefined}
  *     The XHR Node Readable Stream
  */
 proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.getUserProfile =
@@ -1513,7 +1593,7 @@ proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.getUserPr
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @return {!Promise<!proto.caos.zitadel.management.api.v1.UserProfile>}
+ * @return {!Promise<!proto.caos.zitadel.management.api.v1.UserProfileView>}
  *     A native promise that resolves to the response
  */
 proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.getUserProfile =
@@ -1610,13 +1690,13 @@ proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.up
  * @const
  * @type {!grpc.web.MethodDescriptor<
  *   !proto.caos.zitadel.management.api.v1.UserID,
- *   !proto.caos.zitadel.management.api.v1.UserEmail>}
+ *   !proto.caos.zitadel.management.api.v1.UserEmailView>}
  */
 const methodDescriptor_ManagementService_GetUserEmail = new grpc.web.MethodDescriptor(
   '/caos.zitadel.management.api.v1.ManagementService/GetUserEmail',
   grpc.web.MethodType.UNARY,
   proto.caos.zitadel.management.api.v1.UserID,
-  proto.caos.zitadel.management.api.v1.UserEmail,
+  proto.caos.zitadel.management.api.v1.UserEmailView,
   /**
    * @param {!proto.caos.zitadel.management.api.v1.UserID} request
    * @return {!Uint8Array}
@@ -1624,7 +1704,7 @@ const methodDescriptor_ManagementService_GetUserEmail = new grpc.web.MethodDescr
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.management.api.v1.UserEmail.deserializeBinary
+  proto.caos.zitadel.management.api.v1.UserEmailView.deserializeBinary
 );
 
 
@@ -1632,10 +1712,10 @@ const methodDescriptor_ManagementService_GetUserEmail = new grpc.web.MethodDescr
  * @const
  * @type {!grpc.web.AbstractClientBase.MethodInfo<
  *   !proto.caos.zitadel.management.api.v1.UserID,
- *   !proto.caos.zitadel.management.api.v1.UserEmail>}
+ *   !proto.caos.zitadel.management.api.v1.UserEmailView>}
  */
 const methodInfo_ManagementService_GetUserEmail = new grpc.web.AbstractClientBase.MethodInfo(
-  proto.caos.zitadel.management.api.v1.UserEmail,
+  proto.caos.zitadel.management.api.v1.UserEmailView,
   /**
    * @param {!proto.caos.zitadel.management.api.v1.UserID} request
    * @return {!Uint8Array}
@@ -1643,7 +1723,7 @@ const methodInfo_ManagementService_GetUserEmail = new grpc.web.AbstractClientBas
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.management.api.v1.UserEmail.deserializeBinary
+  proto.caos.zitadel.management.api.v1.UserEmailView.deserializeBinary
 );
 
 
@@ -1652,9 +1732,9 @@ const methodInfo_ManagementService_GetUserEmail = new grpc.web.AbstractClientBas
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.UserEmail)}
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.UserEmailView)}
  *     callback The callback function(error, response)
- * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.UserEmail>|undefined}
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.UserEmailView>|undefined}
  *     The XHR Node Readable Stream
  */
 proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.getUserEmail =
@@ -1673,7 +1753,7 @@ proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.getUserEm
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @return {!Promise<!proto.caos.zitadel.management.api.v1.UserEmail>}
+ * @return {!Promise<!proto.caos.zitadel.management.api.v1.UserEmailView>}
  *     A native promise that resolves to the response
  */
 proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.getUserEmail =
@@ -1850,13 +1930,13 @@ proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.re
  * @const
  * @type {!grpc.web.MethodDescriptor<
  *   !proto.caos.zitadel.management.api.v1.UserID,
- *   !proto.caos.zitadel.management.api.v1.UserPhone>}
+ *   !proto.caos.zitadel.management.api.v1.UserPhoneView>}
  */
 const methodDescriptor_ManagementService_GetUserPhone = new grpc.web.MethodDescriptor(
   '/caos.zitadel.management.api.v1.ManagementService/GetUserPhone',
   grpc.web.MethodType.UNARY,
   proto.caos.zitadel.management.api.v1.UserID,
-  proto.caos.zitadel.management.api.v1.UserPhone,
+  proto.caos.zitadel.management.api.v1.UserPhoneView,
   /**
    * @param {!proto.caos.zitadel.management.api.v1.UserID} request
    * @return {!Uint8Array}
@@ -1864,7 +1944,7 @@ const methodDescriptor_ManagementService_GetUserPhone = new grpc.web.MethodDescr
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.management.api.v1.UserPhone.deserializeBinary
+  proto.caos.zitadel.management.api.v1.UserPhoneView.deserializeBinary
 );
 
 
@@ -1872,10 +1952,10 @@ const methodDescriptor_ManagementService_GetUserPhone = new grpc.web.MethodDescr
  * @const
  * @type {!grpc.web.AbstractClientBase.MethodInfo<
  *   !proto.caos.zitadel.management.api.v1.UserID,
- *   !proto.caos.zitadel.management.api.v1.UserPhone>}
+ *   !proto.caos.zitadel.management.api.v1.UserPhoneView>}
  */
 const methodInfo_ManagementService_GetUserPhone = new grpc.web.AbstractClientBase.MethodInfo(
-  proto.caos.zitadel.management.api.v1.UserPhone,
+  proto.caos.zitadel.management.api.v1.UserPhoneView,
   /**
    * @param {!proto.caos.zitadel.management.api.v1.UserID} request
    * @return {!Uint8Array}
@@ -1883,7 +1963,7 @@ const methodInfo_ManagementService_GetUserPhone = new grpc.web.AbstractClientBas
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.management.api.v1.UserPhone.deserializeBinary
+  proto.caos.zitadel.management.api.v1.UserPhoneView.deserializeBinary
 );
 
 
@@ -1892,9 +1972,9 @@ const methodInfo_ManagementService_GetUserPhone = new grpc.web.AbstractClientBas
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.UserPhone)}
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.UserPhoneView)}
  *     callback The callback function(error, response)
- * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.UserPhone>|undefined}
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.UserPhoneView>|undefined}
  *     The XHR Node Readable Stream
  */
 proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.getUserPhone =
@@ -1913,7 +1993,7 @@ proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.getUserPh
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @return {!Promise<!proto.caos.zitadel.management.api.v1.UserPhone>}
+ * @return {!Promise<!proto.caos.zitadel.management.api.v1.UserPhoneView>}
  *     A native promise that resolves to the response
  */
 proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.getUserPhone =
@@ -2090,13 +2170,13 @@ proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.re
  * @const
  * @type {!grpc.web.MethodDescriptor<
  *   !proto.caos.zitadel.management.api.v1.UserID,
- *   !proto.caos.zitadel.management.api.v1.UserAddress>}
+ *   !proto.caos.zitadel.management.api.v1.UserAddressView>}
  */
 const methodDescriptor_ManagementService_GetUserAddress = new grpc.web.MethodDescriptor(
   '/caos.zitadel.management.api.v1.ManagementService/GetUserAddress',
   grpc.web.MethodType.UNARY,
   proto.caos.zitadel.management.api.v1.UserID,
-  proto.caos.zitadel.management.api.v1.UserAddress,
+  proto.caos.zitadel.management.api.v1.UserAddressView,
   /**
    * @param {!proto.caos.zitadel.management.api.v1.UserID} request
    * @return {!Uint8Array}
@@ -2104,7 +2184,7 @@ const methodDescriptor_ManagementService_GetUserAddress = new grpc.web.MethodDes
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.management.api.v1.UserAddress.deserializeBinary
+  proto.caos.zitadel.management.api.v1.UserAddressView.deserializeBinary
 );
 
 
@@ -2112,10 +2192,10 @@ const methodDescriptor_ManagementService_GetUserAddress = new grpc.web.MethodDes
  * @const
  * @type {!grpc.web.AbstractClientBase.MethodInfo<
  *   !proto.caos.zitadel.management.api.v1.UserID,
- *   !proto.caos.zitadel.management.api.v1.UserAddress>}
+ *   !proto.caos.zitadel.management.api.v1.UserAddressView>}
  */
 const methodInfo_ManagementService_GetUserAddress = new grpc.web.AbstractClientBase.MethodInfo(
-  proto.caos.zitadel.management.api.v1.UserAddress,
+  proto.caos.zitadel.management.api.v1.UserAddressView,
   /**
    * @param {!proto.caos.zitadel.management.api.v1.UserID} request
    * @return {!Uint8Array}
@@ -2123,7 +2203,7 @@ const methodInfo_ManagementService_GetUserAddress = new grpc.web.AbstractClientB
   function(request) {
     return request.serializeBinary();
   },
-  proto.caos.zitadel.management.api.v1.UserAddress.deserializeBinary
+  proto.caos.zitadel.management.api.v1.UserAddressView.deserializeBinary
 );
 
 
@@ -2132,9 +2212,9 @@ const methodInfo_ManagementService_GetUserAddress = new grpc.web.AbstractClientB
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.UserAddress)}
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.UserAddressView)}
  *     callback The callback function(error, response)
- * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.UserAddress>|undefined}
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.UserAddressView>|undefined}
  *     The XHR Node Readable Stream
  */
 proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.getUserAddress =
@@ -2153,7 +2233,7 @@ proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.getUserAd
  *     request proto
  * @param {?Object<string, string>} metadata User defined
  *     call metadata
- * @return {!Promise<!proto.caos.zitadel.management.api.v1.UserAddress>}
+ * @return {!Promise<!proto.caos.zitadel.management.api.v1.UserAddressView>}
  *     A native promise that resolves to the response
  */
 proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.getUserAddress =
@@ -3766,6 +3846,246 @@ proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.re
 };
 
 
+/**
+ * @const
+ * @type {!grpc.web.MethodDescriptor<
+ *   !proto.caos.zitadel.management.api.v1.OrgDomainSearchRequest,
+ *   !proto.caos.zitadel.management.api.v1.OrgDomainSearchResponse>}
+ */
+const methodDescriptor_ManagementService_SearchMyOrgDomains = new grpc.web.MethodDescriptor(
+  '/caos.zitadel.management.api.v1.ManagementService/SearchMyOrgDomains',
+  grpc.web.MethodType.UNARY,
+  proto.caos.zitadel.management.api.v1.OrgDomainSearchRequest,
+  proto.caos.zitadel.management.api.v1.OrgDomainSearchResponse,
+  /**
+   * @param {!proto.caos.zitadel.management.api.v1.OrgDomainSearchRequest} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.management.api.v1.OrgDomainSearchResponse.deserializeBinary
+);
+
+
+/**
+ * @const
+ * @type {!grpc.web.AbstractClientBase.MethodInfo<
+ *   !proto.caos.zitadel.management.api.v1.OrgDomainSearchRequest,
+ *   !proto.caos.zitadel.management.api.v1.OrgDomainSearchResponse>}
+ */
+const methodInfo_ManagementService_SearchMyOrgDomains = new grpc.web.AbstractClientBase.MethodInfo(
+  proto.caos.zitadel.management.api.v1.OrgDomainSearchResponse,
+  /**
+   * @param {!proto.caos.zitadel.management.api.v1.OrgDomainSearchRequest} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.management.api.v1.OrgDomainSearchResponse.deserializeBinary
+);
+
+
+/**
+ * @param {!proto.caos.zitadel.management.api.v1.OrgDomainSearchRequest} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.OrgDomainSearchResponse)}
+ *     callback The callback function(error, response)
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.OrgDomainSearchResponse>|undefined}
+ *     The XHR Node Readable Stream
+ */
+proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.searchMyOrgDomains =
+    function(request, metadata, callback) {
+  return this.client_.rpcCall(this.hostname_ +
+      '/caos.zitadel.management.api.v1.ManagementService/SearchMyOrgDomains',
+      request,
+      metadata || {},
+      methodDescriptor_ManagementService_SearchMyOrgDomains,
+      callback);
+};
+
+
+/**
+ * @param {!proto.caos.zitadel.management.api.v1.OrgDomainSearchRequest} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @return {!Promise<!proto.caos.zitadel.management.api.v1.OrgDomainSearchResponse>}
+ *     A native promise that resolves to the response
+ */
+proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.searchMyOrgDomains =
+    function(request, metadata) {
+  return this.client_.unaryCall(this.hostname_ +
+      '/caos.zitadel.management.api.v1.ManagementService/SearchMyOrgDomains',
+      request,
+      metadata || {},
+      methodDescriptor_ManagementService_SearchMyOrgDomains);
+};
+
+
+/**
+ * @const
+ * @type {!grpc.web.MethodDescriptor<
+ *   !proto.caos.zitadel.management.api.v1.AddOrgDomainRequest,
+ *   !proto.caos.zitadel.management.api.v1.OrgDomain>}
+ */
+const methodDescriptor_ManagementService_AddMyOrgDomain = new grpc.web.MethodDescriptor(
+  '/caos.zitadel.management.api.v1.ManagementService/AddMyOrgDomain',
+  grpc.web.MethodType.UNARY,
+  proto.caos.zitadel.management.api.v1.AddOrgDomainRequest,
+  proto.caos.zitadel.management.api.v1.OrgDomain,
+  /**
+   * @param {!proto.caos.zitadel.management.api.v1.AddOrgDomainRequest} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.management.api.v1.OrgDomain.deserializeBinary
+);
+
+
+/**
+ * @const
+ * @type {!grpc.web.AbstractClientBase.MethodInfo<
+ *   !proto.caos.zitadel.management.api.v1.AddOrgDomainRequest,
+ *   !proto.caos.zitadel.management.api.v1.OrgDomain>}
+ */
+const methodInfo_ManagementService_AddMyOrgDomain = new grpc.web.AbstractClientBase.MethodInfo(
+  proto.caos.zitadel.management.api.v1.OrgDomain,
+  /**
+   * @param {!proto.caos.zitadel.management.api.v1.AddOrgDomainRequest} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  proto.caos.zitadel.management.api.v1.OrgDomain.deserializeBinary
+);
+
+
+/**
+ * @param {!proto.caos.zitadel.management.api.v1.AddOrgDomainRequest} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @param {function(?grpc.web.Error, ?proto.caos.zitadel.management.api.v1.OrgDomain)}
+ *     callback The callback function(error, response)
+ * @return {!grpc.web.ClientReadableStream<!proto.caos.zitadel.management.api.v1.OrgDomain>|undefined}
+ *     The XHR Node Readable Stream
+ */
+proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.addMyOrgDomain =
+    function(request, metadata, callback) {
+  return this.client_.rpcCall(this.hostname_ +
+      '/caos.zitadel.management.api.v1.ManagementService/AddMyOrgDomain',
+      request,
+      metadata || {},
+      methodDescriptor_ManagementService_AddMyOrgDomain,
+      callback);
+};
+
+
+/**
+ * @param {!proto.caos.zitadel.management.api.v1.AddOrgDomainRequest} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @return {!Promise<!proto.caos.zitadel.management.api.v1.OrgDomain>}
+ *     A native promise that resolves to the response
+ */
+proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.addMyOrgDomain =
+    function(request, metadata) {
+  return this.client_.unaryCall(this.hostname_ +
+      '/caos.zitadel.management.api.v1.ManagementService/AddMyOrgDomain',
+      request,
+      metadata || {},
+      methodDescriptor_ManagementService_AddMyOrgDomain);
+};
+
+
+/**
+ * @const
+ * @type {!grpc.web.MethodDescriptor<
+ *   !proto.caos.zitadel.management.api.v1.RemoveOrgDomainRequest,
+ *   !proto.google.protobuf.Empty>}
+ */
+const methodDescriptor_ManagementService_RemoveMyOrgDomain = new grpc.web.MethodDescriptor(
+  '/caos.zitadel.management.api.v1.ManagementService/RemoveMyOrgDomain',
+  grpc.web.MethodType.UNARY,
+  proto.caos.zitadel.management.api.v1.RemoveOrgDomainRequest,
+  google_protobuf_empty_pb.Empty,
+  /**
+   * @param {!proto.caos.zitadel.management.api.v1.RemoveOrgDomainRequest} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  google_protobuf_empty_pb.Empty.deserializeBinary
+);
+
+
+/**
+ * @const
+ * @type {!grpc.web.AbstractClientBase.MethodInfo<
+ *   !proto.caos.zitadel.management.api.v1.RemoveOrgDomainRequest,
+ *   !proto.google.protobuf.Empty>}
+ */
+const methodInfo_ManagementService_RemoveMyOrgDomain = new grpc.web.AbstractClientBase.MethodInfo(
+  google_protobuf_empty_pb.Empty,
+  /**
+   * @param {!proto.caos.zitadel.management.api.v1.RemoveOrgDomainRequest} request
+   * @return {!Uint8Array}
+   */
+  function(request) {
+    return request.serializeBinary();
+  },
+  google_protobuf_empty_pb.Empty.deserializeBinary
+);
+
+
+/**
+ * @param {!proto.caos.zitadel.management.api.v1.RemoveOrgDomainRequest} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @param {function(?grpc.web.Error, ?proto.google.protobuf.Empty)}
+ *     callback The callback function(error, response)
+ * @return {!grpc.web.ClientReadableStream<!proto.google.protobuf.Empty>|undefined}
+ *     The XHR Node Readable Stream
+ */
+proto.caos.zitadel.management.api.v1.ManagementServiceClient.prototype.removeMyOrgDomain =
+    function(request, metadata, callback) {
+  return this.client_.rpcCall(this.hostname_ +
+      '/caos.zitadel.management.api.v1.ManagementService/RemoveMyOrgDomain',
+      request,
+      metadata || {},
+      methodDescriptor_ManagementService_RemoveMyOrgDomain,
+      callback);
+};
+
+
+/**
+ * @param {!proto.caos.zitadel.management.api.v1.RemoveOrgDomainRequest} request The
+ *     request proto
+ * @param {?Object<string, string>} metadata User defined
+ *     call metadata
+ * @return {!Promise<!proto.google.protobuf.Empty>}
+ *     A native promise that resolves to the response
+ */
+proto.caos.zitadel.management.api.v1.ManagementServicePromiseClient.prototype.removeMyOrgDomain =
+    function(request, metadata) {
+  return this.client_.unaryCall(this.hostname_ +
+      '/caos.zitadel.management.api.v1.ManagementService/RemoveMyOrgDomain',
+      request,
+      metadata || {},
+      methodDescriptor_ManagementService_RemoveMyOrgDomain);
+};
+
+
 /**
  * @const
  * @type {!grpc.web.MethodDescriptor<

console/src/app/proto/generated/management_pb.d.ts

@@ -9,10 +9,43 @@ import * as validate_validate_pb from './validate/validate_pb';
 import * as google_protobuf_descriptor_pb from 'google-protobuf/google/protobuf/descriptor_pb';
 import * as authoption_options_pb from './authoption/options_pb';
 
+export class Iam extends jspb.Message {
+  getGlobalOrgId(): string;
+  setGlobalOrgId(value: string): void;
+
+  getIamProjectId(): string;
+  setIamProjectId(value: string): void;
+
+  getSetUpDone(): boolean;
+  setSetUpDone(value: boolean): void;
+
+  getSetUpStarted(): boolean;
+  setSetUpStarted(value: boolean): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): Iam.AsObject;
+  static toObject(includeInstance: boolean, msg: Iam): Iam.AsObject;
+  static serializeBinaryToWriter(message: Iam, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): Iam;
+  static deserializeBinaryFromReader(message: Iam, reader: jspb.BinaryReader): Iam;
+}
+
+export namespace Iam {
+  export type AsObject = {
+    globalOrgId: string,
+    iamProjectId: string,
+    setUpDone: boolean,
+    setUpStarted: boolean,
+  }
+}
+
 export class ChangeRequest extends jspb.Message {
   getId(): string;
   setId(value: string): void;
 
+  getSecId(): string;
+  setSecId(value: string): void;
+
   getLimit(): number;
   setLimit(value: number): void;
 
@@ -30,6 +63,7 @@ export class ChangeRequest extends jspb.Message {
 export namespace ChangeRequest {
   export type AsObject = {
     id: string,
+    secId: string,
     limit: number,
     sequenceOffset: number,
   }
@@ -230,9 +264,6 @@ export class CreateUserRequest extends jspb.Message {
   getNickName(): string;
   setNickName(value: string): void;
 
-  getDisplayName(): string;
-  setDisplayName(value: string): void;
-
   getPreferredLanguage(): string;
   setPreferredLanguage(value: string): void;
 
@@ -283,7 +314,6 @@ export namespace CreateUserRequest {
     firstName: string,
     lastName: string,
     nickName: string,
-    displayName: string,
     preferredLanguage: string,
     gender: Gender,
     email: string,
@@ -482,6 +512,14 @@ export class UserView extends jspb.Message {
   getResourceOwner(): string;
   setResourceOwner(value: string): void;
 
+  getLoginNamesList(): Array<string>;
+  setLoginNamesList(value: Array<string>): void;
+  clearLoginNamesList(): void;
+  addLoginNames(value: string, index?: number): void;
+
+  getPreferredLoginName(): string;
+  setPreferredLoginName(value: string): void;
+
   serializeBinary(): Uint8Array;
   toObject(includeInstance?: boolean): UserView.AsObject;
   static toObject(includeInstance: boolean, msg: UserView): UserView.AsObject;
@@ -516,6 +554,8 @@ export namespace UserView {
     streetAddress: string,
     sequence: number,
     resourceOwner: string,
+    loginNamesList: Array<string>,
+    preferredLoginName: string,
   }
 }
 
@@ -675,7 +715,7 @@ export namespace UserProfile {
   }
 }
 
-export class UpdateUserProfileRequest extends jspb.Message {
+export class UserProfileView extends jspb.Message {
   getId(): string;
   setId(value: string): void;
 
@@ -697,6 +737,75 @@ export class UpdateUserProfileRequest extends jspb.Message {
   getGender(): Gender;
   setGender(value: Gender): void;
 
+  getUserName(): string;
+  setUserName(value: string): void;
+
+  getSequence(): number;
+  setSequence(value: number): void;
+
+  getCreationDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setCreationDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasCreationDate(): boolean;
+  clearCreationDate(): void;
+
+  getChangeDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setChangeDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasChangeDate(): boolean;
+  clearChangeDate(): void;
+
+  getLoginNamesList(): Array<string>;
+  setLoginNamesList(value: Array<string>): void;
+  clearLoginNamesList(): void;
+  addLoginNames(value: string, index?: number): void;
+
+  getPreferredLoginName(): string;
+  setPreferredLoginName(value: string): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): UserProfileView.AsObject;
+  static toObject(includeInstance: boolean, msg: UserProfileView): UserProfileView.AsObject;
+  static serializeBinaryToWriter(message: UserProfileView, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): UserProfileView;
+  static deserializeBinaryFromReader(message: UserProfileView, reader: jspb.BinaryReader): UserProfileView;
+}
+
+export namespace UserProfileView {
+  export type AsObject = {
+    id: string,
+    firstName: string,
+    lastName: string,
+    nickName: string,
+    displayName: string,
+    preferredLanguage: string,
+    gender: Gender,
+    userName: string,
+    sequence: number,
+    creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    loginNamesList: Array<string>,
+    preferredLoginName: string,
+  }
+}
+
+export class UpdateUserProfileRequest extends jspb.Message {
+  getId(): string;
+  setId(value: string): void;
+
+  getFirstName(): string;
+  setFirstName(value: string): void;
+
+  getLastName(): string;
+  setLastName(value: string): void;
+
+  getNickName(): string;
+  setNickName(value: string): void;
+
+  getPreferredLanguage(): string;
+  setPreferredLanguage(value: string): void;
+
+  getGender(): Gender;
+  setGender(value: Gender): void;
+
   serializeBinary(): Uint8Array;
   toObject(includeInstance?: boolean): UpdateUserProfileRequest.AsObject;
   static toObject(includeInstance: boolean, msg: UpdateUserProfileRequest): UpdateUserProfileRequest.AsObject;
@@ -711,7 +820,6 @@ export namespace UpdateUserProfileRequest {
     firstName: string,
     lastName: string,
     nickName: string,
-    displayName: string,
     preferredLanguage: string,
     gender: Gender,
   }
@@ -759,6 +867,48 @@ export namespace UserEmail {
   }
 }
 
+export class UserEmailView extends jspb.Message {
+  getId(): string;
+  setId(value: string): void;
+
+  getEmail(): string;
+  setEmail(value: string): void;
+
+  getIsEmailVerified(): boolean;
+  setIsEmailVerified(value: boolean): void;
+
+  getSequence(): number;
+  setSequence(value: number): void;
+
+  getCreationDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setCreationDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasCreationDate(): boolean;
+  clearCreationDate(): void;
+
+  getChangeDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setChangeDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasChangeDate(): boolean;
+  clearChangeDate(): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): UserEmailView.AsObject;
+  static toObject(includeInstance: boolean, msg: UserEmailView): UserEmailView.AsObject;
+  static serializeBinaryToWriter(message: UserEmailView, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): UserEmailView;
+  static deserializeBinaryFromReader(message: UserEmailView, reader: jspb.BinaryReader): UserEmailView;
+}
+
+export namespace UserEmailView {
+  export type AsObject = {
+    id: string,
+    email: string,
+    isEmailVerified: boolean,
+    sequence: number,
+    creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+  }
+}
+
 export class UpdateUserEmailRequest extends jspb.Message {
   getId(): string;
   setId(value: string): void;
@@ -827,6 +977,48 @@ export namespace UserPhone {
   }
 }
 
+export class UserPhoneView extends jspb.Message {
+  getId(): string;
+  setId(value: string): void;
+
+  getPhone(): string;
+  setPhone(value: string): void;
+
+  getIsPhoneVerified(): boolean;
+  setIsPhoneVerified(value: boolean): void;
+
+  getSequence(): number;
+  setSequence(value: number): void;
+
+  getCreationDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setCreationDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasCreationDate(): boolean;
+  clearCreationDate(): void;
+
+  getChangeDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setChangeDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasChangeDate(): boolean;
+  clearChangeDate(): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): UserPhoneView.AsObject;
+  static toObject(includeInstance: boolean, msg: UserPhoneView): UserPhoneView.AsObject;
+  static serializeBinaryToWriter(message: UserPhoneView, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): UserPhoneView;
+  static deserializeBinaryFromReader(message: UserPhoneView, reader: jspb.BinaryReader): UserPhoneView;
+}
+
+export namespace UserPhoneView {
+  export type AsObject = {
+    id: string,
+    phone: string,
+    isPhoneVerified: boolean,
+    sequence: number,
+    creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+  }
+}
+
 export class UpdateUserPhoneRequest extends jspb.Message {
   getId(): string;
   setId(value: string): void;
@@ -907,6 +1099,60 @@ export namespace UserAddress {
   }
 }
 
+export class UserAddressView extends jspb.Message {
+  getId(): string;
+  setId(value: string): void;
+
+  getCountry(): string;
+  setCountry(value: string): void;
+
+  getLocality(): string;
+  setLocality(value: string): void;
+
+  getPostalCode(): string;
+  setPostalCode(value: string): void;
+
+  getRegion(): string;
+  setRegion(value: string): void;
+
+  getStreetAddress(): string;
+  setStreetAddress(value: string): void;
+
+  getSequence(): number;
+  setSequence(value: number): void;
+
+  getCreationDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setCreationDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasCreationDate(): boolean;
+  clearCreationDate(): void;
+
+  getChangeDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setChangeDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasChangeDate(): boolean;
+  clearChangeDate(): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): UserAddressView.AsObject;
+  static toObject(includeInstance: boolean, msg: UserAddressView): UserAddressView.AsObject;
+  static serializeBinaryToWriter(message: UserAddressView, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): UserAddressView;
+  static deserializeBinaryFromReader(message: UserAddressView, reader: jspb.BinaryReader): UserAddressView;
+}
+
+export namespace UserAddressView {
+  export type AsObject = {
+    id: string,
+    country: string,
+    locality: string,
+    postalCode: string,
+    region: string,
+    streetAddress: string,
+    sequence: number,
+    creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+  }
+}
+
 export class UpdateUserAddressRequest extends jspb.Message {
   getId(): string;
   setId(value: string): void;
@@ -1505,24 +1751,6 @@ export namespace OrgID {
   }
 }
 
-export class OrgDomain extends jspb.Message {
-  getDomain(): string;
-  setDomain(value: string): void;
-
-  serializeBinary(): Uint8Array;
-  toObject(includeInstance?: boolean): OrgDomain.AsObject;
-  static toObject(includeInstance: boolean, msg: OrgDomain): OrgDomain.AsObject;
-  static serializeBinaryToWriter(message: OrgDomain, writer: jspb.BinaryWriter): void;
-  static deserializeBinary(bytes: Uint8Array): OrgDomain;
-  static deserializeBinaryFromReader(message: OrgDomain, reader: jspb.BinaryReader): OrgDomain;
-}
-
-export namespace OrgDomain {
-  export type AsObject = {
-    domain: string,
-  }
-}
-
 export class Org extends jspb.Message {
   getId(): string;
   setId(value: string): void;
@@ -1543,9 +1771,6 @@ export class Org extends jspb.Message {
   getName(): string;
   setName(value: string): void;
 
-  getDomain(): string;
-  setDomain(value: string): void;
-
   getSequence(): number;
   setSequence(value: number): void;
 
@@ -1564,11 +1789,244 @@ export namespace Org {
     creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
     changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
     name: string,
-    domain: string,
     sequence: number,
   }
 }
 
+export class OrgDomains extends jspb.Message {
+  getDomainsList(): Array<OrgDomain>;
+  setDomainsList(value: Array<OrgDomain>): void;
+  clearDomainsList(): void;
+  addDomains(value?: OrgDomain, index?: number): OrgDomain;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): OrgDomains.AsObject;
+  static toObject(includeInstance: boolean, msg: OrgDomains): OrgDomains.AsObject;
+  static serializeBinaryToWriter(message: OrgDomains, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): OrgDomains;
+  static deserializeBinaryFromReader(message: OrgDomains, reader: jspb.BinaryReader): OrgDomains;
+}
+
+export namespace OrgDomains {
+  export type AsObject = {
+    domainsList: Array<OrgDomain.AsObject>,
+  }
+}
+
+export class OrgDomain extends jspb.Message {
+  getOrgId(): string;
+  setOrgId(value: string): void;
+
+  getCreationDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setCreationDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasCreationDate(): boolean;
+  clearCreationDate(): void;
+
+  getChangeDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setChangeDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasChangeDate(): boolean;
+  clearChangeDate(): void;
+
+  getDomain(): string;
+  setDomain(value: string): void;
+
+  getVerified(): boolean;
+  setVerified(value: boolean): void;
+
+  getPrimary(): boolean;
+  setPrimary(value: boolean): void;
+
+  getSequence(): number;
+  setSequence(value: number): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): OrgDomain.AsObject;
+  static toObject(includeInstance: boolean, msg: OrgDomain): OrgDomain.AsObject;
+  static serializeBinaryToWriter(message: OrgDomain, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): OrgDomain;
+  static deserializeBinaryFromReader(message: OrgDomain, reader: jspb.BinaryReader): OrgDomain;
+}
+
+export namespace OrgDomain {
+  export type AsObject = {
+    orgId: string,
+    creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    domain: string,
+    verified: boolean,
+    primary: boolean,
+    sequence: number,
+  }
+}
+
+export class OrgDomainView extends jspb.Message {
+  getOrgId(): string;
+  setOrgId(value: string): void;
+
+  getCreationDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setCreationDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasCreationDate(): boolean;
+  clearCreationDate(): void;
+
+  getChangeDate(): google_protobuf_timestamp_pb.Timestamp | undefined;
+  setChangeDate(value?: google_protobuf_timestamp_pb.Timestamp): void;
+  hasChangeDate(): boolean;
+  clearChangeDate(): void;
+
+  getDomain(): string;
+  setDomain(value: string): void;
+
+  getVerified(): boolean;
+  setVerified(value: boolean): void;
+
+  getPrimary(): boolean;
+  setPrimary(value: boolean): void;
+
+  getSequence(): number;
+  setSequence(value: number): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): OrgDomainView.AsObject;
+  static toObject(includeInstance: boolean, msg: OrgDomainView): OrgDomainView.AsObject;
+  static serializeBinaryToWriter(message: OrgDomainView, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): OrgDomainView;
+  static deserializeBinaryFromReader(message: OrgDomainView, reader: jspb.BinaryReader): OrgDomainView;
+}
+
+export namespace OrgDomainView {
+  export type AsObject = {
+    orgId: string,
+    creationDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    changeDate?: google_protobuf_timestamp_pb.Timestamp.AsObject,
+    domain: string,
+    verified: boolean,
+    primary: boolean,
+    sequence: number,
+  }
+}
+
+export class AddOrgDomainRequest extends jspb.Message {
+  getDomain(): string;
+  setDomain(value: string): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): AddOrgDomainRequest.AsObject;
+  static toObject(includeInstance: boolean, msg: AddOrgDomainRequest): AddOrgDomainRequest.AsObject;
+  static serializeBinaryToWriter(message: AddOrgDomainRequest, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): AddOrgDomainRequest;
+  static deserializeBinaryFromReader(message: AddOrgDomainRequest, reader: jspb.BinaryReader): AddOrgDomainRequest;
+}
+
+export namespace AddOrgDomainRequest {
+  export type AsObject = {
+    domain: string,
+  }
+}
+
+export class RemoveOrgDomainRequest extends jspb.Message {
+  getDomain(): string;
+  setDomain(value: string): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): RemoveOrgDomainRequest.AsObject;
+  static toObject(includeInstance: boolean, msg: RemoveOrgDomainRequest): RemoveOrgDomainRequest.AsObject;
+  static serializeBinaryToWriter(message: RemoveOrgDomainRequest, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): RemoveOrgDomainRequest;
+  static deserializeBinaryFromReader(message: RemoveOrgDomainRequest, reader: jspb.BinaryReader): RemoveOrgDomainRequest;
+}
+
+export namespace RemoveOrgDomainRequest {
+  export type AsObject = {
+    domain: string,
+  }
+}
+
+export class OrgDomainSearchResponse extends jspb.Message {
+  getOffset(): number;
+  setOffset(value: number): void;
+
+  getLimit(): number;
+  setLimit(value: number): void;
+
+  getTotalResult(): number;
+  setTotalResult(value: number): void;
+
+  getResultList(): Array<OrgDomainView>;
+  setResultList(value: Array<OrgDomainView>): void;
+  clearResultList(): void;
+  addResult(value?: OrgDomainView, index?: number): OrgDomainView;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): OrgDomainSearchResponse.AsObject;
+  static toObject(includeInstance: boolean, msg: OrgDomainSearchResponse): OrgDomainSearchResponse.AsObject;
+  static serializeBinaryToWriter(message: OrgDomainSearchResponse, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): OrgDomainSearchResponse;
+  static deserializeBinaryFromReader(message: OrgDomainSearchResponse, reader: jspb.BinaryReader): OrgDomainSearchResponse;
+}
+
+export namespace OrgDomainSearchResponse {
+  export type AsObject = {
+    offset: number,
+    limit: number,
+    totalResult: number,
+    resultList: Array<OrgDomainView.AsObject>,
+  }
+}
+
+export class OrgDomainSearchRequest extends jspb.Message {
+  getOffset(): number;
+  setOffset(value: number): void;
+
+  getLimit(): number;
+  setLimit(value: number): void;
+
+  getQueriesList(): Array<OrgDomainSearchQuery>;
+  setQueriesList(value: Array<OrgDomainSearchQuery>): void;
+  clearQueriesList(): void;
+  addQueries(value?: OrgDomainSearchQuery, index?: number): OrgDomainSearchQuery;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): OrgDomainSearchRequest.AsObject;
+  static toObject(includeInstance: boolean, msg: OrgDomainSearchRequest): OrgDomainSearchRequest.AsObject;
+  static serializeBinaryToWriter(message: OrgDomainSearchRequest, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): OrgDomainSearchRequest;
+  static deserializeBinaryFromReader(message: OrgDomainSearchRequest, reader: jspb.BinaryReader): OrgDomainSearchRequest;
+}
+
+export namespace OrgDomainSearchRequest {
+  export type AsObject = {
+    offset: number,
+    limit: number,
+    queriesList: Array<OrgDomainSearchQuery.AsObject>,
+  }
+}
+
+export class OrgDomainSearchQuery extends jspb.Message {
+  getKey(): OrgDomainSearchKey;
+  setKey(value: OrgDomainSearchKey): void;
+
+  getMethod(): SearchMethod;
+  setMethod(value: SearchMethod): void;
+
+  getValue(): string;
+  setValue(value: string): void;
+
+  serializeBinary(): Uint8Array;
+  toObject(includeInstance?: boolean): OrgDomainSearchQuery.AsObject;
+  static toObject(includeInstance: boolean, msg: OrgDomainSearchQuery): OrgDomainSearchQuery.AsObject;
+  static serializeBinaryToWriter(message: OrgDomainSearchQuery, writer: jspb.BinaryWriter): void;
+  static deserializeBinary(bytes: Uint8Array): OrgDomainSearchQuery;
+  static deserializeBinaryFromReader(message: OrgDomainSearchQuery, reader: jspb.BinaryReader): OrgDomainSearchQuery;
+}
+
+export namespace OrgDomainSearchQuery {
+  export type AsObject = {
+    key: OrgDomainSearchKey,
+    method: SearchMethod,
+    value: string,
+  }
+}
+
 export class OrgMemberRoles extends jspb.Message {
   getRolesList(): Array<string>;
   setRolesList(value: Array<string>): void;
@@ -4308,6 +4766,10 @@ export enum OrgState {
   ORGSTATE_ACTIVE = 1,
   ORGSTATE_INACTIVE = 2,
 }
+export enum OrgDomainSearchKey { 
+  ORGDOMAINSEARCHKEY_UNSPECIFIED = 0,
+  ORGDOMAINSEARCHKEY_DOMAIN = 1,
+}
 export enum OrgMemberSearchKey { 
   ORGMEMBERSEARCHKEY_UNSPECIFIED = 0,
   ORGMEMBERSEARCHKEY_FIRST_NAME = 1,

console/src/app/services/auth-user.service.ts

@@ -93,7 +93,6 @@ export class AuthUserService {
         req.setFirstName(profile.firstName);
         req.setLastName(profile.lastName);
         req.setNickName(profile.nickName);
-        req.setDisplayName(profile.displayName);
         req.setPreferredLanguage(profile.preferredLanguage);
         req.setGender(profile.gender);
         console.log(req.toObject());

console/src/app/services/mgmt-user.service.ts

@@ -66,7 +66,6 @@ export class MgmtUserService {
         req.setFirstName(user.firstName);
         req.setLastName(user.lastName);
         req.setNickName(user.nickName);
-        req.setDisplayName(user.displayName);
         req.setPassword(user.password);
         req.setPreferredLanguage(user.preferredLanguage);
         req.setGender(user.gender);
@@ -83,6 +82,16 @@ export class MgmtUserService {
         );
     }
 
+    public async GetUserByID(id: string): Promise<User> {
+        const req = new UserID();
+        req.setId(id);
+        return await this.request(
+            c => c.getUserByID,
+            req,
+            f => f,
+        );
+    }
+
     public async GetUserProfile(id: string): Promise<UserProfile> {
         const req = new UserID();
         req.setId(id);
@@ -109,7 +118,6 @@ export class MgmtUserService {
         req.setFirstName(profile.firstName);
         req.setLastName(profile.lastName);
         req.setNickName(profile.nickName);
-        req.setDisplayName(profile.displayName);
         req.setPreferredLanguage(profile.preferredLanguage);
         req.setGender(profile.gender);
         return await this.request(
@@ -129,10 +137,10 @@ export class MgmtUserService {
         );
     }
 
-    public async SaveUserEmail(email: UserEmail.AsObject): Promise<UserEmail> {
+    public async SaveUserEmail(id: string, email: string): Promise<UserEmail> {
         const req = new UpdateUserEmailRequest();
-        req.setId(email.id);
-        req.setEmail(email.email);
+        req.setId(id);
+        req.setEmail(email);
         return await this.request(
             c => c.changeUserEmail,
             req,
@@ -150,10 +158,10 @@ export class MgmtUserService {
         );
     }
 
-    public async SaveUserPhone(phone: UserPhone.AsObject): Promise<UserPhone> {
+    public async SaveUserPhone(id: string, phone: string): Promise<UserPhone> {
         const req = new UpdateUserPhoneRequest();
-        req.setId(phone.id);
-        req.setPhone(phone.phone);
+        req.setId(id);
+        req.setPhone(phone);
         return await this.request(
             c => c.changeUserPhone,
             req,
@@ -202,7 +210,9 @@ export class MgmtUserService {
         const req = new ProjectRoleAdd();
         req.setId(id);
         req.setKey(key);
+        if (displayName) {
             req.setDisplayName(displayName);
+        }
         req.setGroup(group);
         return await this.request(
             c => c.addProjectRole,

console/src/app/services/org.service.ts

@@ -5,8 +5,12 @@ import { Metadata } from 'grpc-web';
 import { ManagementServicePromiseClient } from '../proto/generated/management_grpc_web_pb';
 import {
     AddOrgMemberRequest,
+    Iam,
     Org,
     OrgDomain,
+    OrgDomainSearchQuery,
+    OrgDomainSearchRequest,
+    OrgDomainSearchResponse,
     OrgID,
     OrgMemberRoles,
     OrgMemberSearchRequest,
@@ -51,6 +55,15 @@ export class OrgService {
         return responseMapper(response);
     }
 
+    public async GetIam(): Promise<Iam> {
+        const req: Empty = new Empty();
+        return await this.request(
+            c => c.getIam,
+            req,
+            f => f,
+        );
+    }
+
     public async GetOrgById(orgId: string): Promise<Org> {
         const req: OrgID = new OrgID();
         req.setId(orgId);
@@ -61,6 +74,22 @@ export class OrgService {
         );
     }
 
+    public async SearchMyOrgDomains(offset: number, limit: number, queryList?: OrgDomainSearchQuery[]):
+        Promise<OrgDomainSearchResponse> {
+        const req: OrgDomainSearchRequest = new OrgDomainSearchRequest();
+        req.setLimit(limit);
+        req.setOffset(offset);
+        if (queryList) {
+            req.setQueriesList(queryList);
+        }
+
+        return await this.request(
+            c => c.searchMyOrgDomains,
+            req,
+            f => f,
+        );
+    }
+
     public async SearchMyOrgMembers(limit: number, offset: number): Promise<OrgMemberSearchResponse> {
         const req = new OrgMemberSearchRequest();
         req.setLimit(limit);
@@ -322,4 +351,16 @@ export class OrgService {
             f => f,
         );
     }
+
+    public getLocalizedComplexityPolicyPatternErrorString(policy: PasswordComplexityPolicy.AsObject): string {
+        if (policy.hasNumber && policy.hasSymbol) {
+            return 'ORG.POLICY.PWD_COMPLEXITY.SYMBOLANDNUMBERERROR';
+        } else if (policy.hasNumber) {
+            return 'ORG.POLICY.PWD_COMPLEXITY.NUMBERERROR';
+        } else if (policy.hasSymbol) {
+            return 'ORG.POLICY.PWD_COMPLEXITY.SYMBOLERROR';
+        } else {
+            return 'ORG.POLICY.PWD_COMPLEXITY.PATTERNERROR';
+        }
+    }
 }

console/src/app/services/project.service.ts

@@ -345,7 +345,9 @@ export class ProjectService {
     public async AddProjectRole(role: ProjectRoleAdd.AsObject): Promise<Empty> {
         const req = new ProjectRoleAdd();
         req.setId(role.id);
+        if (role.displayName) {
             req.setDisplayName(role.displayName);
+        }
         req.setKey(role.key);
         req.setGroup(role.group);
         return await this.request(

console/src/assets/i18n/de.json

@@ -158,7 +158,8 @@
         },
         "VALIDATION": {
             "INVALIDPATTERN": "Das Password muss aus mindestens 8 Zeichen bestehen und einen Grossbuchstaben, ein Sonderzeichen und eine Zahl enthalten. Die maximale Anzahl an Zeichen ist 72!",
-            "REQUIRED": "Das Feld ist leer"
+            "REQUIRED": "Das Feld ist leer",
+            "MINLENGTH":"Das Password muss mindestens {{minLength}} Zeichen lang sein!"
         },
         "STATE": {
             "0":"unbekannt",
@@ -208,7 +209,11 @@
                 "TITLE":"Passwort Komplexität",
                 "DESCRIPTION":"Stellt sicher, dass alle festgelegten Kennwörter einem bestimmten Muster entsprechen",
                 "TITLECREATE":"Kennwortkomplexitätsrichtlinie erstellen",
-                "DESCRIPTIONCREATE":"Stellt sicher, dass alle festgelegten Kennwörter einem bestimmten Muster entsprechen"
+                "DESCRIPTIONCREATE":"Stellt sicher, dass alle festgelegten Kennwörter einem bestimmten Muster entsprechen",
+                "SYMBOLANDNUMBERERROR":"Das Password muss ein Symbol und eine Nummer beinhalten!",
+                "SYMBOLERROR":"Das Password msus ein Symbol beinhalten!",
+                "NUMBERERROR":"Das Password muss eine Nummer beinhalten!",
+                "PATTERNERROR":"Das vorgeschriebene Muster ist falsch!"
             },
             "PWD_AGE": {
                 "TITLE":"Passwort Maximaldauer",

console/src/assets/i18n/en.json

@@ -158,7 +158,8 @@
         },
         "VALIDATION": {
             "INVALIDPATTERN": "The password must consist of at least 8 characters and contain a capital letter, a special character and a number. The maximum length is 72.",
-            "REQUIRED": "The input field is empty"
+            "REQUIRED": "The input field is empty",
+            "MINLENGTH":"The password has to be at least {{minLength}} characters long!"
         },
         "STATE": {
             "0":"unbekannt",
@@ -208,7 +209,12 @@
                 "TITLE":"Password Complexity",
                 "DESCRIPTION":"Ensures that all set passwords correspond to a specific pattern",
                 "TITLECREATE":"Create Password Complexity Policy",
-                "DESCRIPTIONCREATE":"Ensures that all set passwords correspond to a specific pattern"
+                "DESCRIPTIONCREATE":"Ensures that all set passwords correspond to a specific pattern",
+                "SYMBOLANDNUMBERERROR":"The password must consist of a number and a symbol",
+                "SYMBOLERROR":"The password must include a symbol!",
+                "NUMBERERROR":"The password must include a number!",
+                "PATTERNERROR":"The required pattern is not fulfilled!"
+
             },
             "PWD_AGE": {
                 "TITLE":"Password Age",