docs: Request to ZITADEL API with PAT (#4751)

* docs: Request to ZITADEL API with PAT

* docs: add error response to oidc possible errors

* Update docs/docs/guides/integrate/pat.md

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update docs/docs/guides/integrate/pat.md

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update docs/docs/guides/integrate/pat.md

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* docs: add error response to oidc possible errors

Co-authored-by: Elio Bischof <eliobischof@gmail.com>
This commit is contained in:
Fabi 2022-11-23 15:06:09 +01:00 committed by GitHub
parent 1b868b6a7f
commit 5de6a5a8c0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 46 additions and 0 deletions

View File

@ -0,0 +1,45 @@
---
title: PAT (Personal Access Token)
---
A Personal Access Token (PAT) is a ready to use token which can be used as _Authorization_ header.
At the moment ZITADEL only allows PATs for machine accounts (service users).
It is an alternative to the JWT profile authentication where the service user has a key to authenticate. Read more about that [here](serviceusers)
## Create a Service User with a PAT
1. Navigate to Service Users
2. Click on **New**
3. Enter a user name and a display name
4. Click on the Personal Access Token menu point in the detail of your user
5. Click on **New**
6. You can either set an expiration date or leave it empty if you don't want it to expire
7. Copy the token from the dialog (You will not see this again)
![Create new service user](/img/guides/console-service-user-pat.gif)
## Grant role for ZITADEL
To be able to access the ZITADEL APIs your service user needs permissions to ZITADEL.
1. Go to the detail page of your organization
2. Click in the top right corner the "+" button
3. Search for your service user
4. Give the user the role you need, for the example we choose Org Owner (More about [ZITADEL Permissions](../manage/console/managers))
![Add org owner to service user](/img/guides/console-service-user-org-owner.gif)
## Call ZITADEL API with PAT
Because the PAT is a ready to use Token, you can add it as Authorization Header and send it in your requests to the ZITADEL API.
In this example we read the organization of the service user.
```bash
curl --request GET \
--url {your-domain}/management/v1/orgs/me \
--header 'Authorization: Bearer {PAT}'
```

View File

@ -133,6 +133,7 @@ module.exports = {
items: [
"guides/integrate/serviceusers",
"guides/integrate/access-zitadel-apis",
"guides/integrate/pat",
"guides/integrate/access-zitadel-system-api",
"guides/integrate/export-and-import",
],

Binary file not shown.

After

Width:  |  Height:  |  Size: 648 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.7 MiB