TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-04-30 20:00:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: proposal restructure (#5318)

Browse Source 
* docs: docs structure

* docs: remove sdk from main nav

* docs: fix broken links

* docs: texts

* docs: texts

* docs: react example

* docs: proposal restructure

* remove manual, move troubleshooting

* revmove duplicate item

* identity providers

* broken links and rel paths

* examples wip

* examples

* navigation

* support

* solution scenarios

* concepts

* overview

* Actions caution to info

* suggestions from code review

* remove start command again

* proposed start command (with and without api)

* wip startpage

* startpage

* broken link integrate

* remove get started from nav

* Apply suggestions from code review

Co-authored-by: Elio Bischof <elio@zitadel.com>

---------

Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@zitadel.com>
Co-authored-by: Elio Bischof <elio@zitadel.com>
This commit is contained in:
mffap 2023-03-07 09:33:13 +02:00 committed by GitHub
parent 23c14d9bd1
commit 8d4d182c20
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
61 changed files with 943 additions and 780 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/docs/apis/actions/external-authentication.md
View File

@ -2,7 +2,7 @@
title: External Authentication Flow
---
This flow is executed if the user logs in using an [identity provider](../../guides/integrate/identity-brokering) or using a [jwt token](../../concepts/structure/jwt_idp).
This flow is executed if the user logs in using an [identity provider](/guides/integrate/identity-providers/introduction.md) or using a [jwt token](/concepts/structure/jwt_idp).
## Post Authentication

2
docs/docs/apis/openidoauth/scopes.md
View File

@ -24,7 +24,7 @@ In addition to the standard compliant scopes we utilize the following scopes.
| Scopes | Example | Description |
| :------------------------------------------------ | :----------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `urn:zitadel:iam:org:project:role:{rolekey}` | `urn:zitadel:iam:org:project:role:user` | By using this scope a client can request the claim urn:zitadel:iam:roles to be asserted when possible. As an alternative approach you can enable all roles to be asserted from the [project](../../guides/manage/console/roles#authorizations) a client belongs to. |
| `urn:zitadel:iam:org:project:role:{rolekey}` | `urn:zitadel:iam:org:project:role:user` | By using this scope a client can request the claim urn:zitadel:iam:roles to be asserted when possible. As an alternative approach you can enable all roles to be asserted from the [project](/guides/manage/console/roles#authorizations) a client belongs to. |
| `urn:zitadel:iam:org:id:{id}` | `urn:zitadel:iam:org:id:178204173316174381` | When requesting this scope **ZITADEL** will enforce that the user is a member of the selected organization. If the organization does not exist a failure is displayed. It will assert the `urn:zitadel:iam:user:resourceowner` claims. |
| `urn:zitadel:iam:org:domain:primary:{domainname}` | `urn:zitadel:iam:org:domain:primary:acme.ch` | When requesting this scope **ZITADEL** will enforce that the user is a member of the selected organization and the username is suffixed by the provided domain. If the organization does not exist a failure is displayed |
| `urn:zitadel:iam:role:{rolename}` | | |

10
docs/docs/concepts/features/actions.md
View File

@ -5,10 +5,8 @@ title: Actions
By using ZITADEL actions, you can manipulate ZITADELs behavior on specific Events.
This is useful when you have special business requirements that ZITADEL doesn't support out-of-the-box.
:::caution
ZITADEL actions is in an early development stage.
In the [roadmap](https://zitadel.com/roadmap), you see how we are planning to expand and improve it.
Please tell us about your needs and help us prioritize further fixes and features.
:::info
We're working on Actions continuously. In the [roadmap](https://zitadel.com/roadmap), you see how we are planning to expand and improve it. Please tell us about your needs and help us prioritize further fixes and features.
:::
## Why actions?
@ -34,6 +32,6 @@ Within the JavaScript code, you can read and manipulate the state.
## Further reading
- [Assign users a role after they register using an external identity provider](../../guides/manage/customize/behavior)
- [Actions reference](../../apis/actions/introduction#action)
- [Assign users a role after they register using an external identity provider](/guides/manage/customize/behavior)
- [Actions reference](/apis/actions/introduction#action)
- [Actions Marketplace: Find example actions to use in ZITADEL](https://github.com/zitadel/actions)

40
docs/docs/concepts/introduction.mdx
View File

@ -2,43 +2,9 @@
title: Introduction
---
import {ListElement, ListWrapper, ICONTYPE} from '../../src/components/list';
import Column from '../../src/components/column';
This part of the **ZITADEL** documentation contains ZITADEL specific or general concepts required to understand the system or our guides.
Please be reminded that ZITADEL is open source — and so is the documentation. Should you happen to stumble over an incorrectness, a spelling mistake, a hard-to-understand text passage, please dont hesitate to leave a comment or propose a corresponding change.
![Overview](/img/concepts/objects/object_overview.png)
<Column>
<ListWrapper title="General">
<ListElement link="./principles" type={ICONTYPE.TASKS} title="Principles" description="Design and engineering principles" />
<ListElement link="./architecture/software" type={ICONTYPE.ARCHITECTURE} title="Architecture" description="Sotware-, Cluster- and Multi Cluster Architecture" />
</ListWrapper>
<ListWrapper title="Structure">
<Column>
<div>
<ListElement link="./structure/overview" type={ICONTYPE.FOLDER} title="Overview" description="" />
<ListElement link="./structure/organizations" type={ICONTYPE.FILE} title="Organizations" description="" />
<ListElement link="./structure/policies" type={ICONTYPE.FILE} title="Policies" description="" />
<ListElement link="./structure/projects" type={ICONTYPE.FILE} title="Projects" description="" />
</div>
<div>
<ListElement link="./structure/applications" type={ICONTYPE.FILE} title="Applications" description="" />
<ListElement link="./structure/granted_projects" type={ICONTYPE.FILE} title="Granted Projects" description="" />
<ListElement link="./structure/users" type={ICONTYPE.FILE} title="Users" description="" />
<ListElement link="./structure/managers" type={ICONTYPE.FILE} title="Managers" description="" />
</div>
</Column>
</ListWrapper>
<ListWrapper title="Use Cases">
<ListElement link="./usecases/saas" type={ICONTYPE.START} title="SaaS" description="Product with Authentication and Authorization" />
</ListWrapper>
<ListWrapper title="Features">
<ListElement link="./features/actions" type={ICONTYPE.FILE} title="Actions" description="Customizing ZITADELs behavior using the actions feature" />
</ListWrapper>
<ListWrapper title="Customer Portal">
<ListElement link="../guides/manage/cloud/instances" type={ICONTYPE.INSTANCE} title="Instances" description="Manage all your ZITADEL instances" />
</ListWrapper>
</Column>
This overview shows the general structure of ZITADEL.
You will find more detailed explanations around the different concepts in the following sections.

2
docs/docs/concepts/structure/policies.md
View File

@ -3,6 +3,6 @@ title: Settings/Policies
---
Settings and policies are configurations of all the different parts of the Instance or an organization. For all parts we have a suitable default in the Instance.
The default configuration can be overridden for each organization, some policies are currently only available on the instance level. Learn more about our different policies [here](../../guides/manage/console/instance-settings.mdx).
The default configuration can be overridden for each organization, some policies are currently only available on the instance level. Learn more about our different policies [here](/guides/manage/console/instance-settings.mdx).
API wise, settings are often called policies. You can read the proto and swagger definitions [here](../../apis/introduction.mdx).

9
docs/docs/concepts/usecases/saas.md
View File

@ -1,5 +1,6 @@
---
title: SaaS Product with Authentication and Authorization
sidebar_label: Software-as-a-Service
---
This is an example architecture for a typical SaaS product.
@ -52,11 +53,11 @@ There are some different use cases how the login should behave and look like:
1. Restrict Organization
With the primary domain scope the organization will be restricted to the requested domain, this means only users of the requestd organization will be able to login.
With the primary domain scope the organization will be restricted to the requested domain, this means only users of the requested organization will be able to login.
The private labeling (branding) and the login policy of the requested organization will be set automatically.
:::note
More about the [Scopes](../../apis/openidoauth/scopes)
More about the [Scopes](/apis/openidoauth/scopes)
:::
2. Show private labeling (branding) of the project organization
@ -64,8 +65,8 @@ More about the [Scopes](../../apis/openidoauth/scopes)
You can configure on project-level which branding should be shown to users.
In the default the design of the instance will be shown, but as soon as the user is identified, the policy of the users organization (if specified) will be triggered.
If the setting is set to `Ensure Project Resource Owner Setting`, the private labeling of the project organization will always be triggered.
The last possibility is to show the private labeling of the project organization and as soon as the user is identitfied the user organization settings will be triggered.
The last possibility is to show the private labeling of the project organization and as soon as the user is identified the user organization settings will be triggered.
For this the Allow User Resource Owner Setting should be set.
:::note
More about [Private Labeling](../../guides/manage/customize/branding)
More about [Private Labeling](/guides/manage/customize/branding)
:::

2
docs/docs/examples/call-zitadel-api/dot-net.md
View File

@ -113,6 +113,6 @@ If you've run into any other problem, don't hesitate to contact us or raise an i
Now you can proceed implementing our APIs by adding more calls.
Checkout more [examples from the SDK](https://github.com/zitadel/zitadel-go/blob/main/example) or refer to our [API Docs](../../apis/introduction).
Checkout more [examples from the SDK](https://github.com/zitadel/zitadel-go/blob/main/example) or refer to our [API Docs](/apis/introduction).
> This guide will be updated soon to show you how to use the SDK for your own API as well.

2
docs/docs/examples/call-zitadel-api/go.md
View File

@ -152,6 +152,6 @@ Now you can proceed implementing our APIs by adding more calls or trying to over
log.Printf("%s was created on: %s", respOverwrite.Org.Name, respOverwrite.Org.Details.CreationDate.AsTime())
}
```
Checkout more [examples from the SDK](https://github.com/zitadel/zitadel-go/blob/main/example) or refer to our [API Docs](../../apis/introduction).
Checkout more [examples from the SDK](https://github.com/zitadel/zitadel-go/blob/main/example) or refer to our [API Docs](/apis/introduction).
> This guide will be updated soon to show you how to use the SDK for your own API as well.

2
docs/docs/examples/identity-proxy/oauth2-proxy.md
View File

@ -13,7 +13,7 @@ title: OAuth 2.0 Proxy
Before we can start building our application we have do do a few configuration steps in ZITADEL Console.
You will need to provide some information about your app. We recommend creating a new app to start from scratch. Navigate to your project and add a new application at the top of the page.
Select Web Application and continue.
We recommend that you use [Authorization Code](../../apis/openidoauth/grant-types#authorization-code) for the OAuth 2.0 Proxy.
We recommend that you use [Authorization Code](/apis/openidoauth/grant-types#authorization-code) for the OAuth 2.0 Proxy.
> Make sure Authentication Method is set to `BASIC` and the Application Type is set to `Web`.

312
docs/docs/examples/introduction.mdx
View File

@ -2,132 +2,198 @@
title: Overview
---
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import { Card, CardWrapper } from "../../src/components/card";
Our examples cover a range of programming languages and frameworks, so no matter what you're into, we've got you covered.
Get started with ZITADEL quickly by reading a quickstart or by cloning a [ZITADEL example](https://github.com/search?q=topic%3Aexamples+org%3Azitadel) repo.
## Frontend
<Tabs>
<TabItem value="app" label="Web · Native applications" default>
<CardWrapper>
<Card
link="/docs/examples/login/angular"
imageSource="/docs/img/tech/angular.svg"
title="Angular"
description="Add the user login to your application and query some data from the userinfo endpoint"
/>
<Card
link="/docs/examples/login/react"
imageSource="/docs/img/tech/react.png"
title="React"
description="Logs into your application and queries some data from the userinfo endpoint"
/>
<Card
link="/docs/examples/login/flutter"
imageSource="/docs/img/tech/flutter.svg"
title="Flutter"
description="Mobile Application working for iOS and Android that authenticates your user."
/>
<Card
link="/docs/examples/login/nextjs"
imageSource="/docs/img/tech/nextjs.svg"
title="NextJS"
description="A simple application to log into your user account and query some data from User endpoint."
/>
<Card
link="/docs/examples/login/nextjs-b2b"
imageSource="/docs/img/tech/nextjs.svg"
title="NextJS B2B Scenario"
description="An application to showcase your user account having multiple organizations and the use of Personal Access Tokens."
/>
</CardWrapper>
</TabItem>
<TabItem value="apis" label="APIs">
<CardWrapper>
<Card
link="/docs/examples/secure-api/go"
imageSource="/docs/img/tech/golang.svg"
title="GO"
description="This example shows you how to secure an API written in GO."
/>
<Card
link="/docs/examples/secure-api/python-flask"
imageSource="/docs/img/tech/python.svg"
title="Python"
description="This example shows you how to secure a Python3 Flask API."
/>
<Card
link="/docs/examples/secure-api/dot-net"
imageSource="/docs/img/tech/dotnet.svg"
title=".NET"
description="This example shows you how to secure a .NET API."
/>
</CardWrapper>
</TabItem>
<TabItem value="zitadel" label="ZITADEL · APIs">
<CardWrapper>
<Card
link="/docs/examples/call-zitadel-api/go"
imageSource="/docs/img/tech/golang.svg"
title="GO"
description="Demonstrates how to fetch some data from the ZITADEL management API."
/>
<Card
link="/docs/examples/call-zitadel-api/dot-net"
imageSource="/docs/img/tech/dotnet.svg"
title=".NET"
description="This integration guide shows you how to integrate ZITADEL into your .NET application. It demonstrates how to fetch some data from the ZITADEL management API."
/>
</CardWrapper>
</TabItem>
<TabItem value="proxy" label="Proxy">
<CardWrapper>
<Card
link="/docs/examples/identity-proxy/oauth2-proxy"
imageSource="/docs/img/tech/oauth2-proxy.svg"
title="OAuth 2.0 Proxy"
description="Allows services to delegate the authentication flow to a IDP, for example ZITADEL"
/>
</CardWrapper>
</TabItem>
</Tabs>
### Single Page Application
## Clone a sample project
<table>
<tr>
<th></th>
<th>Language</th>
<th>Example</th>
<th>Quickstart</th>
<th>SDK</th>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/angular.svg" alt="angular"/>
</td>
<td>Angular</td>
<td><a href="https://github.com/zitadel/zitadel-angular" target="_blank"><i class="lab la-github"></i></a></td>
<td><a href="/examples/login/angular">Guide</a></td>
<td></td>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/react.png" alt="react"/>
</td>
<td>React</td>
<td><a href="https://github.com/zitadel/react-user-authentication" target="_blank"><i class="lab la-github"></i></a></td>
<td><a href="/examples/login/react">Guide</a></td>
<td></td>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/vue.svg" alt="vue"/>
</td>
<td>React</td>
<td><a href="https://github.com/zitadel/zitadel/issues/5223" target="_blank">🚧</a></td>
<td></td>
<td></td>
</tr>
</table>
<CardWrapper>
<Card
githubLink="https://github.com/zitadel/zitadel-java"
title="Java"
label="Java"
/>
<Card
githubLink="https://github.com/zitadel/zitadel-python3"
title="Python"
label="Python"
/>
<Card
githubLink="https://github.com/zitadel/zitadel-angular"
title="Angular"
label="Web · Mobile Web"
/>
<Card
githubLink="https://github.com/zitadel/zitadel-nextjs"
title="NextJS"
label="Web · Mobile Web"
/>
<Card
githubLink="https://github.com/zitadel/zitadel_flutter"
title="Flutter"
label="Android · iOS · Web · Mobile Web"
/>
</CardWrapper>
### Native / Mobile App
## Libraries
<table>
<tr>
<th></th>
<th>Language</th>
<th>Example</th>
<th>Quickstart</th>
<th>SDK</th>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/flutter.svg" alt="flutter"/>
</td>
<td>Flutter</td>
<td><a href="https://github.com/zitadel/zitadel_flutter" target="_blank"><i class="lab la-github"></i></a></td>
<td><a href="/examples/login/flutter">Guide</a></td>
<td></td>
</tr>
</table>
| Language | Description | Link |
| -------- | ------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------- |
| Go | Go client library for ZITADEL. | [https://github.com/zitadel/zitadel-go](https://github.com/zitadel/zitadel-go) |
| .Net | Authentication / Authorization library written in dotnet for the asp.net web application package. | [https://github.com/zitadel/zitadel-net](https://github.com/zitadel/zitadel-net) |
| Dart | Dart library for ZITADEL, contains gRPC and API access elements. | [https://github.com/zitadel/zitadel-dart](https://github.com/zitadel/zitadel-dart) |
| Elixir | API Client for the ZITADEL API. | [https://github.com/jshmrtn/zitadel_api](https://github.com/jshmrtn/zitadel_api) |
### Regular Web App
<table>
<tr>
<th></th>
<th>Language</th>
<th>Example</th>
<th>Quickstart</th>
<th>SDK</th>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/nextjs.svg" alt="nextjs"/>
</td>
<td>NextJS</td>
<td><a href="https://github.com/zitadel/zitadel-nextjs" target="_blank"><i class="lab la-github"></i></a></td>
<td><a href="/examples/login/nextjs">Guide</a></td>
<td><a href="./sdks#more">NextAuth Provider</a></td>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/golang.svg" alt="golang"/>
</td>
<td>Go Web</td>
<td></td>
<td></td>
<td><a href="./sdks">SDK</a></td>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/java.svg" alt="java"/>
</td>
<td>Java Spring Boot Web</td>
<td><a href="https://github.com/zitadel/zitadel-java" target="_blank"><i class="lab la-github"></i></a></td>
<td></td>
<td></td>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/php.svg" alt="php"/>
</td>
<td>PHP Web</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/python.svg" alt="python"/>
</td>
<td>Python3 Flask Web</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/dotnet.svg" alt="dotnet"/>
</td>
<td>ASP.NET Core MVC Web</td>
<td></td>
<td></td>
<td></td>
</tr>
</table>
## Backend
<table>
<tr>
<th></th>
<th>Language</th>
<th>Example</th>
<th>Quickstart</th>
<th>SDK</th>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/golang.svg" alt="golang"/>
</td>
<td>Golang</td>
<td><a href="https://github.com/zitadel/zitadel-go" target="_blank"><i class="lab la-github"></i></a></td>
<td><a href="./secure-api/go">Guide</a></td>
<td><a href="https://github.com/zitadel/zitadel-go" target="_blank">SDK</a></td>
</tr>
<tr>
<td>
<img src="/docs/img/tech/python.svg" alt="phyton"/>
</td>
<td>Python Flask</td>
<td><a href="https://github.com/zitadel/example-api-python3-flask" target="_blank"><i class="lab la-github"></i></a></td>
<td><a href="./secure-api/python-flask">Guide</a></td>
<td></td>
</tr>
<tr>
<td>
<img src="/docs/img/tech/dotnet.svg" alt="dotnet"/>
</td>
<td>ASP.NET Core WebAPI</td>
<td></td>
<td><a href="./call-zitadel-api/dot-net">Guide</a></td>
<td><a href="https://github.com/smartive/zitadel-net">SDK</a></td>
</tr>
<tr>
<td>
<img src="/docs/img/tech/nodejs.svg" alt="node"/>
</td>
<td>NodeJS</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td width="100px">
<img src="/docs/img/tech/php.svg" alt="php"/>
</td>
<td>PHP API</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>
<img src="/docs/img/tech/java.svg" alt="java"/>
</td>
<td>Java Spring Boot API</td>
<td><a href="https://github.com/zitadel/zitadel-java" target="_blank"><i class="lab la-github"></i></a></td>
<td></td>
<td></td>
</tr>
</table>

12
docs/docs/examples/libs.md
View File

@ -1,12 +0,0 @@
---
title: Libraries
---
| Language | Description | Link |
| ------------ | ---------------------|-------------|
| Go | Go client library for ZITADEL. | [https://github.com/zitadel/zitadel-go](https://github.com/zitadel/zitadel-go)
| .Net | Authentication / Authorization library written in dotnet for the asp.net web application package. | [https://github.com/zitadel/zitadel-net](https://github.com/zitadel/zitadel-net)
| Dart | Dart library for ZITADEL, contains gRPC and API access elements. | [https://github.com/zitadel/zitadel-dart](https://github.com/zitadel/zitadel-dart) |
| Elixir | API Client for the ZITADEL API. | [https://github.com/jshmrtn/zitadel_api](https://github.com/jshmrtn/zitadel_api) |

4
docs/docs/examples/login/angular.md
View File

@ -14,7 +14,7 @@ At the end of the guide, your application has login functionality and has access
Before we can start building our application, we have to do a few configuration steps in ZITADEL Console.
You will need to provide some information about your app. We recommend creating a new app to start from scratch. Navigate to your Project, then add a new application at the top of the page.
Select **User Agent** application type and continue.
We recommend you use [Proof Key for Code Exchange (PKCE)](../../apis/openidoauth/grant-types#proof-key-for-code-exchange) for all SPA applications.
We recommend you use [Proof Key for Code Exchange (PKCE)](/apis/openidoauth/grant-types#proof-key-for-code-exchange) for all SPA applications.
![Create app in console](/img/angular/app-create.png)
@ -158,6 +158,6 @@ If you get stuck, consider checking out our [example](https://github.com/zitadel
### What's next?
Now that you have enabled authentication, it's time to add authorization to your application using ZITADEL APIs. Refer to the [docs](../../apis/introduction) or check out our ZITADEL Console code on [GitHub](https://github.com/zitadel/zitadel) which is using gRPC to access data.
Now that you have enabled authentication, it's time to add authorization to your application using ZITADEL APIs. Refer to the [docs](/apis/introduction) or check out our ZITADEL Console code on [GitHub](https://github.com/zitadel/zitadel) which is using gRPC to access data.
For more information about creating an Angular application, refer to [Angular](https://angular.io/start) and for more information about the OAuth/OIDC library used above, consider reading their docs at [angular-oauth2-oidc](https://github.com/manfredsteyer/angular-oauth2-oidc).

4
docs/docs/examples/login/nextjs-b2b.md
View File

@ -4,7 +4,7 @@ title: Next.js B2B Scenario
This is our Zitadel [Next.js](https://nextjs.org/) B2B template. It shows how to authenticate as a user with multiple organizations. The application shows your users roles on the selected organizations, other projects your organization is allowed to use and other users having a grant to use the application.
If you need more info on B2B use cases consider reading our guide for the [B2B solution scenario](../../guides/solution-scenarios/b2b.mdx).
If you need more info on B2B use cases consider reading our guide for the [B2B solution scenario](/guides/solution-scenarios/b2b.mdx).
> You can follow along with the template code in our [zitadel-nextjs-b2b](https://github.com/zitadel/zitadel-nextjs-b2b) repo.
@ -134,7 +134,7 @@ Let's call this new organization `Demo-Customer`.
### Users
Now switch back to the organization `Demo-Customer` and [create a new user](/manuals/user-register) in this organization.
Now switch back to the organization `Demo-Customer` and [create a new user](/guides/manage/console/users#create-user) in this organization.
Let's call the first user `Alice Admin`. Create a second user called `Eric Employee`.
### Manager Role

2
docs/docs/examples/login/nextjs.md
View File

@ -30,7 +30,7 @@ Before we can start building our application, we have to do a few configuration
You will need to provide some information about your app.
Navigate to your Project, then add a new application at the top of the page.
Select Web application type and continue.
We recommend you use [Authorization Code](../../apis/openidoauth/grant-types#authorization-code) in combination with [Proof Key for Code Exchange (PKCE)](../../apis/openidoauth/grant-types#proof-key-for-code-exchange) for all web applications.
We recommend you use [Authorization Code](/apis/openidoauth/grant-types#authorization-code) in combination with [Proof Key for Code Exchange (PKCE)](/apis/openidoauth/grant-types#proof-key-for-code-exchange) for all web applications.
As the requests from your application to ZITADEL are made on NextJS serverside, you can select `CODE` in the next step. This makes sure you still get a secret which is then used in combination with PKCE. Note that the secret never gets exposed on the browser and is therefore kept in a confidential environment.
![Create app in console](/img/nextjs/app-create.png)

6
docs/docs/examples/login/react.mdx
View File

@ -11,8 +11,8 @@ At the end of the guide you should have an application able to login a user and
Before we can start building our application we have to do a few configuration steps in ZITADEL Console.
You will need to provide some information about your app. We recommend creating a new app to start from scratch. Navigate to your Project and add a new application at the top of the page.
Select User Agent and continue. More about the different app types can you find [here](../../guides/integrate/oauth-recommended-flows#different-client-profiles).
We recommend that you use [Authorization Code](../../apis/openidoauth/grant-types#authorization-code) in combination with [Proof Key for Code Exchange](../../apis/openidoauth/grant-types#proof-key-for-code-exchange) for all web applications.
Select User Agent and continue. More about the different app types can you find [here](/guides/integrate/oauth-recommended-flows#different-client-profiles).
We recommend that you use [Authorization Code](/apis/openidoauth/grant-types#authorization-code) in combination with [Proof Key for Code Exchange](/apis/openidoauth/grant-types#proof-key-for-code-exchange) for all web applications.
### Redirect URLs
@ -112,6 +112,6 @@ You have successfully integrated ZITADEL in your React Application!
### Whats next?
Now you can proceed implementing our APIs to include Authorization. You can find our API Docs [here](../../apis/introduction)
Now you can proceed implementing our APIs to include Authorization. You can find our API Docs [here](/apis/introduction)
For more information about creating a React application we refer to [React](https://reactjs.org/docs/getting-started.html) and for more information about the used oauth/oidc library consider reading their docs at [oidc-react](https://www.npmjs.com/package/oidc-react).

33
docs/docs/examples/sdks.md Normal file
View File

@ -0,0 +1,33 @@
---
title: SDKs
---
## ZITADEL SDK
| Language / Framework | Link Github | User Authentication | Manage resources | Notes |
|--- | --- | --- | --- | --- |
| .NET | [zitadel-net](https://github.com/smartive/zitadel-net) | ✔️ | ✔️ | `community` |
| Elixir | [zitadel_api](https://github.com/jshmrtn/zitadel_api) | ✔️ | ✔️ | `community` |
| Go | [zitadel-go](https://github.com/zitadel/zitadel-go) | ❌ | ✔️ | `official` |
| JVM | 🚧 [WIP](https://github.com/zitadel/zitadel/discussions/3650) | ❓ | ❓ | TBD |
| Python | 🚧 [WIP](https://github.com/zitadel/zitadel/issues/3675) | ❓ | ❓ | TBD |
| NodeJS | [@zitadel/node](https://www.npmjs.com/package/@zitadel/node) | ❌ | ✔️ | `community` |
## More
While we are not actively maintaining the following projects, it is worth checking out if you're interested in exploring ZITADEL in different programming languages or frameworks.
- [NodeJS passport](https://github.com/buehler/node-passport-zitadel) authentication helper
- [Dart library for ZITADEL](https://github.com/smartive/zitadel-dart), contains gRPC and API access elements
- [NextAuth Provider for ZITADEL](https://next-auth.js.org/providers/zitadel)
If we do not provide an example, SDK or guide, we strongly recommend using existing authentication libraries for your language or framework instead of building your own.
Certified libraries have undergone rigorous testing and validation to ensure high security and reliability.
There are many recommended libraries available, this saves time and ensures that users' data is well-protected.
You might want to check out the following links to find a good library:
- [awesome-auth](https://github.com/casbin/awesome-auth)
- [OpenID General References](https://openid.net/developers/libraries/)
- [OpenID certified libraries](https://openid.net/developers/certified/)
- [OpenID uncertified libraries](https://openid.net/developers/uncertified/)

10
docs/docs/guides/integrate/access-zitadel-apis.md
View File

@ -15,7 +15,7 @@ ZITADEL Managers are Users who have permission to manage ZITADEL itself. There a
- **Project Mangers**: In this level the user is able to manage a project.
- **Project Grant Manager**: The project grant manager is for projects, which are granted of another organization.
On each level we have some different Roles. Here you can find more about the different roles: [ZITADEL Manager Roles](../../guides/manage/console/managers#roles)
On each level we have some different Roles. Here you can find more about the different roles: [ZITADEL Manager Roles](/guides/manage/console/managers#roles)
## Add ORG_OWNER to Service User
@ -38,7 +38,7 @@ This is already described in the [Service User](serviceusers.md), so make sure y
With the encoded JWT from the prior step, you will need to craft a POST request to ZITADEL's token endpoint:
To access the ZITADEL APIs you need the ZITADEL Project ID in the audience of your token.
This is possible by sending a custom scope for the audience. More about [Custom Scopes](../../apis/openidoauth/scopes)
This is possible by sending a custom scope for the audience. More about [Custom Scopes](/apis/openidoauth/scopes)
Use the scope `urn:zitadel:iam:org:project:id:zitadel:aud` to include the ZITADEL project id in your audience
@ -52,7 +52,7 @@ curl --request POST \
```
- `grant_type` must be set to `urn:ietf:params:oauth:grant-type:jwt-bearer`
- `scope` should contain any [Scopes](../../apis/openidoauth/scopes) you want to include, but must include `openid`. For this example, please include `profile` and `email`
- `scope` should contain any [Scopes](/apis/openidoauth/scopes) you want to include, but must include `openid`. For this example, please include `profile` and `email`
- `assertion` is the encoded value of the JWT that was signed with your private key from the prior step
You should receive a successful response with `access_token`, `token_type` and time to expiry in seconds as `expires_in`.
@ -68,7 +68,7 @@ Content-Type: application/json
}
```
With this token you are allowed to access the [ZITADEL APIs](../../apis/introduction) .
With this token you are allowed to access the [ZITADEL APIs](/apis/introduction) .
## Summary
@ -78,4 +78,4 @@ With this token you are allowed to access the [ZITADEL APIs](../../apis/introduc
Where to go from here:
- [ZITADEL API Documentation](../../apis/introduction)
- [ZITADEL API Documentation](/apis/introduction)

4
docs/docs/guides/integrate/access-zitadel-system-api.md
View File

@ -145,7 +145,7 @@ You should get a successful response with a `totalResult` number of 1 and the de
}
```
With this token you are allowed to access the whole [ZITADEL System API](../../apis/system).
With this token you are allowed to access the whole [ZITADEL System API](/apis/system).
## Summary
@ -155,4 +155,4 @@ With this token you are allowed to access the whole [ZITADEL System API](../../a
Where to go from here:
* [ZITADEL API Documentation](../../apis/introduction)
* [ZITADEL API Documentation](/apis/introduction)

4
docs/docs/guides/integrate/authenticated-mongodb-charts.md
View File

@ -12,7 +12,7 @@ You will need to provide some information about your app. We recommend creating
1. Navigate to your Project
2. Add a new application at the top of the page.
3. Select Web application type and continue.
4. Use [Authorization Code](../../apis/openidoauth/grant-types#authorization-code) in combination with [Proof Key for Code Exchange (PKCE)](../../apis/openidoauth/grant-types#proof-key-for-code-exchange).
4. Use [Authorization Code](/apis/openidoauth/grant-types#authorization-code) in combination with [Proof Key for Code Exchange (PKCE)](/apis/openidoauth/grant-types#proof-key-for-code-exchange).
5. Skip the redirect settings and confirm the app creation
6. Copy the client ID, you will need to tell MongoDB Charts about it.
7. When you created the app, expand its _OIDC Configuration_ section, change the _Auth Token Type_ to _JWT_ and save the change.
@ -39,7 +39,7 @@ Your configuration should look similar to this:
Embed a chart into your application now, following the corresponding [MongoDB docs](https://docs.mongodb.com/charts/saas/embed-chart-jwt-auth/).
If you've done the [Angular Quickstart](../../examples/login/angular.md), your code could look something like this:
If you've done the [Angular Quickstart](/examples/login/angular.md), your code could look something like this:
```html
<!-- chart.component.html -->

4
docs/docs/guides/integrate/client-credentials.md
View File

@ -29,7 +29,7 @@ To be able to access the ZITADEL APIs your service user needs permissions to ZIT
1. Go to the detail page of your organization
2. Click in the top right corner the "+" button
3. Search for your service user
4. Give the user the role you need, for the example we choose Org Owner (More about [ZITADEL Permissions](../manage/console/managers))
4. Give the user the role you need, for the example we choose Org Owner (More about [ZITADEL Permissions](/guides/manage/console/managers))
![Add org owner to service user](/img/guides/console-service-user-org-owner.gif)
@ -49,7 +49,7 @@ curl --request POST \
```
* `grant_type` should be set to `client_credentials`
* `scope` should contain any [Scopes](../../apis/openidoauth/scopes) you want to include, but must include `openid`. For this example, please include `profile`, `email`
* `scope` should contain any [Scopes](/apis/openidoauth/scopes) you want to include, but must include `openid`. For this example, please include `profile`, `email`
and `urn:zitadel:iam:org:project:id:zitadel:aud`. The latter provides access to the ZITADEL API.
You should receive a successful response with `access_token`, `token_type` and time to expiry in seconds as `expires_in`.

6
docs/docs/guides/integrate/event-api.md
View File

@ -11,7 +11,7 @@ You need to give a user the [manager role](https://zitadel.com/docs/guides/manag
If you like to know more about eventsourcing/eventstore and how this works in ZITADEL, head over to our [concepts](../../concepts/eventstore/overview).
## Request Events
Call the [ListEvents](../../apis/admin) enpoint in the Administration API to get all the events you need.
Call the [ListEvents](/apis/admin) enpoint in the Administration API to get all the events you need.
To further restrict your result you can add the following filters:
- sequence
- editor user id
@ -29,7 +29,7 @@ curl --request POST \
## Get event types
To be able to filter for the different event types ZITADEL knows, you can request the [EventTypesList](../../apis/admin)
To be able to filter for the different event types ZITADEL knows, you can request the [EventTypesList](/apis/admin)
```bash
curl --request POST \
@ -65,7 +65,7 @@ The following example shows you the event types for a password check (failed/suc
## Get aggregate types
To be able to filter for the different aggregate types (resources) ZITADEL knows, you can request the [AggregateTypesList](../../apis/admin)
To be able to filter for the different aggregate types (resources) ZITADEL knows, you can request the [AggregateTypesList](/apis/admin)
```bash
curl --request POST \

11
docs/docs/guides/integrate/azuread-oidc.md → docs/docs/guides/integrate/identity-providers/azuread-oidc.md
View File

@ -1,5 +1,6 @@
---
title: Connect with AzureAD through OIDC
title: Configure AzureAD as Identity Provider
sidebar_label: AzureAD
---
## AzureAD Tenant as Identity Provider for ZITADEL
@ -87,7 +88,7 @@ If you don't want your users to get this prompt when using Azure, you have to di
1. Go to the login behaviour settings of your instance or organization, depending if you like to disable it for all or just a specific organization respectively
2. Set "Multi-factor init lifetimes" to 0
![img.png](../../../static/img/guides/login_lifetimes.png)
![img.png](/img/guides/login_lifetimes.png)
#### Create user with verified email
@ -104,11 +105,11 @@ To create the user with a verified email address you must add an action.
https://github.com/zitadel/actions/blob/main/examples/verify_email.js
```
![img.png](../../../static/img/guides/action_email_verify.png)
![img.png](/img/guides/action_email_verify.png)
3. Add the action "email verify" to the flow "external authentication" and to the trigger "pre creation"
![img.png](../../../static/img/guides/action_pre_creation_email_verify.png)
![img.png](/img/guides/action_pre_creation_email_verify.png)
#### Automatically redirect to Azure AD
@ -117,7 +118,7 @@ If you like to get automatically redirected to your Azure AD login instead of sh
1. Go to the login behaviour settings of your instance or organization
2. Disable login with username and password
3. Make sure you have only configured AzureAD as external identity provider
4. If you did all your settings on the organization level make sure to send the organization scope in your authorization request: [scope](../../apis/openidoauth/scopes#reserved-scopes)
4. If you did all your settings on the organization level make sure to send the organization scope in your authorization request: [scope](/apis/openidoauth/scopes#reserved-scopes)
### Test the setup

24
docs/docs/guides/integrate/identity-brokering.md → docs/docs/guides/integrate/identity-providers/google-oidc.mdx
View File

@ -1,22 +1,8 @@
---
title: Identity Brokering
title: Configure Google as Identity Provider
sidebar_label: Google
---
## What is Identity Brokering and Federated Identities?
Federated identity management is an arrangement built upon the trust between two or more domains. Users of these domains are allowed to access applications and services using the same identity.
This identity is known as federated identity and the pattern behind this as identity federation.
A service provider that specializes in brokering access control between multiple service providers (also referred to as relying parties) is called identity broker.
Federated identity management is an arrangement that is made between two or more such identity brokers across organizations.
Example:
If Google is configured as identity provider on your organization, the user will get the option to use his Google Account on the Login Screen of ZITADEL (1).
ZITADEL will redirect the user to the login screen of Google where he as to authenticated himself (2) and is sent back after he has finished that (3).
Because Google is registered as trusted identity provider the user will be able to login in with the Google account after he linked an existing ZITADEL Account or just registered a new one with the claims provided by Google (4)(5).
![Identity Brokering](/img/guides/identity_brokering.png)
## Register an external identity provider
In this step we will add a new Google identity provider to federate identities with ZITADEL.
@ -68,17 +54,17 @@ This case describes how to change it on the organization.
### 4. Send the primary domain scope on the authorization request
ZITADEL will show a set of identity providers by default. This configuration can be changed by users with the [manager role](../../guides/manage/console/managers#roles) `IAM_OWNER`.
ZITADEL will show a set of identity providers by default. This configuration can be changed by users with the [manager role](/guides/manage/console/managers#roles) `IAM_OWNER`.
An organization's login settings will be shown
- as soon as the user has entered the loginname and ZITADEL can identify to which organization he belongs; or
- by sending a primary domain scope.
To get your own configuration you will have to send the [primary domain scope](../../apis/openidoauth/scopes#reserved-scopes) in your [authorization request](../../guides/integrate/login-users#auth-request) .
To get your own configuration you will have to send the [primary domain scope](/apis/openidoauth/scopes#reserved-scopes) in your [authorization request](/guides/integrate/login-users#auth-request) .
The primary domain scope will restrict the login to your organization, so only users of your own organization will be able to login, also your branding and policies will trigger.
:::note
You need to create your own auth request with your applications parameters. Please see the docs to construct an [Auth Request](../../guides/integrate/login-users#auth-request).
You need to create your own auth request with your applications parameters. Please see the docs to construct an [Auth Request](/guides/integrate/login-users#auth-request).
:::
Your user will now be able to choose Google for login instead of username/password or mfa.

24
docs/docs/guides/integrate/identity-providers/introduction.md Normal file
View File

@ -0,0 +1,24 @@
---
title: Identity Brokering
---
## What is Identity Brokering and Federated Identities?
Federated identity management is an arrangement built upon the trust between two or more domains. Users of these domains are allowed to access applications and services using the same identity.
This identity is known as federated identity and the pattern behind this as identity federation.
A service provider that specializes in brokering access control between multiple service providers (also referred to as relying parties) is called identity broker.
Federated identity management is an arrangement that is made between two or more such identity brokers across organizations.
Example:
If Google is configured as identity provider on your organization, the user will get the option to use his Google Account on the Login Screen of ZITADEL (1).
ZITADEL will redirect the user to the login screen of Google where he as to authenticated himself (2) and is sent back after he has finished that (3).
Because Google is registered as trusted identity provider the user will be able to login in with the Google account after he linked an existing ZITADEL Account or just registered a new one with the claims provided by Google (4)(5).
![Identity Brokering](/img/guides/identity_brokering.png)
## How to use external identity providers in ZITADEL
Configure external identity providers on instance level or just for one organization via [Console](/guides/manage/console/instance-settings#identity-providers) or APIs.
The guides in this will help you to set up specific identity providers.
ZITADEL provides also templates to configure generic identity providers, which don't have a template.

4
docs/docs/guides/integrate/oauth-recommended-flows.md
View File

@ -58,7 +58,7 @@ So what do we want to achieve with delegated authentication?
- Instead of sending around the users credentials
- Clients may access protected resources with an **access token** that is only valid for specific scope and limited lifetime (OAuth 2.x)
- Users have to **authorize** applications to access certain [**scopes**](../../apis/openidoauth/scopes) (eg, email address or custom roles). Applications can request [**claims**](../../apis/openidoauth/claims) (key:value pairs, eg email address) for the authorized scopes with the access token or ID token from ZITADEL
- Users have to **authorize** applications to access certain [**scopes**](/apis/openidoauth/scopes) (eg, email address or custom roles). Applications can request [**claims**](/apis/openidoauth/claims) (key:value pairs, eg email address) for the authorized scopes with the access token or ID token from ZITADEL
- Access tokens are bearer tokens, meaning that possession of the token provides access to a resource. But the tokens expire frequently and the application must request a new access token via **refresh token** or the user must reauthenticate
![Overview federated identities](/img/guides/consulting_federated_identities_basics.png)
@ -119,7 +119,7 @@ _So what about APIs?_
We recommend using **“JWT bearer token with private key”** ([RFC7523](https://tools.ietf.org/html/rfc7523)) for Machine-to-Machine clients.
What this means is that you have to send an JWT token, containing the [standard claims for access tokens](../../apis/openidoauth/claims) and that is signed with your private key, to the token endpoint to request the access token. We will see how this works in another module about Service Accounts.
What this means is that you have to send an JWT token, containing the [standard claims for access tokens](/apis/openidoauth/claims) and that is signed with your private key, to the token endpoint to request the access token. We will see how this works in another module about Service Accounts.
If you dont have any technical limitations, you should prefer this method over other methods.

6
docs/docs/guides/integrate/atlassian-saml.md → docs/docs/guides/integrate/services/atlassian-saml.md
View File

@ -11,9 +11,9 @@ It covers how to:
Prerequisites:
- existing ZITADEL Instance, if not present follow [this guide](../../guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](../../guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](../../guides/manage/console/projects)
- existing ZITADEL Instance, if not present follow [this guide](/guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](/guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](/guides/manage/console/projects)
- existing Atlassian Access setup, including verified domain
> We have to switch between ZITADEL and Atlassian. If the headings begin with "ZITADEL" switch to the ZITADEL

8
docs/docs/guides/integrate/auth0-oidc.mdx → docs/docs/guides/integrate/services/auth0-oidc.mdx
View File

@ -2,7 +2,7 @@
title: Connect with Auth0 through OIDC
---
import CreateApp from "./application/_application.mdx";
import CreateApp from "../application/_application.mdx";
This guide shows how to enable login with ZITADEL on Auth0.
@ -13,9 +13,9 @@ It covers how to:
Prerequisites:
- existing ZITADEL Instance, if not present follow [this guide](../../guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](../../guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](../../guides/manage/console/projects)
- existing ZITADEL Instance, if not present follow [this guide](/guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](/guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](/guides/manage/console/projects)
- existing Auth0 tenant as described [here](https://auth0.com/docs/get-started/auth0-overview/create-tenants)
> We have to switch between ZITADEL and a Auth0. If the headings begin with "ZITADEL" switch to the ZITADEL Console and if the headings start with "Auth0" please switch to the Auth0 GUI.

6
docs/docs/guides/integrate/auth0-saml.md → docs/docs/guides/integrate/services/auth0-saml.md
View File

@ -11,9 +11,9 @@ It covers how to:
Prerequisites:
- existing ZITADEL Instance, if not present follow [this guide](../../guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](../../guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](../../guides/manage/console/projects)
- existing ZITADEL Instance, if not present follow [this guide](/guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](/guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](/guides/manage/console/projects)
- existing Auth0 tenant as described [here](https://auth0.com/docs/get-started/auth0-overview/create-tenants)
> We have to switch between ZITADEL and a Auth0. If the headings begin with "ZITADEL" switch to the ZITADEL Console and

6
docs/docs/guides/integrate/aws-saml.md → docs/docs/guides/integrate/services/aws-saml.md
View File

@ -11,9 +11,9 @@ It covers how to:
Prerequisites:
- existing ZITADEL Instance, if not present follow [this guide](../../guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](../../guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](../../guides/manage/console/projects)
- existing ZITADEL Instance, if not present follow [this guide](/guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](/guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](/guides/manage/console/projects)
- prerequisites on AWS side [here](https://docs.aws.amazon.com/singlesignon/latest/userguide/prereqs.html).
- enabled AWS SSO [here](https://docs.aws.amazon.com/singlesignon/latest/userguide/step1.html?icmpid=docs_sso_console)

6
docs/docs/guides/integrate/gitlab-saml.md → docs/docs/guides/integrate/services/gitlab-saml.md
View File

@ -11,9 +11,9 @@ It covers how to:
Prerequisites:
- existing ZITADEL Instance, if not present follow [this guide](../../guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](../../guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](../../guides/manage/console/projects)
- existing ZITADEL Instance, if not present follow [this guide](/guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](/guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](/guides/manage/console/projects)
- existing Gitlab SaaS Setup in the premium tier
> We have to switch between ZITADEL and Gitlab. If the headings begin with "ZITADEL" switch to the ZITADEL

8
docs/docs/guides/integrate/gitlab-self-hosted.mdx → docs/docs/guides/integrate/services/gitlab-self-hosted.mdx
View File

@ -2,7 +2,7 @@
title: Gitlab OmniAuth Provider
---
import CreateApp from "./application/_application.mdx";
import CreateApp from "../application/_application.mdx";
This guide shows how to enable login with ZITADEL on self-hosted Gitlab instances.
@ -14,9 +14,9 @@ It covers how to:
Prerequisites:
- existing ZITADEL Instance, if not present follow [this guide](../../guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](../../guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](../../guides/manage/console/projects)
- existing ZITADEL Instance, if not present follow [this guide](/guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](/guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](/guides/manage/console/projects)
- running Gitlab instance see [installation guide](https://docs.gitlab.com/ee/install/)
<CreateApp appType="web" authType="code" appName="Gitlab" redirectURI="https://<your_gitlab_url>/users/auth/openid_connect/callback"/>

6
docs/docs/guides/integrate/pingidentity-saml.md → docs/docs/guides/integrate/services/pingidentity-saml.md
View File

@ -11,9 +11,9 @@ It covers how to:
Prerequisites:
- existing ZITADEL Instance, if not present follow [this guide](../../guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](../../guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](../../guides/manage/console/projects)
- existing ZITADEL Instance, if not present follow [this guide](/guides/start/quickstart)
- existing ZITADEL Organization, if not present follow [this guide](/guides/manage/console/organizations)
- existing ZITADEL project, if not present follow the first 3 steps [here](/guides/manage/console/projects)
- existing Pingidentity environment [here](https://docs.pingidentity.com/bundle/pingone/page/wqe1564020490538.html)
> We have to switch between ZITADEL and Ping Identity. If the headings begin with "ZITADEL" switch to the ZITADEL

4
docs/docs/guides/integrate/serviceusers.md
View File

@ -79,7 +79,7 @@ Payload
* `iat` is a unix timestamp of the creation signing time of the JWT, e.g. now and must not be older than 1 hour ago
* `exp` is the unix timestamp of expiry of this assertion
Please refer to [JWT_with_Private_Key](../../apis/openidoauth/authn-methods#jwt-with-private-key) in the documentation for further information.
Please refer to [JWT_with_Private_Key](/apis/openidoauth/authn-methods#jwt-with-private-key) in the documentation for further information.
If you use Go, you might want to use the [provided tool](https://github.com/zitadel/zitadel-tools) to generate a JWT from the downloaded json. There are many [libraries](https://jwt.io/#libraries-io) to generate and sign JWT.
@ -97,7 +97,7 @@ curl --request POST \
```
* `grant_type` should be set to `urn:ietf:params:oauth:grant-type:jwt-bearer`
* `scope` should contain any [Scopes](../../apis/openidoauth/scopes) you want to include, but must include `openid`. For this example, please include `profile` and `email`
* `scope` should contain any [Scopes](/apis/openidoauth/scopes) you want to include, but must include `openid`. For this example, please include `profile` and `email`
* `assertion` is the encoded value of the JWT that was signed with your private key from the prior step
You should receive a successful response with `access_token`, `token_type` and time to expiry in seconds as `expires_in`.

4
docs/docs/guides/manage/console/instance-settings.mdx
View File

@ -133,7 +133,7 @@ You can configure all kinds of external identity providers for identity brokerin
Create a new identity provider configuration and enable it in the list afterwards.
For a detailed guide about how to configure a new identity provider for identity brokering have a look at our guide:
[Identity Brokering](../../../guides/integrate/identity-brokering)
[Identity Brokering](/guides/integrate/identity-providers/introduction.md)
## Password Complexity
@ -171,7 +171,7 @@ In the domain policy you have two different settings.
One is the "user_login_must_be_domain", by setting this all the users within an organisation will be suffixed with the domain of the organisation.
The second is "validate_org_domains" if this is set to true all created domains on an organisation must be verified per acme challenge.
More about how to verify a domain [here](../../../guides/manage/console/organizations#domain-verification-and-primary-domain).
More about how to verify a domain [here](/guides/manage/console/organizations#domain-verification-and-primary-domain).
If it is set to false, all registered domain will automatically be created as verified and the users will be able to use the domain for login.
### Use email as username

8
docs/docs/guides/manage/customize/behavior.md
View File

@ -11,7 +11,7 @@ Before you start, make sure you have everything set up correctly.
- You need to be at least a ZITADEL _ORG_OWNER_
- Your ZITADEL organization needs to have the actions feature enabled. <!-- TODO: How to enable it for SaaS ZITADEL? -->
- [Your ZITADEL organization needs to have at least one external identity provider enabled](../../integrate/identity-brokering)
- [Your ZITADEL organization needs to have at least one external identity provider enabled](../../integrate/identity-providers/introduction.md)
- [You need to have at least one role configured for a project](../console/projects)
## Copy some information for the action
@ -35,7 +35,7 @@ https://github.com/zitadel/actions/blob/main/examples/add_user_grant.js
## Run the action when a user registers
Now, make the action hook into the [external authentication flow](../../../apis/actions/external-authentication).
Now, make the action hook into the [external authentication flow](/apis/actions/external-authentication).
1. In the **Flows <i className="las la-exchange-alt"></i>** section, select the **+ New** button.
1. Select the **Flow Type** _External Authentication_.
@ -49,5 +49,5 @@ New users automatically are assiged a role now if they register by authenticatin
## What's next?
- [Read more about the concepts around actions](../../../concepts/features/actions)
- [Read more about all the options you have with actions](../../../apis/actions/introduction)
- [Read more about the concepts around actions](/concepts/features/actions)
- [Read more about all the options you have with actions](/apis/actions/introduction)

2
docs/docs/guides/manage/customize/branding.md
View File

@ -43,7 +43,7 @@ If you like to trigger your settings for your applications you have different po
### 1. Primary Domain Scope
Send a [reserved scope](../../../apis/openidoauth/scopes) with your [authorization request](../../integrate/login-users#auth-request) to trigger your organization.
Send a [reserved scope](/apis/openidoauth/scopes) with your [authorization request](../../integrate/login-users#auth-request) to trigger your organization.
The primary domain scope will restrict the login to your organization, so only users of your own organization will be able to login.
You can use our [OpenID Authentication Request Playground](/apis/openidoauth/authrequest) to learn more about how to trigger an [organization's policies and branding](/apis/openidoauth/authrequest#organization-policies-and-branding).

8
docs/docs/guides/manage/customize/user-metadata.md
View File

@ -24,7 +24,7 @@ Typical examples for user metadata include:
### Add metadata to a user
- [Add metadata](../../../manuals/user-profile#metadata) to a user
- [Add metadata](/guides/manage/customize/user-metadata) to a user
- Make sure you will use this user to login during later steps
## Requesting a token
@ -47,7 +47,7 @@ export ZITADEL_DOMAIN="https://...asd.zitadel.cloud"
<Tabs>
<TabItem value="go" label="Go" default>
Grab zitadel-tools to create the [required string](../../../apis/openidoauth/authn-methods#client-secret-basic) for Basic authentication:
Grab zitadel-tools to create the [required string](/apis/openidoauth/authn-methods#client-secret-basic) for Basic authentication:
```bash
git clone git@github.com:zitadel/zitadel-tools.git
@ -93,7 +93,7 @@ Export the result to the environment variable `BASIC_AUTH`.
<TabItem value="manually" label="Manually">
You need to create a string as described [here](../../../apis/openidoauth/authn-methods#client-secret-basic).
You need to create a string as described [here](/apis/openidoauth/authn-methods#client-secret-basic).
Use a programming language of your choice or manually create the strings with online tools (don't use these secrets for production) like:
@ -107,7 +107,7 @@ Export the result to the environment variable `BASIC_AUTH`.
### Create Auth Request
You need to create a valid auth request, including the reserved scope `urn:zitadel:iam:user:metadata`. Please refer to our API documentation for more information about [reserved scopes](../../../apis/openidoauth/scopes#reserved-scopes) or try it out in our [OIDC Authrequest Playground](/apis/openidoauth/authrequest?scope=openid%20email%20profile%20urn%3Azitadel%3Aiam%3Auser%3Ametadata).
You need to create a valid auth request, including the reserved scope `urn:zitadel:iam:user:metadata`. Please refer to our API documentation for more information about [reserved scopes](/apis/openidoauth/scopes#reserved-scopes) or try it out in our [OIDC Authrequest Playground](/apis/openidoauth/authrequest?scope=openid%20email%20profile%20urn%3Azitadel%3Aiam%3Auser%3Ametadata).
Login with the user to which you have added the metadata. After the login you will be redirected.

4
docs/docs/guides/manage/user/reg-create-user.md
View File

@ -31,7 +31,7 @@ If nothing is requested, the type will not be restricted and all possibilities o
If you already have a user in ZITADEL, it is possible to add passwordless later.
[Add Passwordless Registration ](../../../apis/mgmt)
[Add Passwordless Registration ](/apis/mgmt)
Send the user_id in the request and you will get a link and an expiration as response.
You can then customize the link the same as described above in the creation process.
@ -39,7 +39,7 @@ You can then customize the link the same as described above in the creation proc
The second possibility is to send the link directly to the user per email.
Use the following request in that case:
[Send Passwordless Registration ](../../../apis/mgmt)
[Send Passwordless Registration ](/apis/mgmt)
## Verified Email Address

30
docs/docs/guides/overview.mdx
View File

@ -4,16 +4,23 @@ title: Overview
Most applications need to know the identity of a user for access control, to securely store their data in the cloud, and provide the same personalized experience across all of the user's devices.
ZITADEL provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users in your application. It supports authentication using passwords and applies additional security with the help of a second factor, for example, OTP, to ensure safe and secure access.
It additionally leverages industry standards like OAuth 2.0 and OpenID Connect such that it can be easily integrated into your custom backend.
With ZITADEL you can rely on a hardened and extensible turnkey solution to solve all of your authentication and authorization needs.
We provide you with a wide range of out of the box features to accelerate your project. Multi-tenancy with branding customization, secure login, self-service, OpenID Connect, OAuth2.x, SAML2, Passwordless with FIDO2 (including Passkeys), OTP, U2F, and an unlimited audit trail is there for you, ready to use.
Execute custom code on selected events within ZITADEL to ensure perfect compatibility with your unique and complex software landscape and data models.
## Get Started
### Quick Start Guide
Follow our [Quick Start Guide](/guides/start/quickstart).
### Cloud or Self-Hosting
ZITADEL can be used in two ways:
- Use the ZITADEL Cloud, our public cloud service. Use the free tier to get started in minutes.
- Deploy a self-hosted ZITADEL for full control, wherever you like.
## Help me choose
If you are unsure, opt for the gracious free tier of [ZITADEL Cloud](./manage/cloud/overview).
Choose [ZITADEL Cloud](./manage/cloud/overview) if you want:
@ -29,9 +36,14 @@ Choose [ZITADEL Self-Hosted](/self-hosting/deploy/overview) if you want:
- To run ZITADEL in air-gapped or regulated environments
- Flexibility when you deploy updates
:::info
Support is available either through the opensource community or a support contract.
:::
## Get Help
Join our [Discord Chat](https://zitadel.com/chat) or open a [Discussion](https://github.com/zitadel/zitadel/discussions) on Github to get help from the community and the team behind ZITADEL.
With our guides, you will learn everything you need to know about specific topics. To get started, jump directly to the [get started](./start/quickstart) docs.
Cloud and Enterprise customers can additionally reach us privately via the [Support communication channels](/legal/support-services).
## Contribute
ZITADEL is open source — and so is the documentation.
Should you happen to stumble over an incorrectness, a spelling mistake, a hard-to-understand text passage, please dont hesitate to leave a comment or [contribute a corresponding change](https://github.com/zitadel/zitadel/blob/main/CONTRIBUTING.md).

2
docs/docs/guides/solution-scenarios/b2c.mdx
View File

@ -29,7 +29,7 @@ You can read more about how ZITADEL handles usernames [here](../manage/console/o
ZITADEL gives you a basic storage for users and manages phone and email addresses. It also allows you to store your own application data such as preferences or external identifiers to the metadata of a user.
If you are migrating an existing project and you already have an external identity store you can consider bulk importing your user datasets.
Read our [Management API definitions](../../apis/mgmt) for more info. If the users email is not verified or no password is set, a initialization mail will be send.
Read our [Management API definitions](/apis/mgmt) for more info. If the users email is not verified or no password is set, a initialization mail will be send.
:::info
Requests to the management API are rate limited. Read our [Rate limit Policy](../../legal/rate-limit-policy) for more info.

7
docs/docs/guides/solution-scenarios/configurations.mdx
View File

@ -1,5 +1,6 @@
---
title: How to configure ZITADEL for your scenario
sidebar_label: FAQ Configurations
---
Each customer does have different needs and use-cases. In ZITADEL you are able to configure your settings depending on your needs.
@ -14,13 +15,13 @@ If a user of this organization wants to login, you don't want them to enter thei
### Settings
1. Go to the "Identity Providers" Settings of the organization
2. Configure the needed identity provider: Read this [guide](../integrate/identity-brokering.md) if you don't know how
2. Configure the needed identity provider: Read this [guide](../integrate/identity-providers/introduction.md) if you don't know how
3. Go to the "Login Behavior and Security" settings of the organization
4. Disable "Username Password Allowed" and enable "External IDP allowed" in the Advanced Section
Now your application can send either the organizations id (`urn:zitadel:iam:org:id:{id}`) or organizations primary domain (`urn:zitadel:iam:org:domain:primary:{domainname}`) scope on your authorization request to identify on which organization the users should be logged in.
More about the [scopes](../../apis/openidoauth/scopes#reserved-scopes)
More about the [scopes](/apis/openidoauth/scopes#reserved-scopes)
## Custom Application Domain per Organization
@ -45,7 +46,7 @@ This will have the following impacts:
- Only allow users from selected organization to login
To request the organization send either the the organization id (`urn:zitadel:iam:org:id:{id}`) or organization primary domain (`urn:zitadel:iam:org:domain:primary:{domainname}`) scope on your authentication request from your application.
More about the [scopes](../../apis/openidoauth/scopes#reserved-scopes)
More about the [scopes](/apis/openidoauth/scopes#reserved-scopes)
## Use email to login

27
docs/docs/manuals/introduction.mdx
View File

@ -1,27 +0,0 @@
---
title: Overview
---
import {ListElement, ListWrapper, ICONTYPE} from '../../src/components/list';
import Column from '../../src/components/column';
In this section we provide manuals for different user profiles.
<ListWrapper title="User Profile/Login">
<Column>
<div>
<ListElement link="/docs/manuals/user-profile#change-password" type={ICONTYPE.HELP_PASSWORD} title="Password" description="Change your ZITADEL password" />
<ListElement link="/docs/manuals/user-profile#change-email" type={ICONTYPE.HELP_EMAIL} title="Email" description="Change your email address" />
<ListElement link="/docs/manuals/user-profile#change-phone" type={ICONTYPE.HELP_PHONE} title="Phone" description="Change your phone number" />
<ListElement link="/docs/manuals/user-profile#identity-providers" type={ICONTYPE.HELP_SOCIAL} title="Social logins" description="Link an external Identity Provider with your accoun" />
<ListElement link="/docs/manuals/user-profile#passwordless" type={ICONTYPE.HELP_PASSWORDLESS} title="Passwordless" description="Authenticate with your fingerprint or security key." />
<ListElement link="/docs/manuals/user-profile#multifactor-authentication" type={ICONTYPE.HELP_FACTORS} title="Factors" description="Enable multifactor authentication for more security" />
</div>
<div>
<ListElement link="/docs/manuals/user-profile#authorization" type={ICONTYPE.POLICY} title="Authorizations" description="Show all the permissions and roles you have" />
<ListElement link="/docs/manuals/user-profile#memberships" type={ICONTYPE.ARCHITECTURE} title="Memberships" description="See the permissions you have within ZITADEL" />
<ListElement link="/docs/manuals/user-profile#metadata" type={ICONTYPE.PRIVATELABELING} title="Metadata" description="Additional data on your user" />
<ListElement link="/docs/manuals/user-login" type={ICONTYPE.LOGIN} title="Login" description="Login with your ZITADEL user" />
</div>
</Column>
</ListWrapper>

47
docs/docs/manuals/user-login.md
View File

@ -1,47 +0,0 @@
---
title: Login
---
## Login Username
Enter your login name in the input field. Your loginname consists of the username with @ organisation domain. E.g road.runner@acme.zitadel.cloud
If the organization is already pre-selected you do not have to enter the domain.
![Login Username](/img/accounts_page.png)
## Select Account
If you already have logged in with an account in this browser. ZITADEL has stored your usersession and you will be able to choose one of the accounts.
## Login with Password
Enter you password. If you can't remember it click on the reset password link. You will get an email to set a new passwords.
![Login Password](/img/accounts_password.png)
## Login with One Time Password (OTP)
If you have registered a One time password (OTP) as a second factor you need to enter your code.
1. Open your authenticator app which you used to set up your OTP
2. Enter the code from the authenticator app in the input field of the login process
![Login OTP](/img/accounts_multifactor.png)
You can find out how to register OTP [here](./user-profile##one-time-password-otp).
### Can't remember your otp
If you have a problem with your OTP, please contact the support of your organization.
## Login with Universal Second Factor (U2F) (FaceID, FingerPrint, etc.)
If you have registered U2F as second factor for your account you will have to verify this factor.
1. Click the button "Verify Token"
2. Your browser/device will show you the methods you have to verify your account (e.g FingerScan, Face Recognition, External Hardware Token, etc)
3. Follow the steps your browser shows you
![Login Multi Factor](/img/login-mfa.gif)

135
docs/docs/manuals/user-profile.md
View File

@ -1,135 +0,0 @@
---
title: User Profile
---
To get to your user profile you have to login to your ZITADEL Console {your-domain}-{randomstring}.zitadel.cloud or {your-custom-domain}.
If you have no special permissions in the ZITADEL Console, you will get directly to your profile page.
Otherwise click on your user avatar in the top right of the console. A menu will open, with the "Edit Account" button you will be redirected to your profile page.
## Loginname
You are able to login with some different login names. The login name consists of the username and the organization suffix. The organization suffix are the registered domains on your organization.
![Loginname](/img/manuals/console_profile_loginname.png)
## General
In the general section you can find your profile data and contact information.
In the profile data you can change the following data:
- Avatar
- Username
- Firstname
- Lastname
- Nickname
- Display Name
- Gender
- Language
In the contact information you can change your password, email and phone number. The Email and Phone number need to be verified.
![Profile](/img/manuals/console_profile.png)
### Change Password
Change your password by entering your old, new and new confirmation password.
![Change Password](/img/change_password.gif)
### Change Email
Click on the edit button next to the email to change your email address.
You will now get an email to verify that this is your account. This can take a moment.
Click on the button in the mail to verify the address. If you now reload your profile page the email address should be shown as verified.
If you wait to long to verify the email, your code will probably be expired.
The get a new verification mail click on "resend code" next to the "not verified" label.
The email doesn't need to be unique within the whole system.
### Change Phone number
The phone number is not mandatory withing ZITADEL. If you like to add it, you have to verify it.
1. Click "edit button" and add your number
2. Get an SMS with a verification code to the added number
3. Click "Verify" below the added number
4. A popup with an Input field for your code will be shown
5. Enter the code a click "OK"
Your phone number should now be verified.
## Identity Providers
The identity provider section shows you, if you have linked an account from another system. (e.g. Google Account, Github, Azure AD, etc)
If you have some linked accounts, in this section you can remove them, if you don't need them anymore.
## Passwordless
ZITADEL provides some different authentication methods, passwordless is one of them.
Passwordless has two different types, system based or system independent.
If you use system based methods make sure to register all the different devices you need to login. (e.g. Notebook, Mobile Phone, etc)
Examples for passwordless authentication methods are: Fingerprint, Windows Hello, Face Recognition, etc.
For device independent authentication you can use some hardware tokens. e.g. Yubikey, Solokey, etc.
There are different options how to add a passwordless autehntication.
1. Add directly on the current device
2. Send a registration link to your email. You can open this email and use the link on any device you like to register
3. Generate a qr code with a registration link and scann the QR Code with the device where you like to register
Make sure to add at least to different devices or a device independent method
![Add Passwordless fingerprint](/img/manuals/console_profile_passwordless.gif)
## Multifactor Authentication
Multifactor authentication means that after entering the password, you need some kind of second authentication.
At the moment ZITADEL provides Webauthn and OTP.
Webauthn uses your device to authenticate e.g Fingerprint, Face Recognition, Windows Hello.
OTP means One time password, to use this method you need to install some kind of Authenticator App like Google Authenticator, Authy, Microsoft Authenticator.
### Fingerprint, Security Keys, Face ID, etc.
Use a method that is provided by your device to authenticate yourself.
1. Click the button "Add Factor" in the multifactor authentication section of your profile
2. Choose Fingerprint, Security Keys, Face ID and others
3. Enter a name which identifies your authentication (e.g iPhone Road.Runner, Mac Book 1, Yubikey), The name is used for nothing just for yourself to recognize what you have registered.
4. Your device will show you a popup to choose what method you like to register
5. Choose the method ond follow the instructions (e.g. Scan your finger, Enter Pin, etc.)
![Add MFA Fingerprint](/img/manuals/console_profile_mfa_webauthn.gif)
### One time Password (OTP)
For One time password (OTP) you will need an Authenticator app of your choice that provides an authentication code.
1. Download an Authenticator App of your choice (e.g. Authy, Google Authenticator, Microsoft Authenticator, etc.)
2. Click the button "Add Factor" in the multifactor authentication section of your profile
3. Choose OTP (One-Time-Password)
4. Scan the QR Code with your app
5. Enter the code you get in the app in the Code input field
You will now be able to use otp as a second factor during the login process
## Authorization
In the authorization section you can see all the permissions and roles you have to some different applications.
## Memberships
Membership is the role model ZITADEL provides for itself. If you have any permissions to manage something within ZITADEL you will have a membership.
This memeberships are hierarchical and have the following layers:
- System
- Organization
- Project
- Granted Project
To read more about the different roles withing ZITADEL click [here](../guides/manage/console/managers.mdx).
## Metadata
Sometimes it is needed to store some more data on a user. This data can be stored in the metadata.

44
docs/docs/manuals/user-register.md
View File

@ -1,44 +0,0 @@
---
title: User Register
---
## Organization and user registration
ZITADEL allows users to register a organization and/or user with just a few steps.
A. Register an organization
1. Create an organization
2. Verify your email
3. Login to ZITADEL and manage the organization
B. Create User
1. An administrator can create and manage users within console.
C. Enable Self Registration for User
1. Create an organization as above
2. Create custom policy
3. Enable the "Register allowed" flag in the Login Policy
4. Connect your application and add the applications [scope](../apis/openidoauth/scopes) to the redirect URL.
This will enable the register option in the login dialog and will register the user within your organization if he does not already have an account.
Register Organization
![Register Organization](/img/register.gif)
Create User
![Create User](/img/create-user.gif)
Enable Self Register
![Enable Selfregister](/img/enable-selfregister.gif)
## Self Register
When self registration is enabled, users can register themselves in the organization without any administrative effort.
Self Register
![Self Register](/img/self-register.gif)

133
docs/docs/sdks/introduction.mdx Normal file
View File

@ -0,0 +1,133 @@
---
title: Overview
---
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import { Card, CardWrapper } from "../../src/components/card";
Get started with ZITADEL quickly by reading a quickstart or by cloning a [ZITADEL example](https://github.com/search?q=topic%3Aexamples+org%3Azitadel) repo.
<Tabs>
<TabItem value="app" label="Web · Native applications" default>
<CardWrapper>
<Card
link="/docs/examples/login/angular"
imageSource="/docs/img/tech/angular.svg"
title="Angular"
description="Add the user login to your application and query some data from the userinfo endpoint"
/>
<Card
link="/docs/examples/login/react"
imageSource="/docs/img/tech/react.png"
title="React"
description="Logs into your application and queries some data from the userinfo endpoint"
/>
<Card
link="/docs/examples/login/flutter"
imageSource="/docs/img/tech/flutter.svg"
title="Flutter"
description="Mobile Application working for iOS and Android that authenticates your user."
/>
<Card
link="/docs/examples/login/nextjs"
imageSource="/docs/img/tech/nextjs.svg"
title="NextJS"
description="A simple application to log into your user account and query some data from User endpoint."
/>
<Card
link="/docs/examples/login/nextjs-b2b"
imageSource="/docs/img/tech/nextjs.svg"
title="NextJS B2B Scenario"
description="An application to showcase your user account having multiple organizations and the use of Personal Access Tokens."
/>
</CardWrapper>
</TabItem>
<TabItem value="apis" label="APIs">
<CardWrapper>
<Card
link="/docs/examples/secure-api/go"
imageSource="/docs/img/tech/golang.svg"
title="GO"
description="This example shows you how to secure an API written in GO."
/>
<Card
link="/docs/examples/secure-api/python-flask"
imageSource="/docs/img/tech/python.svg"
title="Python"
description="This example shows you how to secure a Python3 Flask API."
/>
<Card
link="/docs/examples/secure-api/dot-net"
imageSource="/docs/img/tech/dotnet.svg"
title=".NET"
description="This example shows you how to secure a .NET API."
/>
</CardWrapper>
</TabItem>
<TabItem value="zitadel" label="ZITADEL · APIs">
<CardWrapper>
<Card
link="/docs/examples/call-zitadel-api/go"
imageSource="/docs/img/tech/golang.svg"
title="GO"
description="Demonstrates how to fetch some data from the ZITADEL management API."
/>
<Card
link="/docs/examples/call-zitadel-api/dot-net"
imageSource="/docs/img/tech/dotnet.svg"
title=".NET"
description="This integration guide shows you how to integrate ZITADEL into your .NET application. It demonstrates how to fetch some data from the ZITADEL management API."
/>
</CardWrapper>
</TabItem>
<TabItem value="proxy" label="Proxy">
<CardWrapper>
<Card
link="/docs/examples/identity-proxy/oauth2-proxy"
imageSource="/docs/img/tech/oauth2-proxy.svg"
title="OAuth 2.0 Proxy"
description="Allows services to delegate the authentication flow to a IDP, for example ZITADEL"
/>
</CardWrapper>
</TabItem>
</Tabs>
## Clone a sample project
<CardWrapper>
<Card
githubLink="https://github.com/zitadel/zitadel-java"
title="Java"
label="Java"
/>
<Card
githubLink="https://github.com/zitadel/zitadel-python3"
title="Python"
label="Python"
/>
<Card
githubLink="https://github.com/zitadel/zitadel-angular"
title="Angular"
label="Web · Mobile Web"
/>
<Card
githubLink="https://github.com/zitadel/zitadel-nextjs"
title="NextJS"
label="Web · Mobile Web"
/>
<Card
githubLink="https://github.com/zitadel/zitadel_flutter"
title="Flutter"
label="Android · iOS · Web · Mobile Web"
/>
</CardWrapper>
## Libraries
| Language | Description | Link |
| -------- | ------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------- |
| Go | Go client library for ZITADEL. | [https://github.com/zitadel/zitadel-go](https://github.com/zitadel/zitadel-go) |
| .Net | Authentication / Authorization library written in dotnet for the asp.net web application package. | [https://github.com/zitadel/zitadel-net](https://github.com/zitadel/zitadel-net) |
| Dart | Dart library for ZITADEL, contains gRPC and API access elements. | [https://github.com/zitadel/zitadel-dart](https://github.com/zitadel/zitadel-dart) |
| Elixir | API Client for the ZITADEL API. | [https://github.com/jshmrtn/zitadel_api](https://github.com/jshmrtn/zitadel_api) |

2
docs/docs/self-hosting/deploy/loadbalancing-example/loadbalancing-example.mdx
View File

@ -69,4 +69,4 @@ This is the IAM admin users login according to your configuration in the [exampl
- **username**: *root@<span></span>my-org.my.domain*
- **password**: *RootPassword1!*
Read more about [the login process](../../manuals/user-login).
Read more about [the login process](/guides/integrate/login-users).

2
docs/docs/self-hosting/manage/configure/configure.mdx
View File

@ -77,7 +77,7 @@ This is the IAM admin users login according to your configuration in the [exampl
## What's next
- Read more about [the login process](/manuals/user-login).
- Read more about [the login process](/guides/integrate/login-users).
- If you want to run ZITADEL in production, you most certainly need to [customize your own domain](./custom-domain).
- Check out all possible [runtime configuration properties and their defaults in the source code](https://github.com/zitadel/zitadel/blob/main/cmd/defaults.yaml)
- Check out all possible [setup step configuration properties and their defaults in the source code](https://github.com/zitadel/zitadel/blob/main/cmd/setup/steps.yaml)

0
docs/docs/guides/trainings/application.md → docs/docs/support/trainings/application.md
View File

0
docs/docs/guides/trainings/introduction.md → docs/docs/support/trainings/introduction.md
View File

0
docs/docs/guides/trainings/project.md → docs/docs/support/trainings/project.md
View File

0
docs/docs/guides/trainings/recurring.md → docs/docs/support/trainings/recurring.md
View File

2
docs/docs/manuals/troubleshooting.md → docs/docs/support/troubleshooting.md
View File

@ -16,8 +16,6 @@ ZITADEL uses some cookies to identify the browser/user agent of the user, so it
We only found this issue with iPhone users, and it was dependent on the settings of the device.
### Solution
Go to the settings of the app Safari and check in the "Experimental WebKit Features" if SameSite strict enforcement (ITP) is disabled
Also check if "block all cookies" is active. If so please disable this setting.

24
docs/docusaurus.config.js
View File

@ -65,16 +65,10 @@ module.exports = {
items: [
{
type: "doc",
label: "Guides",
label: "Documentation",
docId: "guides/overview",
position: "left",
},
{
type: "doc",
label: "Examples",
docId: "examples/introduction",
position: "left",
},
},
{
type: "doc",
label: "APIs",
@ -87,23 +81,11 @@ module.exports = {
docId: "self-hosting/deploy/overview",
position: "left",
},
{
type: "doc",
docId: "concepts/introduction",
label: "Concepts",
position: "left",
},
{
type: "doc",
docId: "manuals/introduction",
label: "Help",
position: "left",
},
{
type: "doc",
docId: "legal/introduction",
label: "Legal",
position: "left",
position: "right",
},
{
type: "html",

3
docs/package.json
View File

@ -4,7 +4,8 @@
"private": true,
"scripts": {
"docusaurus": "docusaurus",
"start": "yarn generate && docusaurus start",
"start": "docusaurus start",
"start:api": "yarn generate && docusaurus start",
"build": "yarn generate && docusaurus build --no-minify",
"swizzle": "docusaurus swizzle",
"deploy": "docusaurus deploy",

303
docs/sidebars.js
View File

@ -1,40 +1,4 @@
module.exports = {
examples: [
"examples/introduction",
{
type: "category",
label: "Integrate ZITADEL Login in your App",
items: [
"examples/login/angular",
"examples/login/react",
"examples/login/flutter",
"examples/login/nextjs",
"examples/login/nextjs-b2b",
],
collapsed: false,
},
{
type: "category",
label: "Secure your API",
items: ["examples/secure-api/go", "examples/secure-api/python-flask", "examples/secure-api/dot-net"],
collapsed: false,
},
{
type: "category",
label: "Call the ZITADEL API",
items: [
"examples/call-zitadel-api/go",
"examples/call-zitadel-api/dot-net",
],
collapsed: false,
},
{
type: "category",
label: "Identity Aware Proxy",
items: ["examples/identity-proxy/oauth2-proxy"],
collapsed: false,
},
],
guides: [
"guides/overview",
{
@ -43,12 +7,52 @@ module.exports = {
collapsed: false,
items: [
"guides/start/quickstart",
{
type: "category",
label: "Frontend",
items: [
"examples/login/angular",
"examples/login/react",
"examples/login/flutter",
"examples/login/nextjs",
],
collapsed: true,
},
{
type: "category",
label: "Backend",
items: [
"examples/secure-api/go",
"examples/secure-api/python-flask",
"examples/secure-api/dot-net"
],
collapsed: true,
},
],
},
"examples/sdks",
{
type: "category",
label: "Example Applications",
items: [
"examples/introduction",
{
type: 'link',
label: 'Frontend', // The link label
href: '/examples/introduction#frontend', // The internal path
},
{
type: 'link',
label: 'Backend', // The link label
href: '/examples/introduction#backend', // The internal path
}
],
collapsed: true,
},
{
type: "category",
label: "Manage",
collapsed: false,
collapsed: true,
items: [
{
type: "category",
@ -84,7 +88,6 @@ module.exports = {
"guides/manage/customize/branding",
"guides/manage/customize/texts",
"guides/manage/customize/behavior",
"guides/manage/customize/user-metadata",
],
},
{
@ -92,78 +95,171 @@ module.exports = {
label: "Terraform",
items: ["guides/manage/terraform/basics"],
},
"guides/manage/user/reg-create-user",
{
type: "category",
label: "Users",
items: [
"guides/manage/user/reg-create-user",
"guides/manage/customize/user-metadata",
],
},
],
},
{
type: "category",
label: "Integrate",
collapsed: false,
collapsed: true,
link: {
type: 'generated-index',
title: 'Overview',
slug: 'guides/integrate',
},
items: [
"guides/integrate/login-users",
"guides/integrate/identity-brokering",
{
type: "category",
label: "Authenticate Users",
collapsed: true,
items: [
"guides/integrate/login-users",
"guides/integrate/oauth-recommended-flows",
"guides/integrate/logout",
],
},
{
type: "category",
label: "Configure Identity Providers",
collapsed: true,
items: [
"guides/integrate/identity-providers/introduction",
"guides/integrate/identity-providers/google-oidc",
"guides/integrate/identity-providers/azuread-oidc",
],
},
{
type: "category",
label: "Access ZITADEL APIs",
collapsed: false,
collapsed: true,
items: [
"guides/integrate/serviceusers",
{
type: "category",
label: "Authenticate Service Users",
collapsed: true,
items: [
"guides/integrate/serviceusers",
"guides/integrate/client-credentials",
"guides/integrate/pat",
],
},
"guides/integrate/access-zitadel-apis",
"guides/integrate/client-credentials",
"guides/integrate/pat",
"guides/integrate/access-zitadel-system-api",
"guides/integrate/export-and-import",
"guides/integrate/event-api",
"guides/integrate/export-and-import",
{
type: "category",
label: "Example Code",
items: [
"examples/call-zitadel-api/go",
"examples/call-zitadel-api/dot-net",
],
collapsed: true,
},
],
},
{
type: "category",
label: "OpenID Connect 1.0 Clients",
collapsed: false,
label: "Services",
collapsed: true,
items: [
"guides/integrate/services/gitlab-self-hosted",
"guides/integrate/services/aws-saml",
"guides/integrate/services/atlassian-saml",
"guides/integrate/services/gitlab-saml",
"guides/integrate/services/auth0-oidc",
"guides/integrate/services/auth0-saml",
"guides/integrate/services/pingidentity-saml",
],
},
{
type: "category",
label: "Tools",
collapsed: true,
items: [
"guides/integrate/oauth-recommended-flows",
"guides/integrate/auth0-oidc",
"guides/integrate/azuread-oidc",
"guides/integrate/authenticated-mongodb-charts",
"guides/integrate/gitlab-self-hosted",
"examples/identity-proxy/oauth2-proxy"
],
},
{
type: "category",
label: "SAML 2.0 Clients",
collapsed: false,
items: [
"guides/integrate/auth0-saml",
"guides/integrate/aws-saml",
"guides/integrate/pingidentity-saml",
"guides/integrate/atlassian-saml",
"guides/integrate/gitlab-saml",
],
},
"guides/integrate/logout",
],
},
{
type: "category",
label: "Solution Scenarios",
collapsed: false,
collapsed: true,
items: [
"guides/solution-scenarios/introduction",
"guides/solution-scenarios/b2c",
"guides/solution-scenarios/b2b",
"concepts/usecases/saas",
"guides/solution-scenarios/configurations",
],
},
{
type: "category",
label: "Trainings",
label: "Concepts",
collapsed: true,
items: [
"guides/trainings/introduction",
"guides/trainings/application",
"guides/trainings/recurring",
"guides/trainings/project",
],
"concepts/introduction",
"concepts/structure/instance",
"concepts/structure/organizations",
"concepts/structure/projects",
"concepts/structure/applications",
"concepts/structure/granted_projects",
"concepts/structure/users",
"concepts/structure/managers",
"concepts/structure/policies",
"concepts/structure/jwt_idp",
"concepts/features/actions",
"concepts/features/selfservice",
]
},
{
type: "category",
label: "Architecture",
collapsed: true,
items: [
"concepts/architecture/software",
"concepts/architecture/solution",
"concepts/architecture/secrets",
"concepts/principles",
{
type: "category",
label: "Eventstore",
collapsed: true,
items: [
"concepts/eventstore/overview",
"concepts/eventstore/implementation",
],
},
]
},
{
type: "category",
label: "Support",
collapsed: true,
items: [
"support/troubleshooting",
{
type: "category",
label: "Trainings",
collapsed: true,
items: [
"support/trainings/introduction",
"support/trainings/application",
"support/trainings/recurring",
"support/trainings/project",
],
},
]
},
],
apis: [
@ -322,66 +418,7 @@ module.exports = {
],
},
],
concepts: [
"concepts/introduction",
"concepts/principles",
{
type: "category",
label: "Eventstore",
collapsed: false,
items: [
"concepts/eventstore/overview",
"concepts/eventstore/implementation",
],
},
{
type: "category",
label: "Architecture",
collapsed: false,
items: [
"concepts/architecture/software",
"concepts/architecture/solution",
"concepts/architecture/secrets",
],
},
{
type: "category",
label: "Structure",
collapsed: false,
items: [
"concepts/structure/overview",
"concepts/structure/instance",
"concepts/structure/organizations",
"concepts/structure/projects",
"concepts/structure/applications",
"concepts/structure/granted_projects",
"concepts/structure/users",
"concepts/structure/managers",
"concepts/structure/policies",
"concepts/structure/jwt_idp",
],
},
{
type: "category",
label: "Use Cases",
collapsed: false,
items: ["concepts/usecases/saas"],
},
{
type: "category",
label: "Features",
collapsed: false,
items: [
"concepts/features/actions",
"concepts/features/selfservice"
],
},
],
manuals: [
"manuals/introduction",
"manuals/user-profile",
"manuals/user-login",
"manuals/troubleshooting",
support: [
],
legal: [
"legal/introduction",

10
docs/src/components/list.jsx
View File

@ -142,7 +142,15 @@ export function ListElement({
description,
}) {
return (
<a className={styles.listelement} href={link}>
<a
className={styles.listelement}
href={link}
onClick={() => {
window.plausible("ListElement", {
props: { method: title },
});
}}
>
{type
? type
: iconClasses && (

203
docs/src/pages/index.js
View File

@ -17,14 +17,13 @@ import styles from "./styles.module.css";
const features = [
{
title: "Guides",
title: "Documentation", // TODO: Plausible
darkImageUrl: "img/index/Guides-dark.svg",
lightImageUrl: "img/index/Guides-light.svg",
link: "guides/overview",
description: (
<>
Read our guides on how to manage your data and role associations in
ZITADEL and on what we recommend.
Read our documentation and learn how you can setup, customize, and integrate authentication and authorization to your project.
</>
),
content: (
@ -37,27 +36,35 @@ const features = [
title="Get started"
description=""
/>
<ListElement
link="/docs/guides/manage/cloud/overview"
type={ICONTYPE.LOGIN}
title="ZITADEL Cloud"
description=""
/>
<ListElement
link="/docs/guides/integrate/login-users"
type={ICONTYPE.LOGIN}
title="Login Users"
description=""
/>
<ListElement
link="/docs/guides/integrate/access-zitadel-apis"
<ListElement
link="/docs/examples/sdks"
type={ICONTYPE.APIS}
title="Access APIs"
title="SDKs"
description=""
/>
<ListElement
link="/docs/examples/introduction"
type={ICONTYPE.APIS}
title="Example Apps"
description=""
/>
<ListElement
link="/docs/guides/manage/console/overview"
type={ICONTYPE.LOGIN}
title="Manage"
description="All about Console"
/>
<ListElement
link="/docs/guides/integrate"
type={ICONTYPE.LOGIN}
title="Integrate"
description="Access our APIs and configure services and tools"
/>
</div>
<div>
<ListElement
<ListElement
link="/docs/guides/solution-scenarios/introduction"
iconClasses="las la-paragraph"
roundClasses="custom-rounded custom-rounded-split"
@ -65,6 +72,18 @@ const features = [
title="Solution Scenarios"
description=""
/>
<ListElement
link="/docs/concepts/introduction"
type={ICONTYPE.TASKS}
title="Concepts"
description=""
/>
<ListElement
link="/docs/concepts/architecture/software"
type={ICONTYPE.ARCHITECTURE}
title="Architecture"
description=""
/>
<ListElement
link="/docs/guides/manage/customize/branding"
type={ICONTYPE.PRIVATELABELING}
@ -72,15 +91,9 @@ const features = [
description=""
/>
<ListElement
link="/docs/self-hosting/deploy/overview"
type={ICONTYPE.SYSTEM}
title="Deploy"
description=""
/>
<ListElement
link="/docs/guides/trainings/introduction"
type={ICONTYPE.STORAGE}
title="Trainings"
link="/docs/support/troubleshooting"
type={ICONTYPE.HELP}
title="Support"
description=""
/>
</div>
@ -89,43 +102,42 @@ const features = [
),
},
{
title: "Quickstarts",
title: "Get Started",
darkImageUrl: "/docs/img/index/Quickstarts-dark.svg",
lightImageUrl: "img/index/Quickstarts-light.svg",
link: "examples/introduction",
description: (
<>
Learn how to integrate your applications and build secure workflows and
APIs with ZITADEL
</>
<>Learn how to integrate your applications and build secure workflows and
APIs with ZITADEL.</>
),
content: (
<div className={styles.quickstartcontainer}>
<QuickstartLink
link="/examples/login/angular"
imageSource="/docs/img/tech/angular.svg"
title="Angular"
description="Add the user login to your application and query some data from the userinfo endpoint"
/>
<QuickstartLink
link="/examples/login/react"
imageSource="/docs/img/tech/react.png"
title="React"
description="Logs into your application and queries some data from the userinfo endpoint"
/>
<QuickstartLink
link="/examples/login/flutter"
imageSource="/docs/img/tech/flutter.svg"
title="Flutter"
description="Mobile Application working for iOS and Android that authenticates your user."
/>
<QuickstartLink
link="/examples/login/nextjs"
imageSource="/docs/img/tech/nextjslight.svg"
lightImageSource="/docs/img/tech/nextjs.svg"
title="NextJS"
description="A simple application to log into your user account and query some data from User endpoint."
/>
<div className={styles.apilinks}>
<ListWrapper>
<ListElement
link=""
type={ICONTYPE.START}
title="Quick Start Guide"
description="The ultimate guide to get started with ZITADEL."
/>
<ListElement
link=""
type={ICONTYPE.APIS}
title="Frontend Quickstart Guides"
description=""
/>
<ListElement
link=""
type={ICONTYPE.APIS}
title="Backend Quickstart Guides"
description=""
/>
<ListElement
link="/docs/examples/introduction"
type={ICONTYPE.APIS}
title="Examples"
description="Clone an existing example application."
/>
</ListWrapper>
</div>
),
},
@ -141,51 +153,82 @@ const features = [
<div className={styles.apilinks}>
<ListWrapper>
<ListElement
link="/docs/apis/proto/auth"
link="/docs/apis/auth/authentication-api-aka-auth"
type={ICONTYPE.APIS}
title="Proto Definitions"
description=""
title="Authenticated User"
description="All operations on the currently authenticated user."
/>
<ListElement
link="/docs/apis/mgmt/management-api"
type={ICONTYPE.APIS}
title="Organization Objects"
description="Mutate IAM objects like organizations, projects, clients, users etc."
/>
<ListElement
link="/docs/apis/admin/administration-api-aka-admin"
type={ICONTYPE.APIS}
title="Instance Objects"
description="Configure and manage the IAM instance."
/>
<ListElement
link="/docs/apis/openidoauth/endpoints"
type={ICONTYPE.APIS}
title="OpenID Connect and OAuth"
description="Scopes, Claims, Authentication Methods, Grant Types"
/>
title="OIDC Endpoints"
description=""
/>
<ListElement
link="/docs/apis/saml/endpoints"
type={ICONTYPE.APIS}
title="SAML Endpoints"
description=""
/>
<ListElement
link="/docs/apis/actions/introduction"
type={ICONTYPE.APIS}
title="Actions"
description="Customize and integrate ZITADEL into your landscape"
/>
</ListWrapper>
</div>
),
},
{
title: "Concepts",
title: "Self-hosting",
darkImageUrl: "img/index/Concepts-dark.svg",
lightImageUrl: "img/index/Concepts-light.svg",
link: "concepts/introduction",
link: "/docs/self-hosting/deploy/overview",
description: (
<>
Learn more about engineering and design principles, ZITADELs
architecture and used technologies.
Everything you need to know about self-hosting ZITADEL.
</>
),
content: (
<ListWrapper>
<ListElement
link="/docs/concepts/principles"
link="/docs/self-hosting/deploy/overview"
type={ICONTYPE.SYSTEM}
title="Deploy"
description=""
/>
<ListElement
link="/docs/self-hosting/manage/production"
type={ICONTYPE.TASKS}
title="Principles"
description="Design and engineering principles"
title="Production Setup"
description=""
/>
<ListElement
link="/docs/concepts/architecture/software"
type={ICONTYPE.ARCHITECTURE}
title="Architecture"
description="Sotware-, Cluster- and Multi Cluster Architecture"
link="/docs/self-hosting/manage/configure"
type={ICONTYPE.APIS}
title="Configuration"
description=""
/>
<ListElement
link="/docs/concepts/structure/overview"
type={ICONTYPE.ARCHITECTURE}
title="Structure"
description="Object structure of ZITADEL"
link="/docs/self-hosting/manage/updating_scaling"
type={ICONTYPE.APIS}
title="Update and Scaling"
description=""
/>
</ListWrapper>
),

41
docs/static/img/tech/java.svg vendored Normal file
View File

@ -0,0 +1,41 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 13.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 14948) -->
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
width="233.549683248" height="428.174419289" viewBox="0 0 300 550" style="enable-background:new 0 0 300 550;" xml:space="preserve">
<path style="fill:#5382A1;" d="M285.104,430.945h-2.038v-1.14h5.486v1.14h-2.024v5.688h-1.424V430.945z M296.046,431.242h-0.032
l-2.019,5.392h-0.924l-2.006-5.392h-0.025v5.392h-1.342v-6.828h1.975l1.86,4.835l1.854-4.835h1.968v6.828h-1.31V431.242z"/>
<path style="fill:#5382A1;" d="M102.681,291.324c0,0-14.178,8.245,10.09,11.035c29.4,3.354,44.426,2.873,76.825-3.259
c0,0,8.518,5.341,20.414,9.967C137.38,340.195,45.634,307.264,102.681,291.324"/>
<path style="fill:#5382A1;" d="M93.806,250.704c0,0-15.902,11.771,8.384,14.283c31.406,3.24,56.208,3.505,99.125-4.759
c0,0,5.936,6.018,15.27,9.309C128.771,295.215,30.962,271.562,93.806,250.704"/>
<path style="fill:#F8981D;" d="M168.625,181.799c17.896,20.604-4.702,39.145-4.702,39.145s45.441-23.458,24.572-52.833
c-19.491-27.394-34.438-41.005,46.479-87.934C234.974,80.177,107.961,111.899,168.625,181.799"/>
<path style="fill:#5382A1;" d="M264.684,321.369c0,0,10.492,8.645-11.555,15.333c-41.923,12.7-174.488,16.535-211.314,0.506
c-13.238-5.759,11.587-13.751,19.396-15.428c8.144-1.766,12.798-1.437,12.798-1.437c-14.722-10.371-95.157,20.364-40.857,29.166
C181.236,373.524,303.095,338.695,264.684,321.369"/>
<path style="fill:#5382A1;" d="M109.499,208.617c0,0-67.431,16.016-23.879,21.832c18.389,2.462,55.047,1.905,89.193-0.956
c27.906-2.354,55.927-7.359,55.927-7.359s-9.84,4.214-16.959,9.075c-68.475,18.009-200.756,9.631-162.674-8.79
C83.313,206.851,109.499,208.617,109.499,208.617"/>
<path style="fill:#5382A1;" d="M230.462,276.231c69.608-36.171,37.424-70.931,14.96-66.248c-5.506,1.146-7.961,2.139-7.961,2.139
s2.044-3.202,5.948-4.588c44.441-15.624,78.619,46.081-14.346,70.52C229.063,278.055,230.14,277.092,230.462,276.231"/>
<path style="fill:#F8981D;" d="M188.495,4.399c0,0,38.55,38.563-36.563,97.862c-60.233,47.568-13.735,74.69-0.025,105.678
c-35.159-31.722-60.961-59.647-43.651-85.637C133.663,84.151,204.049,65.654,188.495,4.399"/>
<path style="fill:#5382A1;" d="M116.339,374.246c66.815,4.277,169.417-2.373,171.847-33.988c0,0-4.671,11.985-55.219,21.503
c-57.028,10.732-127.364,9.479-169.081,2.601C63.887,364.361,72.426,371.43,116.339,374.246"/>
<path style="fill:#5382A1;" d="M105.389,495.048c-6.303,5.467-12.96,8.536-18.934,8.536c-8.527,0-13.134-5.113-13.134-13.314
c0-8.871,4.936-15.357,24.739-15.357h7.328V495.048 M122.781,514.671v-60.742c0-15.517-8.85-25.756-30.188-25.756
c-12.457,0-23.369,3.076-32.238,6.999l2.56,10.752c6.983-2.563,16.022-4.949,24.894-4.949c12.292,0,17.58,4.949,17.58,15.181v7.677
h-6.135c-29.865,0-43.337,11.593-43.337,28.994c0,15.017,8.878,23.553,25.594,23.553c10.745,0,18.766-4.436,26.264-10.928
l1.361,9.22H122.781z"/>
<path style="fill:#5382A1;" d="M180.825,514.671h-21.692l-26.106-84.96h18.943l16.199,52.2l3.601,15.699
c8.195-22.698,13.991-45.726,16.89-67.899h18.427C202.15,457.688,193.266,488.396,180.825,514.671"/>
<path style="fill:#5382A1;" d="M264.038,495.048c-6.315,5.467-12.984,8.536-18.958,8.536c-8.512,0-13.131-5.113-13.131-13.314
c0-8.871,4.948-15.357,24.749-15.357h7.34V495.048 M281.428,514.671v-60.742c0-15.517-8.872-25.756-30.185-25.756
c-12.466,0-23.382,3.076-32.247,6.999l2.556,10.752c6.986-2.563,16.042-4.949,24.907-4.949c12.283,0,17.579,4.949,17.579,15.181
v7.677h-6.145c-29.874,0-43.34,11.593-43.34,28.994c0,15.017,8.871,23.553,25.584,23.553c10.751,0,18.769-4.436,26.28-10.928
l1.366,9.22H281.428z"/>
<path style="fill:#5382A1;" d="M36.847,529.099c-4.958,7.239-12.966,12.966-21.733,16.206l-8.587-10.105
c6.673-3.424,12.396-8.954,15.055-14.105c2.3-4.581,3.252-10.485,3.252-24.604v-96.995h18.478v95.666
C43.311,514.038,41.802,521.663,36.847,529.099"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.0 KiB

1
docs/static/img/tech/nodejs.svg vendored Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 5.8 KiB

96
docs/static/img/tech/php.svg vendored Normal file
View File

@ -0,0 +1,96 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg height="383.5975" id="svg3430" version="1.1" viewBox="0 0 711.20123 383.5975" width="711.20123" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:svg="http://www.w3.org/2000/svg">
<title id="title3510">Official PHP Logo</title>
<metadata id="metadata3436">
<rdf:RDF>
<cc:Work rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type rdf:resource="http://purl.org/dc/dcmitype/StillImage"/>
<dc:title>Official PHP Logo</dc:title>
<dc:creator>
<cc:Agent>
<dc:title>Colin Viebrock</dc:title>
</cc:Agent>
</dc:creator>
<dc:description/>
<dc:contributor>
<cc:Agent>
<dc:title/>
</cc:Agent>
</dc:contributor>
<cc:license rdf:resource="http://creativecommons.org/licenses/by-sa/3.0/"/>
<dc:rights>
<cc:Agent>
<dc:title>Copyright Colin Viebrock 1997 - All rights reserved.</dc:title>
</cc:Agent>
</dc:rights>
<dc:date>1997</dc:date>
</cc:Work>
<cc:License rdf:about="http://creativecommons.org/licenses/by-sa/3.0/">
<cc:permits rdf:resource="http://creativecommons.org/ns#Reproduction"/>
<cc:permits rdf:resource="http://creativecommons.org/ns#Distribution"/>
<cc:requires rdf:resource="http://creativecommons.org/ns#Notice"/>
<cc:requires rdf:resource="http://creativecommons.org/ns#Attribution"/>
<cc:permits rdf:resource="http://creativecommons.org/ns#DerivativeWorks"/>
<cc:requires rdf:resource="http://creativecommons.org/ns#ShareAlike"/>
</cc:License>
</rdf:RDF>
</metadata>
<defs id="defs3434">
<clipPath clipPathUnits="userSpaceOnUse" id="clipPath3444">
<path d="M 11.52,162 C 11.52,81.677 135.307,16.561 288,16.561 l 0,0 c 152.693,0 276.481,65.116 276.481,145.439 l 0,0 c 0,80.322 -123.788,145.439 -276.481,145.439 l 0,0 C 135.307,307.439 11.52,242.322 11.52,162" id="path3446"/>
</clipPath>
<radialGradient cx="0" cy="0" fx="0" fy="0" gradientTransform="matrix(363.05789,0,0,-363.05789,177.52002,256.30713)" gradientUnits="userSpaceOnUse" id="radialGradient3452" r="1" spreadMethod="pad">
<stop id="stop3454" offset="0" style="stop-opacity:1;stop-color:#aeb2d5"/>
<stop id="stop3456" offset="0.3" style="stop-opacity:1;stop-color:#aeb2d5"/>
<stop id="stop3458" offset="0.75" style="stop-opacity:1;stop-color:#484c89"/>
<stop id="stop3460" offset="1" style="stop-opacity:1;stop-color:#484c89"/>
</radialGradient>
<clipPath clipPathUnits="userSpaceOnUse" id="clipPath3468">
<path d="M 0,324 576,324 576,0 0,0 0,324 Z" id="path3470"/>
</clipPath>
<clipPath clipPathUnits="userSpaceOnUse" id="clipPath3480">
<path d="M 0,324 576,324 576,0 0,0 0,324 Z" id="path3482"/>
</clipPath>
</defs>
<g id="g3438" transform="matrix(1.25,0,0,-1.25,-4.4,394.29875)">
<g id="g3440">
<g clip-path="url(#clipPath3444)" id="g3442">
<g id="g3448">
<g id="g3450">
<path d="M 11.52,162 C 11.52,81.677 135.307,16.561 288,16.561 l 0,0 c 152.693,0 276.481,65.116 276.481,145.439 l 0,0 c 0,80.322 -123.788,145.439 -276.481,145.439 l 0,0 C 135.307,307.439 11.52,242.322 11.52,162" id="path3462" style="fill:url(#radialGradient3452);stroke:none"/>
</g>
</g>
</g>
</g>
<g id="g3464">
<g clip-path="url(#clipPath3468)" id="g3466">
<g id="g3472" transform="translate(288,27.3594)">
<path d="M 0,0 C 146.729,0 265.68,60.281 265.68,134.641 265.68,209 146.729,269.282 0,269.282 -146.729,269.282 -265.68,209 -265.68,134.641 -265.68,60.281 -146.729,0 0,0" id="path3474" style="fill:#777bb3;fill-opacity:1;fill-rule:nonzero;stroke:none"/>
</g>
</g>
</g>
<g id="g3476">
<g clip-path="url(#clipPath3480)" id="g3478">
<g id="g3484" transform="translate(161.7344,145.3066)">
<path d="m 0,0 c 12.065,0 21.072,2.225 26.771,6.611 5.638,4.341 9.532,11.862 11.573,22.353 1.903,9.806 1.178,16.653 -2.154,20.348 C 32.783,53.086 25.417,55 14.297,55 L -4.984,55 -15.673,0 0,0 Z m -63.063,-67.75 c -0.895,0 -1.745,0.4 -2.314,1.092 -0.57,0.691 -0.801,1.601 -0.63,2.48 L -37.679,81.573 C -37.405,82.982 -36.17,84 -34.734,84 L 26.32,84 C 45.508,84 59.79,78.79 68.767,68.513 77.792,58.182 80.579,43.741 77.05,25.592 75.614,18.198 73.144,11.331 69.709,5.183 66.27,-0.972 61.725,-6.667 56.198,-11.747 49.582,-17.939 42.094,-22.429 33.962,-25.071 25.959,-27.678 15.681,-29 3.414,-29 l -24.722,0 -7.06,-36.322 c -0.274,-1.41 -1.508,-2.428 -2.944,-2.428 l -31.751,0 z" id="path3486" style="fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:none"/>
</g>
<g id="g3488" transform="translate(159.2236,197.3071)">
<path d="m 0,0 16.808,0 c 13.421,0 18.083,-2.945 19.667,-4.7 2.628,-2.914 3.124,-9.058 1.435,-17.767 C 36.012,-32.217 32.494,-39.13 27.452,-43.012 22.29,-46.986 13.898,-49 2.511,-49 L -9.523,-49 0,0 Z m 28.831,35 -61.055,0 c -2.872,0 -5.341,-2.036 -5.889,-4.855 l -28.328,-145.751 c -0.342,-1.759 0.12,-3.578 1.259,-4.961 1.14,-1.383 2.838,-2.183 4.63,-2.183 l 31.75,0 c 2.873,0 5.342,2.036 5.89,4.855 l 6.588,33.895 22.249,0 c 12.582,0 23.174,1.372 31.479,4.077 8.541,2.775 16.399,7.48 23.354,13.984 5.752,5.292 10.49,11.232 14.08,17.657 3.591,6.427 6.171,13.594 7.668,21.302 3.715,19.104 0.697,34.402 -8.969,45.466 C 63.965,29.444 48.923,35 28.831,35 m -45.633,-90 19.313,0 c 12.801,0 22.336,2.411 28.601,7.234 6.266,4.824 10.492,12.875 12.688,24.157 2.101,10.832 1.144,18.476 -2.871,22.929 C 36.909,3.773 28.87,6 16.808,6 L -4.946,6 -16.802,-55 M 28.831,29 C 47.198,29 60.597,24.18 69.019,14.539 77.44,4.898 79.976,-8.559 76.616,-25.836 75.233,-32.953 72.894,-39.46 69.601,-45.355 66.304,-51.254 61.999,-56.648 56.679,-61.539 50.339,-67.472 43.296,-71.7 35.546,-74.218 27.796,-76.743 17.925,-78 5.925,-78 l -27.196,0 -7.531,-38.75 -31.75,0 28.328,145.75 61.055,0" id="path3490" style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none"/>
</g>
<g id="g3492" transform="translate(311.583,116.3066)">
<path d="m 0,0 c -0.896,0 -1.745,0.4 -2.314,1.092 -0.571,0.691 -0.802,1.6 -0.631,2.48 L 9.586,68.061 C 10.778,74.194 10.484,78.596 8.759,80.456 7.703,81.593 4.531,83.5 -4.848,83.5 L -27.55,83.5 -43.305,2.428 C -43.579,1.018 -44.814,0 -46.25,0 l -31.5,0 c -0.896,0 -1.745,0.4 -2.315,1.092 -0.57,0.691 -0.801,1.601 -0.63,2.48 l 28.328,145.751 c 0.274,1.409 1.509,2.427 2.945,2.427 l 31.5,0 c 0.896,0 1.745,-0.4 2.315,-1.091 0.57,-0.692 0.801,-1.601 0.63,-2.481 L -21.813,113 2.609,113 c 18.605,0 31.221,-3.28 38.569,-10.028 7.49,-6.884 9.827,-17.891 6.947,-32.719 L 34.945,2.428 C 34.671,1.018 33.437,0 32,0 L 0,0 Z" id="path3494" style="fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:none"/>
</g>
<g id="g3496" transform="translate(293.6611,271.0571)">
<path d="m 0,0 -31.5,0 c -2.873,0 -5.342,-2.036 -5.89,-4.855 l -28.328,-145.751 c -0.342,-1.759 0.12,-3.578 1.26,-4.961 1.14,-1.383 2.838,-2.183 4.63,-2.183 l 31.5,0 c 2.872,0 5.342,2.036 5.89,4.855 l 15.283,78.645 20.229,0 c 9.363,0 11.328,-2 11.407,-2.086 0.568,-0.611 1.315,-3.441 0.082,-9.781 l -12.531,-64.489 c -0.342,-1.759 0.12,-3.578 1.26,-4.961 1.14,-1.383 2.838,-2.183 4.63,-2.183 l 32,0 c 2.872,0 5.342,2.036 5.89,4.855 l 13.179,67.825 c 3.093,15.921 0.447,27.864 -7.861,35.5 -7.928,7.281 -21.208,10.82 -40.599,10.82 l -20.784,0 6.143,31.605 C 6.231,-5.386 5.77,-3.566 4.63,-2.184 3.49,-0.801 1.792,0 0,0 m 0,-6 -7.531,-38.75 28.062,0 c 17.657,0 29.836,-3.082 36.539,-9.238 6.703,-6.16 8.711,-16.141 6.032,-29.938 l -13.18,-67.824 -32,0 12.531,64.488 c 1.426,7.336 0.902,12.34 -1.574,15.008 -2.477,2.668 -7.746,4.004 -15.805,4.004 l -25.176,0 -16.226,-83.5 -31.5,0 L -31.5,-6 0,-6" id="path3498" style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none"/>
</g>
<g id="g3500" transform="translate(409.5498,145.3066)">
<path d="m 0,0 c 12.065,0 21.072,2.225 26.771,6.611 5.638,4.34 9.532,11.861 11.574,22.353 1.903,9.806 1.178,16.653 -2.155,20.348 C 32.783,53.086 25.417,55 14.297,55 L -4.984,55 -15.673,0 0,0 Z m -63.062,-67.75 c -0.895,0 -1.745,0.4 -2.314,1.092 -0.57,0.691 -0.802,1.601 -0.631,2.48 L -37.679,81.573 C -37.404,82.982 -36.17,84 -34.733,84 L 26.32,84 C 45.509,84 59.79,78.79 68.768,68.513 77.793,58.183 80.579,43.742 77.051,25.592 75.613,18.198 73.144,11.331 69.709,5.183 66.27,-0.972 61.725,-6.667 56.198,-11.747 49.582,-17.939 42.094,-22.429 33.962,-25.071 25.959,-27.678 15.681,-29 3.414,-29 l -24.723,0 -7.057,-36.322 c -0.275,-1.41 -1.509,-2.428 -2.946,-2.428 l -31.75,0 z" id="path3502" style="fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:none"/>
</g>
<g id="g3504" transform="translate(407.0391,197.3071)">
<path d="M 0,0 16.808,0 C 30.229,0 34.891,-2.945 36.475,-4.7 39.104,-7.614 39.6,-13.758 37.91,-22.466 36.012,-32.217 32.493,-39.13 27.452,-43.012 22.29,-46.986 13.898,-49 2.511,-49 L -9.522,-49 0,0 Z m 28.831,35 -61.054,0 c -2.872,0 -5.341,-2.036 -5.889,-4.855 L -66.44,-115.606 c -0.342,-1.759 0.12,-3.578 1.259,-4.961 1.14,-1.383 2.838,-2.183 4.63,-2.183 l 31.75,0 c 2.872,0 5.342,2.036 5.89,4.855 l 6.587,33.895 22.249,0 c 12.582,0 23.174,1.372 31.479,4.077 8.541,2.775 16.401,7.481 23.356,13.986 5.752,5.291 10.488,11.23 14.078,17.655 3.591,6.427 6.171,13.594 7.668,21.302 3.715,19.105 0.697,34.403 -8.969,45.467 C 63.965,29.444 48.924,35 28.831,35 m -45.632,-90 19.312,0 c 12.801,0 22.336,2.411 28.601,7.234 6.267,4.824 10.492,12.875 12.688,24.157 2.102,10.832 1.145,18.476 -2.871,22.929 C 36.909,3.773 28.87,6 16.808,6 L -4.946,6 -16.801,-55 M 28.831,29 C 47.198,29 60.597,24.18 69.019,14.539 77.441,4.898 79.976,-8.559 76.616,-25.836 75.233,-32.953 72.894,-39.46 69.601,-45.355 66.304,-51.254 61.999,-56.648 56.679,-61.539 50.339,-67.472 43.296,-71.7 35.546,-74.218 27.796,-76.743 17.925,-78 5.925,-78 l -27.196,0 -7.53,-38.75 -31.75,0 28.328,145.75 61.054,0" id="path3506" style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none"/>
</g>
</g>
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 10 KiB