TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-04 23:45:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: improve api docs (#5158)

Browse Source 
* integrate docs into nav

* generator for local use, production needs to be set by env

* fix typo

* local dev

* docs: annotate the first user endpoints in the management api

* docs: annotate the first user endpoints in the management api

* docs: annotate the first user endpoints in the management api

* docs: annotate the first user endpoints in the management api

* docs: add header params

* rewrite docs links and improve ci

* tweak build command

* fix path

* Update docs/docusaurus.config.js

Co-authored-by: Max Peintner <max@caos.ch>

* fix docker

* docs: add header params

* docs: Add tags to management api. add some descriptions

* docs: more descriptions

* docs: more descriptions

* docs: required fields

* docs: example request

* docs: example request

* docs: example request

* docs: example request

* docs: example request

* docs: user metadata requests

* docs: user requests

* docs: user requests

* docs: user requests

* docs: user requests

* docs: change nav add first methods to authentication api

* docs: auth api

* docs: auth api

* docs: auth api

* docs: auth api

* docs: auth api

* docs: api sidenav

* chore: use buf without docker

* fix deploy

* fix ci

* fix vercel

* docs: admin

* docs: admin api docs

* docs: admin api docs

* docs: admin api docs

* docs: admin api docs

* docs: security

* docs: security

* docs: admin api

* docs: change to env vars

* docs: auth api

* docs: remove assets, deprecated requests, menu

* reworked page with PaloAltoNetworks/docusaurus-openapi-docs

* works with the resolutions

* fix broken build by adding assets again

* add tags to menu

* chore: improve build speed

* no-minify

* test ssr

* ssr 20

* use lazy

* increase mem

* use default mem

* change names

* docs: remove assets, deprecated requests, menu

* docs: management api

* docs: management api

* docs: management api

* docs: sidebar

* not the best word smithing but it is ;-)

* more typos

* merge main

* fix some error

* trial

* update grpc gateway

* trigger vercel build

* docs: deprecated requests

* docs: deprecated requests

---------

Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
This commit is contained in:
Florian Forster 2023-02-23 12:08:06 +01:00 committed by GitHub
parent 50728129ee
commit aa9518ac02
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
68 changed files with 7570 additions and 23543 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.dockerignore
View File

@ -5,8 +5,7 @@
.dockerignore
**/Dockerfile
/k8s/
/docs/
/console/node_modules/
/node_modules/
/console/src/app/proto/generated/
/console/tmp/
.releaserc.js

8
.gitignore vendored
View File

@ -44,11 +44,9 @@ cmd/zitadel/zitadel
/zitadelctl
/zitadel
# buildfolders and generated js
# buildfolders and generated files
tmp/
console/src/app/proto/generated/
#generated filed
**.pb.go
**.proto.mock.go
**.pb.*.go
@ -57,6 +55,10 @@ openapi/**/*.json
/internal/api/assets/authz.go
/internal/api/assets/router.go
/internal/api/ui/console/static/*
docs/docs/apis/auth
docs/docs/apis/admin
docs/docs/apis/mgmt
docs/docs/apis/system
# local
build/local/*.env

2
build/grpc/Dockerfile
View File

@ -19,7 +19,7 @@ FROM ${BUILDARCH}-base
ARG PROTOC_VERSION=3.18.0
ARG PROTOC_ZIP=protoc-${PROTOC_VERSION}-linux-${PROTOC_ARCH}.zip
ARG GRPC_WEB_VERSION=1.3.0
ARG GATEWAY_VERSION=2.6.0
ARG GATEWAY_VERSION=2.15.1
ARG VALIDATOR_VERSION=0.6.2
# no arm specific version available and x86 works fine at the moment:
ARG GRPC_WEB=protoc-gen-grpc-web-${GRPC_WEB_VERSION}-linux-x86_64

1
docs/.gitignore vendored
View File

@ -7,6 +7,7 @@
# Generated files
.docusaurus
.cache-loader
.artifacts
# Misc
.DS_Store

13
docs/Dockerfile Normal file
View File

@ -0,0 +1,13 @@
## Angular lint workspace and production build
FROM node:18 as builder
WORKDIR /docs
COPY docs/package.json docs/yarn.lock ./
RUN yarn install --frozen-lockfile
COPY docs .
COPY proto /proto
RUN yarn build
## Final image for serving
FROM nginx as final
COPY docs/nginx.conf /etc/nginx/nginx.conf
COPY --from=builder /docs/build /usr/share/nginx/html

35
docs/README.md
View File

@ -1,6 +1,4 @@
[![Netlify Status](https://api.netlify.com/api/v1/badges/b82a23f7-d8c7-4025-af18-a46586e89ed0/deploy-status)](https://app.netlify.com/sites/zitadel-docs/deploys)
# Website
# ZITADEL-Docs
This website is built using [Docusaurus 2](https://v2.docusaurus.io/), a modern static website generator.
@ -10,34 +8,25 @@ To add a new site to the already existing structure simply save the `md` file in
## Installation
```console
```
yarn install
```
## Local Development
```console
```
yarn start
```
As an alternative you can use this docker compose command:
## Container Image
```console
docker compose up
If you just want to start docusaurus locally without installing node you can fallback to our container image.
Execute the following commands from the repository root to build and start a local version of ZITADEL
```shell
docker build -f docs/Dockerfile . -t zitadel-docs
```
These commands start a local development server.
Most changes are reflected live without having to restart the server.
## Build
```console
yarn build
```
This command generates static content into the `build` directory and can be served using any static contents hosting service.
## Deployment
Each PR will be automatically built with a preview link from cloudflare pages.
Visit the checks / comments on the PR for the link.
```shell
docker run -p 8080:8080 zitadel-docs
```

1
docs/babel.config.js
View File

@ -1,3 +1,4 @@
module.exports = {
presets: [require.resolve("@docusaurus/core/lib/babel/preset")],
compact: true
};

8
docs/buf.gen.yaml Normal file
View File

@ -0,0 +1,8 @@
# buf.gen.yaml
version: v1
managed:
enabled: true
plugins:
- plugin: buf.build/grpc-ecosystem/openapiv2
out: .artifacts/openapi
opt: allow_delete_body

11
docs/docker-compose.yml
View File

@ -1,11 +0,0 @@
version: '3'
services:
docusaurus:
image: node:lts-alpine3.15
working_dir: /app
volumes:
- ./:/app
ports:
- 3000:3000
command: sh -c "yarn install && yarn start --host 0.0.0.0"

2
docs/docs/apis/assets/assets.md Executable file → Normal file
View File

@ -256,4 +256,4 @@ GET: /users/me/avatar

62
docs/docs/apis/introduction.mdx
View File

@ -15,7 +15,7 @@ The last API (assets) is only a REST API because ZITADEL uses multipart form dat
### Proto
All of our APIs are generated by proto definitions. You can find all the proto definitions in the [Proto API Definitions](proto/auth).
All of our APIs are generated by proto definitions. You can find all the proto definitions in the [Proto API Definitions](https://github.com/zitadel/zitadel/tree/main/proto/zitadel).
> More about [Protocol Buffer](https://developers.google.com/protocol-buffers)
@ -39,21 +39,18 @@ The authentication API (aka Auth API) is used for all operations on the currentl
### GRPC
Endpoint:
{your_domain}/zitadel.auth.v1.AuthService/
$ZITADEL_DOMAIN/zitadel.auth.v1.AuthService/
Definition:
[Auth Proto](/apis/proto/auth)
[Auth Proto](https://github.com/zitadel/zitadel/blob/main/proto/zitadel/auth.proto)
### REST
Endpoint:
{your_domain}/auth/v1/
$ZITADEL_DOMAIN/auth/v1/
Swagger Editor:
[editor.swagger.io](https://editor.swagger.io/?url=https://zitadel.cloud/openapi/v2/swagger/auth.swagger.json)
Definition:
[Swagger Definition](https://zitadel.cloud/openapi/v2/swagger/auth.swagger.json)
API Reference:
[OpenAPI Docs](/apis/auth)
</div>
</Column>
@ -75,21 +72,18 @@ To identify the current organization you can send a header `x-zitadel-orgid` or
### GRPC
Endpoint:
{your_domain}/zitadel.management.v1.ManagementService/
$ZITADEL_DOMAIN/zitadel.management.v1.ManagementService/
Definition:
[Management Proto](/apis/proto/management)
[Management Proto](https://github.com/zitadel/zitadel/blob/main/proto/zitadel/management.proto)
### REST
Endpoint:
{your_domain}/management/v1/
$ZITADEL_DOMAIN/management/v1/
Swagger Editor:
[editor.swagger.io](https://editor.swagger.io/?url=https://zitadel.cloud/openapi/v2/swagger/management.swagger.json)
Definition:
[Swagger Definition](https://zitadel.cloud/openapi/v2/swagger/management.swagger.json)
API Reference:
[OpenAPI Docs](/apis/mgmt)
</div>
</Column>
@ -109,21 +103,18 @@ This API is intended to configure and manage one ZITADEL instance itself.
### GRPC
Endpoint:
{your_domain}/zitadel.admin.v1.AdminService/
$ZITADEL_DOMAIN/zitadel.admin.v1.AdminService/
Definition:
[Admin Proto](/apis/proto/admin)
[Admin Proto](https://github.com/zitadel/zitadel/blob/main/proto/zitadel/admin.proto)
### REST
Endpoint:
{your_domain}/admin/v1/
$ZITADEL_DOMAIN/admin/v1/
Swagger Editor:
[editor.swagger.io](https://editor.swagger.io/?url=https://zitadel.cloud/openapi/v2/swagger/admin.swagger.json)
Definition:
[Swagger Definition](https://zitadel.cloud/openapi/v2/swagger/admin.swagger.json)
API Reference:
[OpenAPI Docs](/apis/admin)
</div>
</Column>
@ -145,21 +136,18 @@ Checkout the guide how to [access the ZITADEL System API](/guides/integrate/acce
### GRPC
Endpoint:
{your_domain}/zitadel.system.v1.SystemService/
$ZITADEL_DOMAIN/zitadel.system.v1.SystemService/
Definition:
[System Proto](/apis/proto/system)
[System Proto](https://github.com/zitadel/zitadel/blob/main/proto/zitadel/system.proto)
### REST
Endpoint:
{your_domain}/system/v1/
$ZITADEL_DOMAIN/system/v1/
Swagger Editor:
[editor.swagger.io](https://editor.swagger.io/?url=https://zitadel.cloud/openapi/v2/swagger/system.swagger.json)
Definition:
[Swagger Definition](https://zitadel.cloud/openapi/v2/swagger/system.swagger.json)
API Reference:
[OpenAPI Docs](/apis/system)
</div>
</Column>
@ -179,7 +167,7 @@ The Assets API allows you to up- and download all kinds of assets. This can be f
### REST
Endpoint:
{your_domain}/assets/v1/
$ZITADEL_DOMAIN/assets/v1/
Definition:
[Assets](./assets/assets.md)
@ -211,12 +199,12 @@ In the table below you can see the URI of those calls.
| Service | URI |
| :------ | :-------------------------------------------------- |
| REST | {your_domain}/auth/v1/users/me |
| GRPC | {your_domain}/zitadel.auth.v1.AuthService/GetMyUser |
| REST | $ZITADEL_DOMAIN/auth/v1/users/me |
| GRPC | $ZITADEL_DOMAIN/zitadel.auth.v1.AuthService/GetMyUser |
## Domains
ZITADEL hosts everything under a single domain: `{instance}.zitadel.cloud` or your custom domain `{your_domain}`
ZITADEL hosts everything under a single domain: `{instance}.zitadel.cloud` or your custom domain `$ZITADEL_DOMAIN`
:::note
Changes from ZITADEL V1:

154
docs/docs/apis/proto/action.md
View File

@ -1,154 +0,0 @@
---
title: zitadel/action.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### Action
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| state | ActionState | - | |
| name | string | - | |
| script | string | - | |
| timeout | google.protobuf.Duration | - | |
| allowed_to_fail | bool | - | |
### ActionIDQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | string.max_len: 200<br /> |
### ActionNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### ActionStateQuery
ActionStateQuery is always equals
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| state | ActionState | - | enum.defined_only: true<br /> |
### Flow
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| type | FlowType | id of the flow type | |
| details | zitadel.v1.ObjectDetails | - | |
| state | FlowState | - | |
| trigger_actions | repeated TriggerAction | - | |
### FlowType
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | identifier of the type | |
| name | zitadel.v1.LocalizedMessage | key and name of the type | |
### TriggerAction
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| trigger_type | TriggerType | id of the trigger type | |
| actions | repeated Action | - | |
### TriggerType
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | identifier of the type | |
| name | zitadel.v1.LocalizedMessage | key and name of the type | |
## Enums
### ActionFieldName {#actionfieldname}
| Name | Number | Description |
| ---- | ------ | ----------- |
| ACTION_FIELD_NAME_UNSPECIFIED | 0 | - |
| ACTION_FIELD_NAME_NAME | 1 | - |
| ACTION_FIELD_NAME_ID | 2 | - |
| ACTION_FIELD_NAME_STATE | 3 | - |
### ActionState {#actionstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| ACTION_STATE_UNSPECIFIED | 0 | - |
| ACTION_STATE_INACTIVE | 1 | - |
| ACTION_STATE_ACTIVE | 2 | - |
### FlowState {#flowstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| FLOW_STATE_UNSPECIFIED | 0 | - |
| FLOW_STATE_INACTIVE | 1 | - |
| FLOW_STATE_ACTIVE | 2 | - |

5375
docs/docs/apis/proto/admin.md
View File

File diff suppressed because it is too large Load Diff

201
docs/docs/apis/proto/app.md
View File

@ -1,201 +0,0 @@
---
title: zitadel/app.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### APIConfig
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| client_id | string | - | |
| auth_method_type | APIAuthMethodType | - | |
### App
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| state | AppState | - | |
| name | string | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) config.oidc_config | OIDCConfig | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) config.api_config | APIConfig | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) config.saml_config | SAMLConfig | - | |
### AppNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### AppQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.name_query | AppNameQuery | - | |
### OIDCConfig
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| redirect_uris | repeated string | - | |
| response_types | repeated OIDCResponseType | - | |
| grant_types | repeated OIDCGrantType | - | |
| app_type | OIDCAppType | - | |
| client_id | string | - | |
| auth_method_type | OIDCAuthMethodType | - | |
| post_logout_redirect_uris | repeated string | - | |
| version | OIDCVersion | - | |
| none_compliant | bool | - | |
| compliance_problems | repeated zitadel.v1.LocalizedMessage | - | |
| dev_mode | bool | - | |
| access_token_type | OIDCTokenType | - | |
| access_token_role_assertion | bool | - | |
| id_token_role_assertion | bool | - | |
| id_token_userinfo_assertion | bool | - | |
| clock_skew | google.protobuf.Duration | - | |
| additional_origins | repeated string | - | |
| allowed_origins | repeated string | - | |
### SAMLConfig
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) metadata.metadata_xml | bytes | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) metadata.metadata_url | string | - | |
## Enums
### APIAuthMethodType {#apiauthmethodtype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| API_AUTH_METHOD_TYPE_BASIC | 0 | - |
| API_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT | 1 | - |
### AppState {#appstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| APP_STATE_UNSPECIFIED | 0 | - |
| APP_STATE_ACTIVE | 1 | - |
| APP_STATE_INACTIVE | 2 | - |
### OIDCAppType {#oidcapptype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| OIDC_APP_TYPE_WEB | 0 | - |
| OIDC_APP_TYPE_USER_AGENT | 1 | - |
| OIDC_APP_TYPE_NATIVE | 2 | - |
### OIDCAuthMethodType {#oidcauthmethodtype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| OIDC_AUTH_METHOD_TYPE_BASIC | 0 | - |
| OIDC_AUTH_METHOD_TYPE_POST | 1 | - |
| OIDC_AUTH_METHOD_TYPE_NONE | 2 | - |
| OIDC_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT | 3 | - |
### OIDCGrantType {#oidcgranttype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| OIDC_GRANT_TYPE_AUTHORIZATION_CODE | 0 | - |
| OIDC_GRANT_TYPE_IMPLICIT | 1 | - |
| OIDC_GRANT_TYPE_REFRESH_TOKEN | 2 | - |
### OIDCResponseType {#oidcresponsetype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| OIDC_RESPONSE_TYPE_CODE | 0 | - |
| OIDC_RESPONSE_TYPE_ID_TOKEN | 1 | - |
| OIDC_RESPONSE_TYPE_ID_TOKEN_TOKEN | 2 | - |
### OIDCTokenType {#oidctokentype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| OIDC_TOKEN_TYPE_BEARER | 0 | - |
| OIDC_TOKEN_TYPE_JWT | 1 | - |
### OIDCVersion {#oidcversion}
| Name | Number | Description |
| ---- | ------ | ----------- |
| OIDC_VERSION_1_0 | 0 | - |

1691
docs/docs/apis/proto/auth.md
View File

File diff suppressed because it is too large Load Diff

41
docs/docs/apis/proto/auth_n_key.md
View File

@ -1,41 +0,0 @@
---
title: zitadel/auth_n_key.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### Key
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| type | KeyType | - | |
| expiration_date | google.protobuf.Timestamp | - | |
## Enums
### KeyType {#keytype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| KEY_TYPE_UNSPECIFIED | 0 | - |
| KEY_TYPE_JSON | 1 | - |

44
docs/docs/apis/proto/change.md
View File

@ -1,44 +0,0 @@
---
title: zitadel/change.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### Change
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| change_date | google.protobuf.Timestamp | - | |
| event_type | zitadel.v1.LocalizedMessage | - | |
| sequence | uint64 | - | |
| editor_id | string | - | |
| editor_display_name | string | - | |
| resource_owner_id | string | - | |
| editor_preferred_login_name | string | - | |
| editor_avatar_url | string | - | |
### ChangeQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| sequence | uint64 | sequence represents the order of events. It's always upcounting | |
| limit | uint32 | - | |
| asc | bool | - | |

79
docs/docs/apis/proto/event.md
View File

@ -1,79 +0,0 @@
---
title: zitadel/event.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### Aggregate
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| type | AggregateType | - | |
| resource_owner | string | - | |
### AggregateType
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| type | string | - | |
| localized | zitadel.v1.LocalizedMessage | - | |
### Editor
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_id | string | - | |
| display_name | string | - | |
| service | string | - | |
### Event
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| editor | Editor | - | |
| aggregate | Aggregate | - | |
| sequence | uint64 | - | |
| creation_date | google.protobuf.Timestamp | The timestamp the event occurred | |
| payload | google.protobuf.Struct | - | |
| type | EventType | - | |
### EventType
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| type | string | - | |
| localized | zitadel.v1.LocalizedMessage | - | |

315
docs/docs/apis/proto/idp.md
View File

@ -1,315 +0,0 @@
---
title: zitadel/idp.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### GoogleConfig
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| client_id | string | - | |
| scopes | repeated string | - | |
### IDP
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| state | IDPState | - | |
| name | string | - | |
| styling_type | IDPStylingType | - | |
| owner | IDPOwnerType | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) config.oidc_config | OIDCConfig | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) config.jwt_config | JWTConfig | - | |
| auto_register | bool | - | |
### IDPIDQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | string.max_len: 200<br /> |
### IDPLoginPolicyLink
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| idp_id | string | - | |
| idp_name | string | - | |
| idp_type | IDPType | - | |
### IDPNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### IDPOwnerTypeQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| owner_type | IDPOwnerType | - | enum.defined_only: true<br /> |
### IDPUserLink
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_id | string | - | |
| idp_id | string | - | |
| idp_name | string | - | |
| provided_user_id | string | - | |
| provided_user_name | string | - | |
| idp_type | IDPType | - | |
### JWTConfig
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| jwt_endpoint | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| issuer | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| keys_endpoint | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| header_name | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
### LDAPAttributes
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id_attribute | string | - | string.max_len: 200<br /> |
| first_name_attribute | string | - | string.max_len: 200<br /> |
| last_name_attribute | string | - | string.max_len: 200<br /> |
| display_name_attribute | string | - | string.max_len: 200<br /> |
| nick_name_attribute | string | - | string.max_len: 200<br /> |
| preferred_username_attribute | string | - | string.max_len: 200<br /> |
| email_attribute | string | - | string.max_len: 200<br /> |
| email_verified_attribute | string | - | string.max_len: 200<br /> |
| phone_attribute | string | - | string.max_len: 200<br /> |
| phone_verified_attribute | string | - | string.max_len: 200<br /> |
| preferred_language_attribute | string | - | string.max_len: 200<br /> |
| avatar_url_attribute | string | - | string.max_len: 200<br /> |
| profile_attribute | string | - | string.max_len: 200<br /> |
### LDAPConfig
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| host | string | - | |
| port | string | - | |
| tls | bool | - | |
| base_dn | string | - | |
| user_object_class | string | - | |
| user_unique_attribute | string | - | |
| admin | string | - | |
| attributes | LDAPAttributes | - | |
| provider_options | Options | - | |
### OIDCConfig
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| client_id | string | - | |
| issuer | string | - | |
| scopes | repeated string | - | |
| display_name_mapping | OIDCMappingField | - | |
| username_mapping | OIDCMappingField | - | |
### Options
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| is_linking_allowed | bool | - | |
| is_creation_allowed | bool | - | |
| is_auto_creation | bool | - | |
| is_auto_update | bool | - | |
### Provider
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| state | IDPState | - | |
| name | string | - | |
| owner | IDPOwnerType | - | |
| type | ProviderType | - | |
| config | ProviderConfig | - | |
### ProviderConfig
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| options | Options | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) config.ldap | LDAPConfig | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) config.google | GoogleConfig | - | |
## Enums
### IDPFieldName {#idpfieldname}
| Name | Number | Description |
| ---- | ------ | ----------- |
| IDP_FIELD_NAME_UNSPECIFIED | 0 | - |
| IDP_FIELD_NAME_NAME | 1 | - |
### IDPOwnerType {#idpownertype}
the owner of the identity provider.
| Name | Number | Description |
| ---- | ------ | ----------- |
| IDP_OWNER_TYPE_UNSPECIFIED | 0 | - |
| IDP_OWNER_TYPE_SYSTEM | 1 | system is managed by the ZITADEL administrators |
| IDP_OWNER_TYPE_ORG | 2 | org is managed by de organisation administrators |
### IDPState {#idpstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| IDP_STATE_UNSPECIFIED | 0 | - |
| IDP_STATE_ACTIVE | 1 | - |
| IDP_STATE_INACTIVE | 2 | - |
### IDPStylingType {#idpstylingtype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| STYLING_TYPE_UNSPECIFIED | 0 | - |
| STYLING_TYPE_GOOGLE | 1 | - |
### IDPType {#idptype}
authorization framework of the identity provider
| Name | Number | Description |
| ---- | ------ | ----------- |
| IDP_TYPE_UNSPECIFIED | 0 | - |
| IDP_TYPE_OIDC | 1 | - |
| IDP_TYPE_JWT | 3 | PLANNED: IDP_TYPE_SAML |
### OIDCMappingField {#oidcmappingfield}
| Name | Number | Description |
| ---- | ------ | ----------- |
| OIDC_MAPPING_FIELD_UNSPECIFIED | 0 | - |
| OIDC_MAPPING_FIELD_PREFERRED_USERNAME | 1 | - |
| OIDC_MAPPING_FIELD_EMAIL | 2 | - |
### ProviderType {#providertype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| PROVIDER_TYPE_UNSPECIFIED | 0 | - |
| PROVIDER_TYPE_OIDC | 1 | - |
| PROVIDER_TYPE_JWT | 2 | - |
| PROVIDER_TYPE_LDAP | 3 | - |
| PROVIDER_TYPE_OAUTH | 4 | - |
| PROVIDER_TYPE_AZURE_AD | 5 | - |
| PROVIDER_TYPE_GITHUB | 6 | - |
| PROVIDER_TYPE_GITHUB_EE | 7 | - |
| PROVIDER_TYPE_GITLAB | 8 | - |
| PROVIDER_TYPE_GITLAB_SELF_HOSTED | 9 | - |
| PROVIDER_TYPE_GOOGLE | 10 | - |

172
docs/docs/apis/proto/instance.md
View File

@ -1,172 +0,0 @@
---
title: zitadel/instance.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### Domain
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| domain | string | - | |
| primary | bool | - | |
| generated | bool | - | |
### DomainGeneratedQuery
DomainGeneratedQuery is always equals
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| generated | bool | - | |
### DomainPrimaryQuery
DomainPrimaryQuery is always equals
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| primary | bool | - | |
### DomainQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| domain | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### DomainSearchQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.domain_query | DomainQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.generated_query | DomainGeneratedQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.primary_query | DomainPrimaryQuery | - | |
### IdsQuery
IdQuery is always equals
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| ids | repeated string | - | |
### Instance
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| state | State | - | |
| name | string | - | |
| version | string | - | |
| domains | repeated Domain | - | |
### InstanceDetail
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| state | State | - | |
| name | string | - | |
| version | string | - | |
| domains | repeated Domain | - | |
### Query
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.id_query | IdsQuery | - | |
## Enums
### DomainFieldName {#domainfieldname}
| Name | Number | Description |
| ---- | ------ | ----------- |
| DOMAIN_FIELD_NAME_UNSPECIFIED | 0 | - |
| DOMAIN_FIELD_NAME_DOMAIN | 1 | - |
| DOMAIN_FIELD_NAME_PRIMARY | 2 | - |
| DOMAIN_FIELD_NAME_GENERATED | 3 | - |
| DOMAIN_FIELD_NAME_CREATION_DATE | 4 | - |
### FieldName {#fieldname}
| Name | Number | Description |
| ---- | ------ | ----------- |
| FIELD_NAME_UNSPECIFIED | 0 | - |
| FIELD_NAME_ID | 1 | - |
| FIELD_NAME_NAME | 2 | - |
| FIELD_NAME_CREATION_DATE | 3 | - |
### State {#state}
| Name | Number | Description |
| ---- | ------ | ----------- |
| STATE_UNSPECIFIED | 0 | - |
| STATE_CREATING | 1 | - |
| STATE_RUNNING | 2 | - |
| STATE_STOPPING | 3 | - |
| STATE_STOPPED | 4 | - |

9455
docs/docs/apis/proto/management.md
View File

File diff suppressed because it is too large Load Diff

93
docs/docs/apis/proto/member.md
View File

@ -1,93 +0,0 @@
---
title: zitadel/member.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### EmailQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| email | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### FirstNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| first_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### LastNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| last_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### Member
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| roles | repeated string | - | |
| preferred_login_name | string | - | |
| email | string | - | |
| first_name | string | - | |
| last_name | string | - | |
| display_name | string | - | |
| avatar_url | string | - | |
### SearchQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.first_name_query | FirstNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.last_name_query | LastNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.email_query | EmailQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.user_id_query | UserIDQuery | - | |
### UserIDQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_id | string | - | string.max_len: 200<br /> |

37
docs/docs/apis/proto/message.md
View File

@ -1,37 +0,0 @@
---
title: zitadel/message.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### ErrorDetail
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| message | string | - | |
### LocalizedMessage
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| key | string | - | |
| localized_message | string | - | |

49
docs/docs/apis/proto/metadata.md
View File

@ -1,49 +0,0 @@
---
title: zitadel/metadata.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### Metadata
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| key | string | - | |
| value | bytes | - | |
### MetadataKeyQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| key | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### MetadataQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.key_query | MetadataKeyQuery | - | |

95
docs/docs/apis/proto/object.md
View File

@ -1,95 +0,0 @@
---
title: zitadel/object.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### ListDetails
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| total_result | uint64 | - | |
| processed_sequence | uint64 | - | |
| view_timestamp | google.protobuf.Timestamp | - | |
### ListQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| offset | uint64 | - | |
| limit | uint32 | - | |
| asc | bool | - | |
### ObjectDetails
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| sequence | uint64 | sequence represents the order of events. It's always upcounting
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation | |
| creation_date | google.protobuf.Timestamp | creation_date is the timestamp where the first operation on the object was made
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation | |
| change_date | google.protobuf.Timestamp | change_date is the timestamp when the object was changed
on read: the timestamp of the last event reduced by the projection
on manipulation: the | |
| resource_owner | string | resource_owner is the organisation an object belongs to | |
## Enums
### ListQueryMethod {#listquerymethod}
| Name | Number | Description |
| ---- | ------ | ----------- |
| LIST_QUERY_METHOD_IN | 0 | - |
### TextQueryMethod {#textquerymethod}
| Name | Number | Description |
| ---- | ------ | ----------- |
| TEXT_QUERY_METHOD_EQUALS | 0 | - |
| TEXT_QUERY_METHOD_EQUALS_IGNORE_CASE | 1 | - |
| TEXT_QUERY_METHOD_STARTS_WITH | 2 | - |
| TEXT_QUERY_METHOD_STARTS_WITH_IGNORE_CASE | 3 | - |
| TEXT_QUERY_METHOD_CONTAINS | 4 | - |
| TEXT_QUERY_METHOD_CONTAINS_IGNORE_CASE | 5 | - |
| TEXT_QUERY_METHOD_ENDS_WITH | 6 | - |
| TEXT_QUERY_METHOD_ENDS_WITH_IGNORE_CASE | 7 | - |

25
docs/docs/apis/proto/options.md
View File

@ -1,25 +0,0 @@
---
title: zitadel/options.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### AuthOption
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| permission | string | - | |
| check_field_name | string | - | |

154
docs/docs/apis/proto/org.md
View File

@ -1,154 +0,0 @@
---
title: zitadel/org.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### Domain
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| org_id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| domain_name | string | - | |
| is_verified | bool | - | |
| is_primary | bool | - | |
| validation_type | DomainValidationType | - | |
### DomainNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### DomainSearchQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.domain_name_query | DomainNameQuery | - | |
### Org
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| state | OrgState | - | |
| name | string | - | |
| primary_domain | string | - | |
### OrgDomainQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| domain | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### OrgNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### OrgQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.name_query | OrgNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.domain_query | OrgDomainQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.state_query | OrgStateQuery | - | |
### OrgStateQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| state | OrgState | - | enum.defined_only: true<br /> |
## Enums
### DomainValidationType {#domainvalidationtype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| DOMAIN_VALIDATION_TYPE_UNSPECIFIED | 0 | - |
| DOMAIN_VALIDATION_TYPE_HTTP | 1 | - |
| DOMAIN_VALIDATION_TYPE_DNS | 2 | - |
### OrgFieldName {#orgfieldname}
| Name | Number | Description |
| ---- | ------ | ----------- |
| ORG_FIELD_NAME_UNSPECIFIED | 0 | - |
| ORG_FIELD_NAME_NAME | 1 | - |
### OrgState {#orgstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| ORG_STATE_UNSPECIFIED | 0 | - |
| ORG_STATE_ACTIVE | 1 | - |
| ORG_STATE_INACTIVE | 2 | - |
| ORG_STATE_REMOVED | 3 | - |

208
docs/docs/apis/proto/policy.md
View File

@ -1,208 +0,0 @@
---
title: zitadel/policy.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### DomainPolicy
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| user_login_must_be_domain | bool | - | |
| is_default | bool | - | |
| validate_org_domains | bool | - | |
| smtp_sender_address_matches_instance_domain | bool | - | |
### LabelPolicy
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| primary_color | string | hex value for primary color | |
| is_default | bool | defines if the organisation's admin changed the policy | |
| hide_login_name_suffix | bool | hides the org suffix on the login form if the scope \"urn:zitadel:iam:org:domain:primary:{domainname}\" is set | |
| warn_color | string | hex value for secondary color | |
| background_color | string | hex value for background color | |
| font_color | string | hex value for font color | |
| primary_color_dark | string | hex value for primary color dark theme | |
| background_color_dark | string | hex value for background color dark theme | |
| warn_color_dark | string | hex value for warn color dark theme | |
| font_color_dark | string | hex value for font color dark theme | |
| disable_watermark | bool | - | |
| logo_url | string | - | |
| icon_url | string | - | |
| logo_url_dark | string | - | |
| icon_url_dark | string | - | |
| font_url | string | - | |
### LockoutPolicy
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| max_password_attempts | uint64 | - | |
| is_default | bool | - | |
### LoginPolicy
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| allow_username_password | bool | - | |
| allow_register | bool | - | |
| allow_external_idp | bool | - | |
| force_mfa | bool | - | |
| passwordless_type | PasswordlessType | - | |
| is_default | bool | - | |
| hide_password_reset | bool | - | |
| ignore_unknown_usernames | bool | - | |
| default_redirect_uri | string | - | |
| password_check_lifetime | google.protobuf.Duration | - | |
| external_login_check_lifetime | google.protobuf.Duration | - | |
| mfa_init_skip_lifetime | google.protobuf.Duration | - | |
| second_factor_check_lifetime | google.protobuf.Duration | - | |
| multi_factor_check_lifetime | google.protobuf.Duration | - | |
| second_factors | repeated SecondFactorType | - | |
| multi_factors | repeated MultiFactorType | - | |
| idps | repeated zitadel.idp.v1.IDPLoginPolicyLink | - | |
| allow_domain_discovery | bool | If set to true, the suffix (@domain.com) of an unknown username input on the login screen will be matched against the org domains and will redirect to the registration of that organisation on success. | |
| disable_login_with_email | bool | - | |
| disable_login_with_phone | bool | - | |
### NotificationPolicy
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| is_default | bool | - | |
| password_change | bool | - | |
### OrgIAMPolicy
deprecated: please use DomainPolicy instead
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| user_login_must_be_domain | bool | - | |
| is_default | bool | - | |
### PasswordAgePolicy
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| max_age_days | uint64 | - | |
| expire_warn_days | uint64 | - | |
| is_default | bool | - | |
### PasswordComplexityPolicy
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| min_length | uint64 | - | |
| has_uppercase | bool | - | |
| has_lowercase | bool | - | |
| has_number | bool | - | |
| has_symbol | bool | - | |
| is_default | bool | - | |
### PrivacyPolicy
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| tos_link | string | - | |
| privacy_link | string | - | |
| is_default | bool | - | |
| help_link | string | - | |
## Enums
### MultiFactorType {#multifactortype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| MULTI_FACTOR_TYPE_UNSPECIFIED | 0 | - |
| MULTI_FACTOR_TYPE_U2F_WITH_VERIFICATION | 1 | - |
### PasswordlessType {#passwordlesstype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| PASSWORDLESS_TYPE_NOT_ALLOWED | 0 | - |
| PASSWORDLESS_TYPE_ALLOWED | 1 | PLANNED: PASSWORDLESS_TYPE_WITH_CERT |
### SecondFactorType {#secondfactortype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| SECOND_FACTOR_TYPE_UNSPECIFIED | 0 | - |
| SECOND_FACTOR_TYPE_OTP | 1 | - |
| SECOND_FACTOR_TYPE_U2F | 2 | - |

247
docs/docs/apis/proto/project.md
View File

@ -1,247 +0,0 @@
---
title: zitadel/project.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### AllProjectGrantQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.project_name_query | GrantProjectNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.role_key_query | GrantRoleKeyQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.project_id_query | ProjectIDQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.granted_org_id_query | GrantedOrgIDQuery | - | |
### GrantProjectNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### GrantRoleKeyQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| role_key | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### GrantedOrgIDQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| granted_org_id | string | - | string.max_len: 200<br /> |
### GrantedProject
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| grant_id | string | - | |
| granted_org_id | string | - | |
| granted_org_name | string | - | |
| granted_role_keys | repeated string | - | |
| state | ProjectGrantState | - | |
| project_id | string | - | |
| project_name | string | - | |
| project_owner_id | string | - | |
| project_owner_name | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
### Project
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| name | string | - | |
| state | ProjectState | - | |
| project_role_assertion | bool | describes if roles of user should be added in token | |
| project_role_check | bool | ZITADEL checks if the user has at least one on this project | |
| has_project_check | bool | ZITADEL checks if the org of the user has permission to this project | |
| private_labeling_setting | PrivateLabelingSetting | Defines from where the private labeling should be triggered | |
### ProjectGrantQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.project_name_query | GrantProjectNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.role_key_query | GrantRoleKeyQuery | - | |
### ProjectIDQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| project_id | string | - | string.max_len: 200<br /> |
### ProjectNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### ProjectQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.name_query | ProjectNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.project_resource_owner_query | ProjectResourceOwnerQuery | - | |
### ProjectResourceOwnerQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| resource_owner | string | - | string.max_len: 200<br /> |
### Role
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| key | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| display_name | string | - | |
| group | string | - | |
### RoleDisplayNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| display_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### RoleKeyQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| key | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### RoleQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.key_query | RoleKeyQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.display_name_query | RoleDisplayNameQuery | - | |
## Enums
### PrivateLabelingSetting {#privatelabelingsetting}
| Name | Number | Description |
| ---- | ------ | ----------- |
| PRIVATE_LABELING_SETTING_UNSPECIFIED | 0 | - |
| PRIVATE_LABELING_SETTING_ENFORCE_PROJECT_RESOURCE_OWNER_POLICY | 1 | - |
| PRIVATE_LABELING_SETTING_ALLOW_LOGIN_USER_RESOURCE_OWNER_POLICY | 2 | - |
### ProjectGrantState {#projectgrantstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| PROJECT_GRANT_STATE_UNSPECIFIED | 0 | - |
| PROJECT_GRANT_STATE_ACTIVE | 1 | - |
| PROJECT_GRANT_STATE_INACTIVE | 2 | - |
### ProjectState {#projectstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| PROJECT_STATE_UNSPECIFIED | 0 | - |
| PROJECT_STATE_ACTIVE | 1 | - |
| PROJECT_STATE_INACTIVE | 2 | - |

166
docs/docs/apis/proto/settings.md
View File

@ -1,166 +0,0 @@
---
title: zitadel/settings.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### DebugNotificationProvider
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| compact | bool | - | |
### OIDCSettings
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| access_token_lifetime | google.protobuf.Duration | - | |
| id_token_lifetime | google.protobuf.Duration | - | |
| refresh_token_idle_expiration | google.protobuf.Duration | - | |
| refresh_token_expiration | google.protobuf.Duration | - | |
### SMSProvider
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| id | string | - | |
| state | SMSProviderConfigState | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) config.twilio | TwilioConfig | - | |
### SMTPConfig
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| sender_address | string | - | |
| sender_name | string | - | |
| tls | bool | - | |
| host | string | - | |
| user | string | - | |
### SecretGenerator
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| generator_type | SecretGeneratorType | - | |
| details | zitadel.v1.ObjectDetails | - | |
| length | uint32 | - | |
| expiry | google.protobuf.Duration | - | |
| include_lower_letters | bool | - | |
| include_upper_letters | bool | - | |
| include_digits | bool | - | |
| include_symbols | bool | - | |
### SecretGeneratorQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.type_query | SecretGeneratorTypeQuery | - | |
### SecretGeneratorTypeQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| generator_type | SecretGeneratorType | - | |
### SecurityPolicy
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| enable_iframe_embedding | bool | states if iframe embedding is enabled or disabled | |
| allowed_origins | repeated string | origins allowed to load ZITADEL in an iframe if enable_iframe_embedding is true | |
### TwilioConfig
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| sid | string | - | |
| sender_number | string | - | |
## Enums
### SMSProviderConfigState {#smsproviderconfigstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| SMS_PROVIDER_CONFIG_STATE_UNSPECIFIED | 0 | - |
| SMS_PROVIDER_CONFIG_ACTIVE | 1 | - |
| SMS_PROVIDER_CONFIG_INACTIVE | 2 | - |
### SecretGeneratorType {#secretgeneratortype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| SECRET_GENERATOR_TYPE_UNSPECIFIED | 0 | - |
| SECRET_GENERATOR_TYPE_INIT_CODE | 1 | - |
| SECRET_GENERATOR_TYPE_VERIFY_EMAIL_CODE | 2 | - |
| SECRET_GENERATOR_TYPE_VERIFY_PHONE_CODE | 3 | - |
| SECRET_GENERATOR_TYPE_PASSWORD_RESET_CODE | 4 | - |
| SECRET_GENERATOR_TYPE_PASSWORDLESS_INIT_CODE | 5 | - |
| SECRET_GENERATOR_TYPE_APP_SECRET | 6 | - |

888
docs/docs/apis/proto/system.md
View File

@ -1,888 +0,0 @@
---
title: zitadel/system.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## SystemService {#zitadelsystemv1systemservice}
### Healthz
> **rpc** Healthz([HealthzRequest](#healthzrequest))
[HealthzResponse](#healthzresponse)
Indicates if ZITADEL is running.
It respondes as soon as ZITADEL started
GET: /healthz
### ListInstances
> **rpc** ListInstances([ListInstancesRequest](#listinstancesrequest))
[ListInstancesResponse](#listinstancesresponse)
Returns a list of ZITADEL instances
POST: /instances/_search
### GetInstance
> **rpc** GetInstance([GetInstanceRequest](#getinstancerequest))
[GetInstanceResponse](#getinstanceresponse)
Returns the detail of an instance
GET: /instances/{instance_id}
### AddInstance
> **rpc** AddInstance([AddInstanceRequest](#addinstancerequest))
[AddInstanceResponse](#addinstanceresponse)
Deprecated: Use CreateInstance instead
Creates a new instance with all needed setup data
This might take some time
POST: /instances
### UpdateInstance
> **rpc** UpdateInstance([UpdateInstanceRequest](#updateinstancerequest))
[UpdateInstanceResponse](#updateinstanceresponse)
Updates name of an existing instance
PUT: /instances/{instance_id}
### CreateInstance
> **rpc** CreateInstance([CreateInstanceRequest](#createinstancerequest))
[CreateInstanceResponse](#createinstanceresponse)
Creates a new instance with all needed setup data
This might take some time
POST: /instances/_create
### RemoveInstance
> **rpc** RemoveInstance([RemoveInstanceRequest](#removeinstancerequest))
[RemoveInstanceResponse](#removeinstanceresponse)
Removes an instance
This might take some time
DELETE: /instances/{instance_id}
### ListIAMMembers
> **rpc** ListIAMMembers([ListIAMMembersRequest](#listiammembersrequest))
[ListIAMMembersResponse](#listiammembersresponse)
Returns all instance members matching the request
all queries need to match (ANDed)
POST: /instances/{instance_id}/members/_search
### ExistsDomain
> **rpc** ExistsDomain([ExistsDomainRequest](#existsdomainrequest))
[ExistsDomainResponse](#existsdomainresponse)
Checks if a domain exists
POST: /domains/{domain}/_exists
### ListDomains
> **rpc** ListDomains([ListDomainsRequest](#listdomainsrequest))
[ListDomainsResponse](#listdomainsresponse)
Returns the custom domains of an instance
POST: /instances/{instance_id}/domains/_search
### AddDomain
> **rpc** AddDomain([AddDomainRequest](#adddomainrequest))
[AddDomainResponse](#adddomainresponse)
Returns the domain of an instance
POST: /instances/{instance_id}/domains
### RemoveDomain
> **rpc** RemoveDomain([RemoveDomainRequest](#removedomainrequest))
[RemoveDomainResponse](#removedomainresponse)
Returns the domain of an instance
DELETE: /instances/{instance_id}/domains/{domain}
### SetPrimaryDomain
> **rpc** SetPrimaryDomain([SetPrimaryDomainRequest](#setprimarydomainrequest))
[SetPrimaryDomainResponse](#setprimarydomainresponse)
Returns the domain of an instance
POST: /instances/{instance_id}/domains/_set_primary
### ListViews
> **rpc** ListViews([ListViewsRequest](#listviewsrequest))
[ListViewsResponse](#listviewsresponse)
Returns all stored read models of ZITADEL
views are used for search optimisation and optimise request latencies
they represent the delta of the event happend on the objects
POST: /views/_search
### ClearView
> **rpc** ClearView([ClearViewRequest](#clearviewrequest))
[ClearViewResponse](#clearviewresponse)
Truncates the delta of the change stream
be carefull with this function because ZITADEL has to
recompute the deltas after they got cleared.
Search requests will return wrong results until all deltas are recomputed
POST: /views/{database}/{view_name}
### ListFailedEvents
> **rpc** ListFailedEvents([ListFailedEventsRequest](#listfailedeventsrequest))
[ListFailedEventsResponse](#listfailedeventsresponse)
Returns event descriptions which cannot be processed.
It's possible that some events need some retries.
For example if the SMTP-API wasn't able to send an email at the first time
POST: /failedevents/_search
### RemoveFailedEvent
> **rpc** RemoveFailedEvent([RemoveFailedEventRequest](#removefailedeventrequest))
[RemoveFailedEventResponse](#removefailedeventresponse)
Deletes the event from failed events view.
the event is not removed from the change stream
This call is usefull if the system was able to process the event later.
e.g. if the second try of sending an email was successful. the first try produced a
failed event. You can find out if it worked on the `failure_count`
DELETE: /failedevents/{database}/{view_name}/{failed_sequence}
### AddQuota
> **rpc** AddQuota([AddQuotaRequest](#addquotarequest))
[AddQuotaResponse](#addquotaresponse)
Creates a new quota
POST: /instances/{instance_id}/quotas
### RemoveQuota
> **rpc** RemoveQuota([RemoveQuotaRequest](#removequotarequest))
[RemoveQuotaResponse](#removequotaresponse)
Removes a quota
DELETE: /instances/{instance_id}/quotas/{unit}
## Messages
### AddDomainRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| domain | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
### AddDomainResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
### AddInstanceRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_name | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| first_org_name | string | - | string.max_len: 200<br /> |
| custom_domain | string | - | string.max_len: 200<br /> |
| owner_user_name | string | - | string.max_len: 200<br /> |
| owner_email | AddInstanceRequest.Email | - | message.required: true<br /> |
| owner_profile | AddInstanceRequest.Profile | - | message.required: false<br /> |
| owner_password | AddInstanceRequest.Password | - | message.required: false<br /> |
| default_language | string | - | string.max_len: 10<br /> |
### AddInstanceRequest.Email
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| email | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| is_email_verified | bool | - | |
### AddInstanceRequest.Password
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| password | string | - | string.max_len: 200<br /> |
| password_change_required | bool | - | |
### AddInstanceRequest.Profile
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| first_name | string | - | string.max_len: 200<br /> |
| last_name | string | - | string.max_len: 200<br /> |
| preferred_language | string | - | string.max_len: 10<br /> |
### AddInstanceResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
### AddQuotaRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| unit | zitadel.quota.v1.Unit | the unit a quota should be imposed on | enum.defined_only: true<br /> enum.not_in: [0]<br /> |
| from | google.protobuf.Timestamp | the starting time from which the current quota period is calculated from. This is relevant for querying the current usage. | timestamp.required: true<br /> |
| reset_interval | google.protobuf.Duration | the quota periods duration | duration.required: true<br /> |
| amount | uint64 | the quota amount of units | uint64.gt: 0<br /> |
| limit | bool | whether ZITADEL should block further usage when the configured amount is used | |
| notifications | repeated zitadel.quota.v1.Notification | the handlers, ZITADEL executes when certain quota percentages are reached | |
### AddQuotaResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
### ChangeSubscriptionRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| domain | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| subscription_name | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| request_limit | uint64 | - | |
| action_mins_limit | uint64 | - | |
### ChangeSubscriptionResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
### ClearViewRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| database | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| view_name | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
### ClearViewResponse
This is an empty response
### CreateInstanceRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_name | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| first_org_name | string | - | string.max_len: 200<br /> |
| custom_domain | string | - | string.max_len: 200<br /> |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) owner.human | CreateInstanceRequest.Human | oneof field for the user managing the instance | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) owner.machine | CreateInstanceRequest.Machine | - | |
| default_language | string | - | string.max_len: 10<br /> |
### CreateInstanceRequest.Email
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| email | string | - | string.min_len: 1<br /> string.max_len: 200<br /> string.email: true<br /> |
| is_email_verified | bool | - | |
### CreateInstanceRequest.Human
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_name | string | - | string.max_len: 200<br /> |
| email | CreateInstanceRequest.Email | - | message.required: true<br /> |
| profile | CreateInstanceRequest.Profile | - | message.required: false<br /> |
| password | CreateInstanceRequest.Password | - | message.required: false<br /> |
### CreateInstanceRequest.Machine
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_name | string | - | string.max_len: 200<br /> |
| name | string | - | string.max_len: 200<br /> |
| personal_access_token | CreateInstanceRequest.PersonalAccessToken | - | |
| machine_key | CreateInstanceRequest.MachineKey | - | |
### CreateInstanceRequest.MachineKey
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| type | zitadel.authn.v1.KeyType | - | enum.defined_only: true<br /> enum.not_in: [0]<br /> |
| expiration_date | google.protobuf.Timestamp | - | |
### CreateInstanceRequest.Password
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| password | string | - | string.max_len: 200<br /> |
| password_change_required | bool | - | |
### CreateInstanceRequest.PersonalAccessToken
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| expiration_date | google.protobuf.Timestamp | - | |
### CreateInstanceRequest.Profile
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| first_name | string | - | string.max_len: 200<br /> |
| last_name | string | - | string.max_len: 200<br /> |
| preferred_language | string | - | string.max_len: 10<br /> |
### CreateInstanceResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| pat | string | - | |
| machine_key | bytes | - | |
### ExistsDomainRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| domain | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
### ExistsDomainResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| exists | bool | - | |
### FailedEvent
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| database | string | - | |
| view_name | string | - | |
| failed_sequence | uint64 | - | |
| failure_count | uint64 | - | |
| error_message | string | - | |
| last_failed | google.protobuf.Timestamp | - | |
### GetInstanceRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
### GetInstanceResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance | zitadel.instance.v1.InstanceDetail | - | |
### GetUsageRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
### HealthzRequest
This is an empty request
### HealthzResponse
This is an empty response
### ListDomainsRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | list limitations and ordering | string.min_len: 1<br /> string.max_len: 200<br /> |
| query | zitadel.v1.ListQuery | - | |
| sorting_column | zitadel.instance.v1.DomainFieldName | the field the result is sorted | |
| queries | repeated zitadel.instance.v1.DomainSearchQuery | criterias the client is looking for | |
### ListDomainsResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ListDetails | - | |
| sorting_column | zitadel.instance.v1.DomainFieldName | - | |
| result | repeated zitadel.instance.v1.Domain | - | |
### ListFailedEventsRequest
This is an empty request
### ListFailedEventsResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| result | repeated FailedEvent | TODO: list details | |
### ListIAMMembersRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| query | zitadel.v1.ListQuery | - | |
| instance_id | string | - | |
| queries | repeated zitadel.member.v1.SearchQuery | - | |
### ListIAMMembersResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ListDetails | - | |
| result | repeated zitadel.member.v1.Member | - | |
### ListInstancesRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| query | zitadel.v1.ListQuery | list limitations and ordering | |
| sorting_column | zitadel.instance.v1.FieldName | the field the result is sorted | |
| queries | repeated zitadel.instance.v1.Query | criterias the client is looking for | |
### ListInstancesResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ListDetails | - | |
| sorting_column | zitadel.instance.v1.FieldName | - | |
| result | repeated zitadel.instance.v1.Instance | - | |
### ListViewsRequest
This is an empty request
### ListViewsResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| result | repeated View | TODO: list details | |
### RemoveDomainRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| domain | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
### RemoveDomainResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
### RemoveFailedEventRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| database | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| view_name | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| failed_sequence | uint64 | - | |
| instance_id | string | - | |
### RemoveFailedEventResponse
This is an empty response
### RemoveInstanceRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
### RemoveInstanceResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
### RemoveQuotaRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| unit | zitadel.quota.v1.Unit | - | |
### RemoveQuotaResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
### SetPrimaryDomainRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| domain | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
### SetPrimaryDomainResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
### UpdateInstanceRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| instance_id | string | - | |
| instance_name | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
### UpdateInstanceResponse
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
### View
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| database | string | - | |
| view_name | string | - | |
| processed_sequence | uint64 | - | |
| event_timestamp | google.protobuf.Timestamp | The timestamp the event occured | |
| last_successful_spooler_run | google.protobuf.Timestamp | - | |
| instance | string | - | |

637
docs/docs/apis/proto/text.md
View File

@ -1,637 +0,0 @@
---
title: zitadel/text.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### EmailVerificationDoneScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
| cancel_button_text | string | - | string.max_len: 100<br /> |
| login_button_text | string | - | string.max_len: 100<br /> |
### EmailVerificationScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| code_label | string | - | string.max_len: 200<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
| resend_button_text | string | - | string.max_len: 100<br /> |
### ExternalRegistrationUserOverviewScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| email_label | string | - | string.max_len: 200<br /> |
| username_label | string | - | string.max_len: 200<br /> |
| firstname_label | string | - | string.max_len: 200<br /> |
| lastname_label | string | - | string.max_len: 200<br /> |
| nickname_label | string | - | string.max_len: 200<br /> |
| language_label | string | - | string.max_len: 200<br /> |
| phone_label | string | - | string.max_len: 200<br /> |
| tos_and_privacy_label | string | - | string.max_len: 200<br /> |
| tos_confirm | string | - | string.max_len: 200<br /> |
| tos_link_text | string | - | string.max_len: 200<br /> |
| privacy_link_text | string | - | string.max_len: 200<br /> |
| back_button_text | string | - | string.max_len: 200<br /> |
| next_button_text | string | - | string.max_len: 200<br /> |
| privacy_confirm | string | - | string.max_len: 200<br /> |
### ExternalUserNotFoundScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| link_button_text | string | - | string.max_len: 100<br /> |
| auto_register_button_text | string | - | string.max_len: 100<br /> |
| tos_and_privacy_label | string | - | string.max_len: 200<br /> |
| tos_confirm | string | - | string.max_len: 200<br /> |
| tos_link_text | string | - | string.max_len: 200<br /> |
| privacy_link_text | string | - | string.max_len: 200<br /> |
| privacy_confirm | string | - | string.max_len: 200<br /> |
### FooterText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| tos | string | - | string.max_len: 200<br /> |
| privacy_policy | string | - | string.max_len: 200<br /> |
| help | string | - | string.max_len: 200<br /> |
### InitMFADoneScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| cancel_button_text | string | - | string.max_len: 100<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
### InitMFAOTPScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| description_otp | string | - | string.max_len: 500<br /> |
| secret_label | string | - | string.max_len: 200<br /> |
| code_label | string | - | string.max_len: 200<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
| cancel_button_text | string | - | string.max_len: 100<br /> |
### InitMFAPromptScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| otp_option | string | - | string.max_len: 200<br /> |
| u2f_option | string | - | string.max_len: 200<br /> |
| skip_button_text | string | - | string.max_len: 100<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
### InitMFAU2FScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| token_name_label | string | - | string.max_len: 200<br /> |
| not_supported | string | - | string.max_len: 500<br /> |
| register_token_button_text | string | - | string.max_len: 100<br /> |
| error_retry | string | - | string.max_len: 500<br /> |
### InitPasswordDoneScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
| cancel_button_text | string | - | string.max_len: 100<br /> |
### InitPasswordScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| code_label | string | - | string.max_len: 200<br /> |
| new_password_label | string | - | string.max_len: 200<br /> |
| new_password_confirm_label | string | - | string.max_len: 200<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
| resend_button_text | string | - | string.max_len: 100<br /> |
### InitializeUserDoneScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| cancel_button_text | string | - | string.max_len: 100<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
### InitializeUserScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| code_label | string | - | string.max_len: 200<br /> |
| new_password_label | string | - | string.max_len: 200<br /> |
| new_password_confirm_label | string | - | string.max_len: 200<br /> |
| resend_button_text | string | - | string.max_len: 100<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
### LinkingUserDoneScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| cancel_button_text | string | - | string.max_len: 100<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
### LoginCustomText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| select_account_text | SelectAccountScreenText | - | |
| login_text | LoginScreenText | - | |
| password_text | PasswordScreenText | - | |
| username_change_text | UsernameChangeScreenText | - | |
| username_change_done_text | UsernameChangeDoneScreenText | - | |
| init_password_text | InitPasswordScreenText | - | |
| init_password_done_text | InitPasswordDoneScreenText | - | |
| email_verification_text | EmailVerificationScreenText | - | |
| email_verification_done_text | EmailVerificationDoneScreenText | - | |
| initialize_user_text | InitializeUserScreenText | - | |
| initialize_done_text | InitializeUserDoneScreenText | - | |
| init_mfa_prompt_text | InitMFAPromptScreenText | - | |
| init_mfa_otp_text | InitMFAOTPScreenText | - | |
| init_mfa_u2f_text | InitMFAU2FScreenText | - | |
| init_mfa_done_text | InitMFADoneScreenText | - | |
| mfa_providers_text | MFAProvidersText | - | |
| verify_mfa_otp_text | VerifyMFAOTPScreenText | - | |
| verify_mfa_u2f_text | VerifyMFAU2FScreenText | - | |
| passwordless_text | PasswordlessScreenText | - | |
| password_change_text | PasswordChangeScreenText | - | |
| password_change_done_text | PasswordChangeDoneScreenText | - | |
| password_reset_done_text | PasswordResetDoneScreenText | - | |
| registration_option_text | RegistrationOptionScreenText | - | |
| registration_user_text | RegistrationUserScreenText | - | |
| registration_org_text | RegistrationOrgScreenText | - | |
| linking_user_done_text | LinkingUserDoneScreenText | - | |
| external_user_not_found_text | ExternalUserNotFoundScreenText | - | |
| success_login_text | SuccessLoginScreenText | - | |
| logout_text | LogoutDoneScreenText | - | |
| footer_text | FooterText | - | |
| passwordless_prompt_text | PasswordlessPromptScreenText | - | |
| passwordless_registration_text | PasswordlessRegistrationScreenText | - | |
| passwordless_registration_done_text | PasswordlessRegistrationDoneScreenText | - | |
| external_registration_user_overview_text | ExternalRegistrationUserOverviewScreenText | - | |
| is_default | bool | - | |
### LoginScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| title_linking_process | string | - | string.max_len: 200<br /> |
| description_linking_process | string | - | string.max_len: 500<br /> |
| user_must_be_member_of_org | string | - | string.max_len: 500<br /> |
| login_name_label | string | - | string.max_len: 200<br /> |
| register_button_text | string | - | string.max_len: 100<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
| external_user_description | string | - | string.max_len: 500<br /> |
| user_name_placeholder | string | - | string.max_len: 200<br /> |
| login_name_placeholder | string | - | string.max_len: 200<br /> |
### LogoutDoneScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| login_button_text | string | - | string.max_len: 200<br /> |
### MFAProvidersText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| choose_other | string | - | string.max_len: 500<br /> |
| otp | string | - | string.max_len: 200<br /> |
| u2f | string | - | string.max_len: 200<br /> |
### MessageCustomText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| details | zitadel.v1.ObjectDetails | - | |
| title | string | - | |
| pre_header | string | - | |
| subject | string | - | |
| greeting | string | - | |
| text | string | - | |
| button_text | string | - | |
| footer_text | string | - | |
| is_default | bool | - | |
### PasswordChangeDoneScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
### PasswordChangeScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| old_password_label | string | - | string.max_len: 200<br /> |
| new_password_label | string | - | string.max_len: 200<br /> |
| new_password_confirm_label | string | - | string.max_len: 200<br /> |
| cancel_button_text | string | - | string.max_len: 100<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
### PasswordResetDoneScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
### PasswordScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| password_label | string | - | string.max_len: 200<br /> |
| reset_link_text | string | - | string.max_len: 100<br /> |
| back_button_text | string | - | string.max_len: 100<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
| min_length | string | - | string.max_len: 100<br /> |
| has_uppercase | string | - | string.max_len: 100<br /> |
| has_lowercase | string | - | string.max_len: 100<br /> |
| has_number | string | - | string.max_len: 100<br /> |
| has_symbol | string | - | string.max_len: 100<br /> |
| confirmation | string | - | string.max_len: 100<br /> |
### PasswordlessPromptScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| description_init | string | - | string.max_len: 500<br /> |
| passwordless_button_text | string | - | string.max_len: 100<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
| skip_button_text | string | - | string.max_len: 100<br /> |
### PasswordlessRegistrationDoneScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
| cancel_button_text | string | - | string.max_len: 100<br /> |
| description_close | string | - | string.max_len: 100<br /> |
### PasswordlessRegistrationScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| token_name_label | string | - | string.max_len: 200<br /> |
| not_supported | string | - | string.max_len: 500<br /> |
| register_token_button_text | string | - | string.max_len: 100<br /> |
| error_retry | string | - | string.max_len: 500<br /> |
### PasswordlessScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| login_with_pw_button_text | string | - | string.max_len: 100<br /> |
| validate_token_button_text | string | - | string.max_len: 200<br /> |
| not_supported | string | - | string.max_len: 500<br /> |
| error_retry | string | - | string.max_len: 500<br /> |
### RegistrationOptionScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| user_name_button_text | string | - | string.max_len: 200<br /> |
| external_login_description | string | - | string.max_len: 500<br /> |
| login_button_text | string | - | string.max_len: 200<br /> |
### RegistrationOrgScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| orgname_label | string | - | string.max_len: 200<br /> |
| firstname_label | string | - | string.max_len: 200<br /> |
| lastname_label | string | - | string.max_len: 200<br /> |
| username_label | string | - | string.max_len: 200<br /> |
| email_label | string | - | string.max_len: 200<br /> |
| password_label | string | - | string.max_len: 200<br /> |
| password_confirm_label | string | - | string.max_len: 200<br /> |
| tos_and_privacy_label | string | - | string.max_len: 200<br /> |
| tos_confirm | string | - | string.max_len: 200<br /> |
| tos_link_text | string | - | string.max_len: 200<br /> |
| privacy_confirm | string | - | string.max_len: 200<br /> |
| privacy_link_text | string | - | string.max_len: 200<br /> |
| save_button_text | string | - | string.max_len: 200<br /> |
### RegistrationUserScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| description_org_register | string | - | string.max_len: 500<br /> |
| firstname_label | string | - | string.max_len: 200<br /> |
| lastname_label | string | - | string.max_len: 200<br /> |
| email_label | string | - | string.max_len: 200<br /> |
| username_label | string | - | string.max_len: 200<br /> |
| language_label | string | - | string.max_len: 200<br /> |
| gender_label | string | - | string.max_len: 200<br /> |
| password_label | string | - | string.max_len: 200<br /> |
| password_confirm_label | string | - | string.max_len: 200<br /> |
| tos_and_privacy_label | string | - | string.max_len: 200<br /> |
| tos_confirm | string | - | string.max_len: 200<br /> |
| tos_link_text | string | - | string.max_len: 200<br /> |
| privacy_confirm | string | - | string.max_len: 200<br /> |
| privacy_link_text | string | - | string.max_len: 200<br /> |
| next_button_text | string | - | string.max_len: 200<br /> |
| back_button_text | string | - | string.max_len: 200<br /> |
### SelectAccountScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| title_linking_process | string | - | string.max_len: 200<br /> |
| description_linking_process | string | - | string.max_len: 500<br /> |
| other_user | string | - | string.max_len: 500<br /> |
| session_state_active | string | - | string.max_len: 100<br /> |
| session_state_inactive | string | - | string.max_len: 100<br /> |
| user_must_be_member_of_org | string | - | string.max_len: 500<br /> |
### SuccessLoginScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| auto_redirect_description | string | Text to describe that auto redirect should happen after successful login | string.max_len: 500<br /> |
| redirected_description | string | Text to describe that the window can be closed after redirect | string.max_len: 100<br /> |
| next_button_text | string | - | string.max_len: 200<br /> |
### UsernameChangeDoneScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
### UsernameChangeScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| username_label | string | - | string.max_len: 200<br /> |
| cancel_button_text | string | - | string.max_len: 100<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
### VerifyMFAOTPScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| code_label | string | - | string.max_len: 200<br /> |
| next_button_text | string | - | string.max_len: 100<br /> |
### VerifyMFAU2FScreenText
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| title | string | - | string.max_len: 200<br /> |
| description | string | - | string.max_len: 500<br /> |
| validate_token_text | string | - | string.max_len: 500<br /> |
| not_supported | string | - | string.max_len: 500<br /> |
| error_retry | string | - | string.max_len: 500<br /> |

744
docs/docs/apis/proto/user.md
View File

@ -1,744 +0,0 @@
---
title: zitadel/user.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### AuthFactor
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| state | AuthFactorState | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) type.otp | AuthFactorOTP | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) type.u2f | AuthFactorU2F | - | |
### AuthFactorOTP
### AuthFactorU2F
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| name | string | - | |
### DisplayNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| display_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### Email
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| email | string | - | |
| is_email_verified | bool | - | |
### EmailQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| email_address | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### FirstNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| first_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### Human
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| profile | Profile | - | |
| email | Email | - | |
| phone | Phone | - | |
### LastNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| last_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### LoginNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| login_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### Machine
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| name | string | - | |
| description | string | - | |
| has_secret | bool | - | |
| access_token_type | AccessTokenType | - | |
### Membership
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| roles | repeated string | - | |
| display_name | string | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) type.iam | bool | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) type.org_id | string | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) type.project_id | string | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) type.project_grant_id | string | - | |
### MembershipIAMQuery
this query is always equals
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| iam | bool | - | |
### MembershipOrgQuery
this query is always equals
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| org_id | string | - | string.max_len: 200<br /> |
### MembershipProjectGrantQuery
this query is always equals
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| project_grant_id | string | - | string.max_len: 200<br /> |
### MembershipProjectQuery
this query is always equals
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| project_id | string | - | string.max_len: 200<br /> |
### MembershipQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.org_query | MembershipOrgQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.project_query | MembershipProjectQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.project_grant_query | MembershipProjectGrantQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.iam_query | MembershipIAMQuery | - | |
### NickNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| nick_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### PersonalAccessToken
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| expiration_date | google.protobuf.Timestamp | - | |
| scopes | repeated string | - | |
### Phone
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| phone | string | - | |
| is_phone_verified | bool | - | |
### Profile
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| first_name | string | - | |
| last_name | string | - | |
| nick_name | string | - | |
| display_name | string | - | |
| preferred_language | string | - | |
| gender | Gender | - | |
| avatar_url | string | - | |
### RefreshToken
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| client_id | string | - | |
| auth_time | google.protobuf.Timestamp | - | |
| idle_expiration | google.protobuf.Timestamp | - | |
| expiration | google.protobuf.Timestamp | - | |
| scopes | repeated string | - | |
| audience | repeated string | - | |
### SearchQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.user_name_query | UserNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.first_name_query | FirstNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.last_name_query | LastNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.nick_name_query | NickNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.display_name_query | DisplayNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.email_query | EmailQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.state_query | StateQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.type_query | TypeQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.login_name_query | LoginNameQuery | - | |
### Session
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| session_id | string | - | |
| agent_id | string | - | |
| auth_state | SessionState | - | |
| user_id | string | - | |
| user_name | string | - | |
| login_name | string | - | |
| display_name | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| avatar_url | string | - | |
### StateQuery
UserStateQuery is always equals
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| state | UserState | - | enum.defined_only: true<br /> |
### TypeQuery
UserTypeQuery is always equals
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| type | Type | - | enum.defined_only: true<br /> |
### User
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| state | UserState | - | |
| user_name | string | - | |
| login_names | repeated string | - | |
| preferred_login_name | string | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) type.human | Human | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) type.machine | Machine | - | |
### UserGrant
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| details | zitadel.v1.ObjectDetails | - | |
| role_keys | repeated string | - | |
| state | UserGrantState | - | |
| user_id | string | - | |
| user_name | string | - | |
| first_name | string | - | |
| last_name | string | - | |
| email | string | - | string.email: true<br /> |
| display_name | string | - | string.max_len: 200<br /> |
| org_id | string | - | |
| org_name | string | - | |
| org_domain | string | - | |
| project_id | string | - | |
| project_name | string | - | |
| project_grant_id | string | - | |
| avatar_url | string | - | |
| preferred_login_name | string | - | |
### UserGrantDisplayNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| display_name | string | - | |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### UserGrantEmailQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| email | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### UserGrantFirstNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| first_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### UserGrantLastNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| last_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### UserGrantOrgDomainQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| org_domain | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### UserGrantOrgNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| org_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### UserGrantProjectGrantIDQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| project_grant_id | string | - | string.max_len: 200<br /> |
### UserGrantProjectIDQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| project_id | string | - | string.max_len: 200<br /> |
### UserGrantProjectNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| project_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### UserGrantQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.project_id_query | UserGrantProjectIDQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.user_id_query | UserGrantUserIDQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.with_granted_query | UserGrantWithGrantedQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.role_key_query | UserGrantRoleKeyQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.project_grant_id_query | UserGrantProjectGrantIDQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.user_name_query | UserGrantUserNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.first_name_query | UserGrantFirstNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.last_name_query | UserGrantLastNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.email_query | UserGrantEmailQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.org_name_query | UserGrantOrgNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.org_domain_query | UserGrantOrgDomainQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.project_name_query | UserGrantProjectNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.display_name_query | UserGrantDisplayNameQuery | - | |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.user_type_query | UserGrantUserTypeQuery | - | |
### UserGrantRoleKeyQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| role_key | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### UserGrantUserIDQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_id | string | - | string.max_len: 200<br /> |
### UserGrantUserNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### UserGrantUserTypeQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| type | Type | - | |
### UserGrantWithGrantedQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| with_granted | bool | - | |
### UserNameQuery
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_name | string | - | string.max_len: 200<br /> |
| method | zitadel.v1.TextQueryMethod | - | enum.defined_only: true<br /> |
### WebAuthNKey
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| public_key | bytes | - | |
### WebAuthNToken
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| state | AuthFactorState | - | |
| name | string | - | |
### WebAuthNVerification
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| public_key_credential | bytes | - | bytes.min_len: 55<br /> |
| token_name | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
## Enums
### AccessTokenType {#accesstokentype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| ACCESS_TOKEN_TYPE_BEARER | 0 | - |
| ACCESS_TOKEN_TYPE_JWT | 1 | - |
### AuthFactorState {#authfactorstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| AUTH_FACTOR_STATE_UNSPECIFIED | 0 | - |
| AUTH_FACTOR_STATE_NOT_READY | 1 | - |
| AUTH_FACTOR_STATE_READY | 2 | - |
| AUTH_FACTOR_STATE_REMOVED | 3 | - |
### Gender {#gender}
| Name | Number | Description |
| ---- | ------ | ----------- |
| GENDER_UNSPECIFIED | 0 | - |
| GENDER_FEMALE | 1 | - |
| GENDER_MALE | 2 | - |
| GENDER_DIVERSE | 3 | - |
### SessionState {#sessionstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| SESSION_STATE_UNSPECIFIED | 0 | - |
| SESSION_STATE_ACTIVE | 1 | - |
| SESSION_STATE_TERMINATED | 2 | - |
### Type {#type}
| Name | Number | Description |
| ---- | ------ | ----------- |
| TYPE_UNSPECIFIED | 0 | - |
| TYPE_HUMAN | 1 | - |
| TYPE_MACHINE | 2 | - |
### UserFieldName {#userfieldname}
| Name | Number | Description |
| ---- | ------ | ----------- |
| USER_FIELD_NAME_UNSPECIFIED | 0 | - |
| USER_FIELD_NAME_USER_NAME | 1 | - |
| USER_FIELD_NAME_FIRST_NAME | 2 | - |
| USER_FIELD_NAME_LAST_NAME | 3 | - |
| USER_FIELD_NAME_NICK_NAME | 4 | - |
| USER_FIELD_NAME_DISPLAY_NAME | 5 | - |
| USER_FIELD_NAME_EMAIL | 6 | - |
| USER_FIELD_NAME_STATE | 7 | - |
| USER_FIELD_NAME_TYPE | 8 | - |
| USER_FIELD_NAME_CREATION_DATE | 9 | - |
### UserGrantState {#usergrantstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| USER_GRANT_STATE_UNSPECIFIED | 0 | - |
| USER_GRANT_STATE_ACTIVE | 1 | - |
| USER_GRANT_STATE_INACTIVE | 2 | - |
### UserState {#userstate}
| Name | Number | Description |
| ---- | ------ | ----------- |
| USER_STATE_UNSPECIFIED | 0 | - |
| USER_STATE_ACTIVE | 1 | - |
| USER_STATE_INACTIVE | 2 | - |
| USER_STATE_DELETED | 3 | - |
| USER_STATE_LOCKED | 4 | - |
| USER_STATE_SUSPEND | 5 | - |
| USER_STATE_INITIAL | 6 | - |

335
docs/docs/apis/proto/v1.md
View File

@ -1,335 +0,0 @@
---
title: zitadel/v1.proto
---
> This document reflects the state from API 1.0 (available from 20.04.2021)
## Messages
### AddCustomOrgIAMPolicyRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| org_id | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| user_login_must_be_domain | bool | the username has to end with the domain of it's organisation (uniqueness is organisation based) | |
### DataAPIApplication
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| app_id | string | - | |
| app | zitadel.management.v1.AddAPIAppRequest | - | |
### DataAction
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| action_id | string | - | |
| action | zitadel.management.v1.CreateActionRequest | - | |
### DataAppKey
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| id | string | - | |
| project_id | string | - | |
| app_id | string | - | |
| client_id | string | - | |
| type | zitadel.authn.v1.KeyType | - | |
| expiration_date | google.protobuf.Timestamp | - | |
| public_key | bytes | - | |
### DataHumanUser
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_id | string | - | |
| user | zitadel.management.v1.ImportHumanUserRequest | - | |
### DataJWTIDP
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| idp_id | string | - | |
| idp | zitadel.management.v1.AddOrgJWTIDPRequest | - | |
### DataMachineKey
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| key_id | string | - | |
| user_id | string | - | |
| type | zitadel.authn.v1.KeyType | - | |
| expiration_date | google.protobuf.Timestamp | - | |
| public_key | bytes | - | |
### DataMachineUser
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_id | string | - | |
| user | zitadel.management.v1.AddMachineUserRequest | - | |
### DataOIDCApplication
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| app_id | string | - | |
| app | zitadel.management.v1.AddOIDCAppRequest | - | |
### DataOIDCIDP
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| idp_id | string | - | |
| idp | zitadel.management.v1.AddOrgOIDCIDPRequest | - | |
### DataOrg
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| org_id | string | - | |
| org | zitadel.management.v1.AddOrgRequest | - | |
| iam_policy | AddCustomOrgIAMPolicyRequest | - | |
| label_policy | zitadel.management.v1.AddCustomLabelPolicyRequest | - | |
| lockout_policy | zitadel.management.v1.AddCustomLockoutPolicyRequest | - | |
| login_policy | zitadel.management.v1.AddCustomLoginPolicyRequest | - | |
| password_complexity_policy | zitadel.management.v1.AddCustomPasswordComplexityPolicyRequest | - | |
| privacy_policy | zitadel.management.v1.AddCustomPrivacyPolicyRequest | - | |
| projects | repeated DataProject | - | |
| project_roles | repeated zitadel.management.v1.AddProjectRoleRequest | - | |
| api_apps | repeated DataAPIApplication | - | |
| oidc_apps | repeated DataOIDCApplication | - | |
| human_users | repeated DataHumanUser | - | |
| machine_users | repeated DataMachineUser | - | |
| trigger_actions | repeated SetTriggerActionsRequest | - | |
| actions | repeated DataAction | - | |
| project_grants | repeated DataProjectGrant | - | |
| user_grants | repeated zitadel.management.v1.AddUserGrantRequest | - | |
| org_members | repeated zitadel.management.v1.AddOrgMemberRequest | - | |
| project_members | repeated zitadel.management.v1.AddProjectMemberRequest | - | |
| project_grant_members | repeated zitadel.management.v1.AddProjectGrantMemberRequest | - | |
| user_metadata | repeated zitadel.management.v1.SetUserMetadataRequest | - | |
| login_texts | repeated zitadel.management.v1.SetCustomLoginTextsRequest | - | |
| init_messages | repeated zitadel.management.v1.SetCustomInitMessageTextRequest | - | |
| password_reset_messages | repeated zitadel.management.v1.SetCustomPasswordResetMessageTextRequest | - | |
| verify_email_messages | repeated zitadel.management.v1.SetCustomVerifyEmailMessageTextRequest | - | |
| verify_phone_messages | repeated zitadel.management.v1.SetCustomVerifyPhoneMessageTextRequest | - | |
| domain_claimed_messages | repeated zitadel.management.v1.SetCustomDomainClaimedMessageTextRequest | - | |
| passwordless_registration_messages | repeated zitadel.management.v1.SetCustomPasswordlessRegistrationMessageTextRequest | - | |
| oidc_idps | repeated DataOIDCIDP | - | |
| jwt_idps | repeated DataJWTIDP | - | |
| second_factors | repeated zitadel.management.v1.AddSecondFactorToLoginPolicyRequest | - | |
| multi_factors | repeated zitadel.management.v1.AddMultiFactorToLoginPolicyRequest | - | |
| idps | repeated zitadel.management.v1.AddIDPToLoginPolicyRequest | - | |
| user_links | repeated zitadel.idp.v1.IDPUserLink | - | |
| domains | repeated zitadel.org.v1.Domain | - | |
| app_keys | repeated DataAppKey | - | |
| machine_keys | repeated DataMachineKey | - | |
### DataProject
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| project_id | string | - | |
| project | zitadel.management.v1.AddProjectRequest | - | |
### DataProjectGrant
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| grant_id | string | - | |
| project_grant | zitadel.management.v1.AddProjectGrantRequest | - | |
### ExportHumanUser
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| user_name | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| profile | ExportHumanUser.Profile | - | message.required: true<br /> |
| email | ExportHumanUser.Email | - | message.required: true<br /> |
| phone | ExportHumanUser.Phone | - | |
| password | string | - | |
| hashed_password | ExportHumanUser.HashedPassword | - | |
| password_change_required | bool | - | |
| request_passwordless_registration | bool | - | |
| otp_code | string | - | |
### ExportHumanUser.Email
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| email | string | TODO: check if no value is allowed | string.email: true<br /> |
| is_email_verified | bool | - | |
### ExportHumanUser.HashedPassword
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| value | string | - | |
| algorithm | string | - | |
### ExportHumanUser.Phone
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| phone | string | has to be a global number | string.min_len: 1<br /> string.max_len: 50<br /> string.prefix: +<br /> |
| is_phone_verified | bool | - | |
### ExportHumanUser.Profile
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| first_name | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| last_name | string | - | string.min_len: 1<br /> string.max_len: 200<br /> |
| nick_name | string | - | string.max_len: 200<br /> |
| display_name | string | - | string.max_len: 200<br /> |
| preferred_language | string | - | string.max_len: 10<br /> |
| gender | zitadel.user.v1.Gender | - | |
### ImportDataOrg
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| orgs | repeated DataOrg | - | |
### SetTriggerActionsRequest
| Field | Type | Description | Validation |
| ----- | ---- | ----------- | ----------- |
| flow_type | FlowType | - | |
| trigger_type | TriggerType | - | |
| action_ids | repeated string | - | |
## Enums
### FlowType {#flowtype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| FLOW_TYPE_UNSPECIFIED | 0 | - |
| FLOW_TYPE_EXTERNAL_AUTHENTICATION | 1 | - |
### TriggerType {#triggertype}
| Name | Number | Description |
| ---- | ------ | ----------- |
| TRIGGER_TYPE_UNSPECIFIED | 0 | - |
| TRIGGER_TYPE_POST_AUTHENTICATION | 1 | - |
| TRIGGER_TYPE_PRE_CREATION | 2 | - |
| TRIGGER_TYPE_POST_CREATION | 3 | - |

2
docs/docs/apis/statuscodes.mdx
View File

@ -1,5 +1,5 @@
---
title: Status Codes
title: GRPC Status Codes
---
| GRPC Number | GRPC Code | HTTP Status Code | HTTP Status Text |Description |

2
docs/docs/concepts/structure/instance.mdx
View File

@ -18,7 +18,7 @@ Read more about how to configure your instance in our [instance guide](/guides/m
ZITADEL has the concept of virtual instances.
When installing ZITADEL from scratch, one instance is always automatically created for you.
Nevertheless, you can add more virtual instances via the [system API](/apis/proto/system#addinstance).
Nevertheless, you can add more virtual instances via the [system API](/apis/system).
This is useful if you have business customers, which in turn have their business customers with self service and custom domain demands.
By providing a virtual ZITADEL instances, your customers have all the customization options available in ZITADEL.
Scaling ZITADEL instances virtually enables you to easily distribute your limited compute resources to all your customers.

2
docs/docs/guides/integrate/access-zitadel-system-api.md
View File

@ -145,7 +145,7 @@ You should get a successful response with a `totalResult` number of 1 and the de
}
```
With this token you are allowed to access the whole [ZITADEL System API](../../apis/proto/system).
With this token you are allowed to access the whole [ZITADEL System API](../../apis/system).
## Summary

6
docs/docs/guides/integrate/event-api.md
View File

@ -11,7 +11,7 @@ You need to give a user the [manager role](https://zitadel.com/docs/guides/manag
If you like to know more about eventsourcing/eventstore and how this works in ZITADEL, head over to our [concepts](../../concepts/eventstore/overview).
## Request Events
Call the [ListEvents](../../apis/proto/admin#listevents) enpoint in the Administration API to get all the events you need.
Call the [ListEvents](../../apis/admin) enpoint in the Administration API to get all the events you need.
To further restrict your result you can add the following filters:
- sequence
- editor user id
@ -29,7 +29,7 @@ curl --request POST \
## Get event types
To be able to filter for the different event types ZITADEL knows, you can request the [EventTypesList](../../apis/proto/admin#listeventtypes)
To be able to filter for the different event types ZITADEL knows, you can request the [EventTypesList](../../apis/admin)
```bash
curl --request POST \
@ -65,7 +65,7 @@ The following example shows you the event types for a password check (failed/suc
## Get aggregate types
To be able to filter for the different aggregate types (resources) ZITADEL knows, you can request the [AggregateTypesList](../../apis/proto/admin#listaggregatetypes)
To be able to filter for the different aggregate types (resources) ZITADEL knows, you can request the [AggregateTypesList](../../apis/admin)
```bash
curl --request POST \

10
docs/docs/guides/manage/user/reg-create-user.md
View File

@ -5,7 +5,7 @@ title: Register and Create User
The ZITADEL API has different possibilities to create users.
This can be used, if you are building your own registration page.
[Import Human User](../../../apis/proto/management#importhumanuser)
[Import Human User](../../../apis/mgmt)
## With Username and Password
@ -28,9 +28,9 @@ If nothing is requested, the type will not be restricted and all possibilities o
### Add passwordless to existing user
If you already have a user in ZITADEL, it is possible to add passworless later.
If you already have a user in ZITADEL, it is possible to add passwordless later.
[Add Passwordless Registration ](../../../apis/proto/management#addpasswordlessregistration)
[Add Passwordless Registration ](../../../apis/mgmt)
Send the user_id in the request and you will get a link and an expiration as response.
You can then customize the link the same as described above in the creation process.
@ -38,6 +38,4 @@ You can then customize the link the same as described above in the creation proc
The second possibility is to send the link directly to the user per email.
Use the following request in that case:
[Send Passwordless Registration ](../../../apis/proto/management#sendpasswordlessregistration)
[Send Passwordless Registration ](../../../apis/mgmt)

2
docs/docs/guides/solution-scenarios/b2c.mdx
View File

@ -29,7 +29,7 @@ You can read more about how ZITADEL handles usernames [here](../manage/console/o
ZITADEL gives you a basic storage for users and manages phone and email addresses. It also allows you to store your own application data such as preferences or external identifiers to the metadata of a user.
If you are migrating an existing project and you already have an external identity store you can consider bulk importing your user datasets.
Read our [Management API definitions](../../apis/proto/management#importhumanuser) for more info. If the users email is not verified or no password is set, a initialization mail will be send.
Read our [Management API definitions](../../apis/mgmt) for more info. If the users email is not verified or no password is set, a initialization mail will be send.
:::info
Requests to the management API are rate limited. Read our [Rate limit Policy](../../legal/rate-limit-policy) for more info.

2
docs/docs/self-hosting/manage/quotas.md
View File

@ -6,7 +6,7 @@ Quotas is an enterprise feature that is relevant if you want to host ZITADEL as
It enables you to limit usage and/or register webhooks that trigger on configurable usage levels for certain units.
For example, you might want to report usage to an external billing tool and notify users when 80 percent of a quota is exhausted.
Quotas are currently supported [for the instance level only](/concepts/structure/instance).
Please refer to the [system API docs](/apis/proto/system#addquota) for detailed explanations about how to use the quotas feature.
Please refer to the [system API docs](/apis/system) for detailed explanations about how to use the quotas feature.
ZITADEL supports limiting authenticated requests and action run seconds

68
docs/docusaurus.config.js
View File

@ -3,7 +3,7 @@ module.exports = {
title: "ZITADEL Docs",
trailingSlash: false,
url: "https://zitadel.com",
baseUrl: "/docs/",
baseUrl: "/docs",
onBrokenLinks: "throw",
onBrokenMarkdownLinks: "warn",
favicon: "img/favicon.ico",
@ -204,10 +204,28 @@ module.exports = {
respectPrefersColorScheme: true,
},
},
webpack: {
jsLoader: (isServer) => ({
loader: require.resolve('swc-loader'),
options: {
jsc: {
parser: {
syntax: 'typescript',
tsx: true,
},
target: 'es2017',
},
module: {
type: isServer ? 'commonjs' : 'es6',
},
},
}),
},
presets: [
[
"@docusaurus/preset-classic",
{
"classic",
/** @type {import('@docusaurus/preset-classic').Options} */
({
docs: {
routeBasePath: "/",
sidebarPath: require.resolve("./sidebars.js"),
@ -215,14 +233,54 @@ module.exports = {
showLastUpdateTime: true,
editUrl: "https://github.com/zitadel/zitadel/edit/main/docs/",
remarkPlugins: [require("mdx-mermaid")],
docLayoutComponent: "@theme/DocPage",
docItemComponent: '@theme/ApiItem'
},
theme: {
customCss: require.resolve("./src/css/custom.css"),
},
},
})
],
],
plugins: [
[
'docusaurus-plugin-openapi-docs',
{
id: "apiDocs",
docsPluginId: "classic",
config: {
auth: {
specPath: ".artifacts/openapi/zitadel/auth.swagger.json",
outputDir: "docs/apis/auth",
sidebarOptions: {
groupPathsBy: "tag",
},
},
mgmt: {
specPath: ".artifacts/openapi/zitadel/management.swagger.json",
outputDir: "docs/apis/mgmt",
sidebarOptions: {
groupPathsBy: "tag",
},
},
admin: {
specPath: ".artifacts/openapi/zitadel/admin.swagger.json",
outputDir: "docs/apis/admin",
sidebarOptions: {
groupPathsBy: "tag",
},
},
system: {
specPath: ".artifacts/openapi/zitadel/system.swagger.json",
outputDir: "docs/apis/system",
sidebarOptions: {
groupPathsBy: "tag",
},
}
}
},
],
require.resolve("docusaurus-plugin-image-zoom"),
async function myPlugin(context, options) {
return {
@ -236,5 +294,5 @@ module.exports = {
};
},
],
themes: ["@saucelabs/theme-github-codeblock"],
themes: ["@saucelabs/theme-github-codeblock", "docusaurus-theme-openapi-docs"],
};

56
docs/nginx.conf Normal file
View File

@ -0,0 +1,56 @@
events {
worker_connections 1024; ## Default: 1024
}
http {
include /etc/nginx/mime.types;
server {
listen 8080;
location / {
return 301 /docs;
}
location /docs {
root /usr/share/nginx/html;
index /docs/index.html;
try_files $uri $uri/ /docs/index.html?q=$query_string;
}
location = /docs/proxy/js/script.js {
proxy_pass https://plausible.io/js/script.js;
proxy_set_header Host plausible.io;
}
location = /docs/proxy/api/event {
proxy_pass https://plausible.io/api/event;
proxy_set_header Host plausible.io;
proxy_buffering on;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
}
}
## enable gzip compression
gzip on;
gzip_vary on;
gzip_min_length 256;
gzip_proxied any;
gzip_types
## text/html is always compressed : https://nginx.org/en/docs/http/ngx_http_gzip_module.html
text/plain
text/css
text/javascript
application/javascript
application/x-javascript
application/xml
application/json
application/ld+json;
}

40
docs/package.json
View File

@ -4,14 +4,17 @@
"private": true,
"scripts": {
"docusaurus": "docusaurus",
"start": "docusaurus start",
"build": "docusaurus build",
"start": "yarn generate && docusaurus start",
"build": "yarn generate && docusaurus build --no-minify",
"swizzle": "docusaurus swizzle",
"deploy": "docusaurus deploy",
"clear": "docusaurus clear",
"serve": "docusaurus serve",
"write-translations": "docusaurus write-translations",
"write-heading-ids": "docusaurus write-heading-ids"
"write-heading-ids": "docusaurus write-heading-ids",
"generate": "yarn generate:grpc && yarn generate:apidocs",
"generate:grpc": "buf generate ../proto",
"generate:apidocs": "docusaurus clean-api-docs all && docusaurus gen-api-docs all"
},
"dependencies": {
"@algolia/autocomplete-core": "1.5.2",
@ -33,20 +36,21 @@
"@babel/preset-react": "7.16.7",
"@babel/preset-typescript": "7.16.7",
"@babel/runtime-corejs3": "7.17.9",
"@bufbuild/buf": "^1.14.0",
"@colors/colors": "1.5.0",
"@docsearch/css": "3.0.0",
"@docsearch/react": "3.0.0",
"@docusaurus/core": "^2.1.0",
"@docusaurus/cssnano-preset": "^2.1.0",
"@docusaurus/module-type-aliases": "^2.1.0",
"@docusaurus/plugin-debug": "^2.1.0",
"@docusaurus/plugin-google-analytics": "^2.1.0",
"@docusaurus/plugin-google-gtag": "^2.1.0",
"@docusaurus/plugin-sitemap": "^2.1.0",
"@docusaurus/preset-classic": "^2.1.0",
"@docusaurus/theme-classic": "^2.1.0",
"@docusaurus/theme-search-algolia": "^2.1.0",
"@docusaurus/types": "^2.1.0",
"@docusaurus/core": "2.2.0",
"@docusaurus/cssnano-preset": "2.2.0",
"@docusaurus/module-type-aliases": "2.2.0",
"@docusaurus/plugin-debug": "2.2.0",
"@docusaurus/plugin-google-analytics": "2.2.0",
"@docusaurus/plugin-google-gtag": "2.2.0",
"@docusaurus/plugin-sitemap": "2.2.0",
"@docusaurus/preset-classic": "2.2.0",
"@docusaurus/theme-classic": "2.2.0",
"@docusaurus/theme-search-algolia": "2.2.0",
"@docusaurus/types": "2.2.0",
"@headlessui/react": "^1.7.4",
"@heroicons/react": "^2.0.13",
"@jridgewell/resolve-uri": "3.0.7",
@ -60,6 +64,7 @@
"@svgr/core": "6.2.1",
"@svgr/hast-util-to-babel-ast": "6.2.1",
"@svgr/plugin-svgo": "6.2.0",
"@swc/core": "^1.3.36",
"@types/eslint-scope": "3.7.3",
"@types/http-proxy": "1.17.9",
"@types/react-router-config": "5.0.6",
@ -87,7 +92,9 @@
"cssnano-preset-advanced": "5.3.3",
"dns-packet": "5.3.1",
"docusaurus-plugin-image-zoom": "^0.1.1",
"docusaurus-plugin-openapi-docs": "1.5.2",
"docusaurus-plugin-plausible": "^0.0.5",
"docusaurus-theme-openapi-docs": "1.5.2",
"eastasianwidth": "0.2.0",
"enhanced-resolve": "5.9.3",
"eval": "0.1.8",
@ -162,6 +169,7 @@
"sitemap": "7.1.1",
"source-map-js": "1.0.2",
"stylehacks": "5.1.0",
"swc-loader": "^0.2.3",
"terser-webpack-plugin": "5.3.1",
"type-fest": "2.12.2",
"url": "^0.11.0",
@ -172,6 +180,10 @@
"widest-line": "4.0.1",
"wrap-ansi": "8.0.1"
},
"resolutions": {
"@docusaurus/theme-common": "2.2.0",
"@paloaltonetworks/postman-code-generators": "1.1.13"
},
"browserslist": {
"production": [
">0.5%",

122
docs/sidebars.js
View File

@ -170,63 +170,94 @@ module.exports = {
"apis/introduction",
{
type: "category",
label: "API Definition",
label: "Core Resources",
collapsed: false,
items: [
"apis/statuscodes",
{
type: "category",
label: "Proto",
label: "Authenticated User",
link: {
type: "generated-index",
title: "Auth API",
slug: "/apis/auth",
description:
"The authentication API (aka Auth API) is used for all operations on the currently logged in user. The user id is taken from the sub claim in the token.",
},
items: require("./docs/apis/auth/sidebar.js"),
},
{
type: "category",
label: "Organization Objects",
link: {
type: "generated-index",
title: "Management API",
slug: "/apis/mgmt",
description:
"The management API is as the name states the interface where systems can mutate IAM objects like, organizations, projects, clients, users and so on if they have the necessary access rights. To identify the current organization you can send a header x-zitadel-orgid or if no header is set, the organization of the authenticated user is set.",
},
items: require("./docs/apis/mgmt/sidebar.js"),
},
{
type: "category",
label: "Instance Objects",
link: {
type: "generated-index",
title: "Admin API",
slug: "/apis/admin",
description:
"This API is intended to configure and manage one ZITADEL instance itself.",
},
items: require("./docs/apis/admin/sidebar.js"),
},
{
type: "category",
label: "Instance Lifecycle",
link: {
type: "generated-index",
title: "System API",
slug: "/apis/system",
description:
"This API is intended to manage the different ZITADEL instances within the system.\n" +
"\n" +
"Checkout the guide how to access the ZITADEL System API.",
},
items: require("./docs/apis/system/sidebar.js"),
},
{
type: "category",
label: "Assets",
collapsed: true,
items: ["apis/assets/assets"],
},
]
},
{
type: "category",
label: "Sign In Users ",
collapsed: false,
items: [
{
type: "category",
label: "OpenID Connect & OAuth",
collapsed: true,
items: [
"apis/proto/auth",
"apis/proto/management",
"apis/proto/admin",
"apis/proto/system",
"apis/proto/instance",
"apis/proto/org",
"apis/proto/user",
"apis/proto/app",
"apis/proto/policy",
"apis/proto/auth_n_key",
"apis/proto/change",
"apis/proto/idp",
"apis/proto/member",
"apis/proto/metadata",
"apis/proto/message",
"apis/proto/text",
"apis/proto/action",
"apis/proto/object",
"apis/proto/options",
"apis/openidoauth/endpoints",
"apis/openidoauth/authrequest",
"apis/openidoauth/scopes",
"apis/openidoauth/claims",
"apis/openidoauth/authn-methods",
"apis/openidoauth/grant-types",
],
},
{
type: "category",
label: "Assets API",
label: "SAML 2.0",
collapsed: true,
items: ["apis/assets/assets"],
items: ["apis/saml/endpoints"],
},
],
},
{
type: "category",
label: "OpenID Connect & OAuth",
collapsed: false,
items: [
"apis/openidoauth/endpoints",
"apis/openidoauth/authrequest",
"apis/openidoauth/scopes",
"apis/openidoauth/claims",
"apis/openidoauth/authn-methods",
"apis/openidoauth/grant-types",
],
},
{
type: "category",
label: "SAML",
collapsed: false,
items: ["apis/saml/endpoints"],
},
{
type: "category",
label: "Actions",
@ -240,6 +271,11 @@ module.exports = {
"apis/actions/objects",
]
},
{
type: "doc",
label: "gRPC Status Codes",
id: "apis/statuscodes"
},
{
type: "category",
label: "Observability",

63
docs/src/css/custom.css
View File

@ -499,3 +499,66 @@ a {
p strong {
color: var(--font-color-strong);
}
/* Sidebar Method labels */
.api-method > .menu__link {
align-items: center;
justify-content: start;
}
.api-method > .menu__link::before {
width: 50px;
height: 20px;
font-size: 12px;
line-height: 20px;
text-transform: uppercase;
font-weight: 600;
border-radius: 0.25rem;
border: 1px solid;
border-inline-start-width: 5px;
margin-right: var(--ifm-spacing-horizontal);
text-align: center;
flex-shrink: 0;
}
.get > .menu__link::before {
content: "get";
background-color: var(--ifm-color-info-contrast-background);
color: var(--ifm-color-info-contrast-foreground);
border-color: var(--ifm-color-info-dark);
}
.post > .menu__link::before {
content: "post";
background-color: var(--ifm-color-success-contrast-background);
color: var(--ifm-color-success-contrast-foreground);
border-color: var(--ifm-color-success-dark);
}
.delete > .menu__link::before {
content: "del";
background-color: var(--ifm-color-danger-contrast-background);
color: var(--ifm-color-danger-contrast-foreground);
border-color: var(--ifm-color-danger-dark);
}
.put > .menu__link::before {
content: "put";
background-color: var(--ifm-color-warning-contrast-background);
color: var(--ifm-color-warning-contrast-foreground);
border-color: var(--ifm-color-warning-dark);
}
.patch > .menu__link::before {
content: "patch";
background-color: var(--ifm-color-success-contrast-background);
color: var(--ifm-color-success-contrast-foreground);
border-color: var(--ifm-color-success-dark);
}
.head > .menu__link::before {
content: "head";
background-color: var(--ifm-color-secondary-contrast-background);
color: var(--ifm-color-secondary-contrast-foreground);
border-color: var(--ifm-color-secondary-dark);
}

3819
docs/yarn.lock
View File

File diff suppressed because it is too large Load Diff

1
go.sum
View File

@ -1483,6 +1483,7 @@ google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzI
google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
google.golang.org/grpc v1.51.0 h1:E1eGv1FTqoLIdnBCZufiSHgKjlqG6fKFf6pPWtMTh8U=
google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww=
google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0 h1:M1YKkFIboKNieVO5DLUEVzQfGwJD30Nv2jfUgzb5UcE=
google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=

2
proto/zitadel/action.proto
View File

@ -74,7 +74,7 @@ message ActionNameQuery {
];
}
//ActionStateQuery is always equals
//ActionStateQuery always equals
message ActionStateQuery {
ActionState state = 1 [
(validate.rules).enum.defined_only = true,

1965
proto/zitadel/admin.proto
View File

File diff suppressed because it is too large Load Diff

18
proto/zitadel/app.proto
View File

@ -106,17 +106,17 @@ message OIDCConfig {
];
OIDCVersion version = 9 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "the oidc version used by the application";
description: "the OIDC version used by the application";
}
];
bool none_compliant = 10 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "specifies wheter the config is oidc compliant. A production configuration SHOULD be compliant";
description: "specifies whether the config is OIDC compliant. A production configuration SHOULD be compliant";
}
];
repeated zitadel.v1.LocalizedMessage compliance_problems = 11 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "lists the problems for non compliancy";
description: "lists the problems for non-compliancy";
}
];
bool dev_mode = 12 [
@ -131,7 +131,7 @@ message OIDCConfig {
];
bool access_token_role_assertion = 14 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "adds roles to the claims of the access token (only if type == jwt) even if they are not requested by scopes";
description: "adds roles to the claims of the access token (only if type == JWT) even if they are not requested by scopes";
}
];
bool id_token_role_assertion = 15 [
@ -141,12 +141,12 @@ message OIDCConfig {
];
bool id_token_userinfo_assertion = 16 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "claims of profile, email, address and phone scopes are added to the id token even if an access token is issued. Attention this violates the oidc specification";
description: "claims of profile, email, address and phone scopes are added to the id token even if an access token is issued. Attention this violates the OIDC specification";
}
];
google.protobuf.Duration clock_skew = 17 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "Used to compensate time difference of servers. Duration added to the \"exp\" claim and substracted from \"iat\", \"auth_time\" and \"nbf\" claims";
description: "Used to compensate time difference of servers. Duration added to the \"exp\" claim and subtracted from \"iat\", \"auth_time\" and \"nbf\" claims";
// min: "0s";
// max: "5s";
}
@ -154,13 +154,13 @@ message OIDCConfig {
repeated string additional_origins = 18 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "[\"https://console.zitadel.ch/auth/callback\"]";
description: "additional origins (other than the redirect_uris) from where the api can be used";
description: "additional origins (other than the redirect_uris) from where the API can be used";
}
];
repeated string allowed_origins = 19 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "[\"https://console.zitadel.ch/auth/callback\"]";
description: "all allowed origins from where the api can be used";
description: "all allowed origins from where the API can be used";
}
];
}
@ -222,7 +222,7 @@ message APIConfig {
];
APIAuthMethodType auth_method_type = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines how the api passes the login credentials";
description: "defines how the API passes the login credentials";
}
];
}

623
proto/zitadel/auth.proto
View File

File diff suppressed because it is too large Load Diff

14
proto/zitadel/change.proto
View File

@ -35,7 +35,7 @@ message Change {
];
string resource_owner_id = 6 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "the organisation the event belongs to";
description: "the organization the event belongs to";
example: "\"69629023906488334\"";
}
];
@ -47,23 +47,29 @@ message Change {
];
string editor_avatar_url = 8 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "avatar url of the editor";
description: "avatar URL of the editor";
example: "\"https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32\"";
}
];
}
message ChangeQuery {
//sequence represents the order of events. It's always upcounting
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_schema) = {
json_schema: {
title: "Query for Changes of an Object"
description: "Filter possibility for the changes/history of an Object."
}
};
uint64 sequence = 1 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"2\"";
description: "sequence represents the order of events. It's always counting";
}
];
uint32 limit = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "20";
description: "Maximum amount of events returned. Default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If no limit is set or the limit exeeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.";
description: "Maximum amount of events returned. The default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If no limit is set or the limit exceeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.";
}
];
bool asc = 3 [

51
proto/zitadel/event.proto
View File

@ -15,34 +15,67 @@ message Event {
Editor editor = 1;
Aggregate aggregate = 2;
uint64 sequence = 3;
// The timestamp the event occurred
google.protobuf.Timestamp creation_date = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"2019-04-01T08:45:00.000000Z\"";
description: "The timestamp the event occurred";
}
];
google.protobuf.Struct payload = 5 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "{\"firstName\": \"Gigi\", \"lastName\": \"Giraffe\", \"userName\": \"gigi@zitadel.com\", \"displayName\": \"Gigi\"}";
description: "Payload contains the data of the event.";
}
];
google.protobuf.Struct payload = 5;
EventType type = 6;
}
message Editor {
string user_id = 1;
string display_name = 2;
string service = 3;
string user_id = 1 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"165617389845094785\"";
}
];
string display_name = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"Minnie Mouse\"";
}
];
string service = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"Management-API\"";
}
];
}
message Aggregate {
string id = 1;
string id = 1 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"165617850743094785\"";
}
];
AggregateType type = 2;
string resource_owner = 3;
string resource_owner = 3[
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"165617850930497249\"";
}
];
}
message EventType {
string type = 1;
string type = 1 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"user.human.added\"";
}
];
zitadel.v1.LocalizedMessage localized = 2;
}
message AggregateType {
string type = 1;
string type = 1 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"user\"";
}
];
zitadel.v1.LocalizedMessage localized = 2;
}

10
proto/zitadel/idp.proto
View File

@ -124,7 +124,7 @@ enum IDPOwnerType {
IDP_OWNER_TYPE_UNSPECIFIED = 0;
// system is managed by the ZITADEL administrators
IDP_OWNER_TYPE_SYSTEM = 1;
// org is managed by de organisation administrators
// org is managed by de organization administrators
IDP_OWNER_TYPE_ORG = 2;
}
@ -137,7 +137,7 @@ message OIDCConfig {
string issuer = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://accounts.google.com\"";
description: "the oidc issuer of the identity provider";
description: "the OIDC issuer of the identity provider";
}
];
repeated string scopes = 3 [
@ -170,21 +170,21 @@ message JWTConfig {
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://accounts.google.com\"";
description: "the endpoint where the jwt can be extracted";
description: "the endpoint where the JWT can be extracted";
}
];
string issuer = 2 [
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://accounts.google.com\"";
description: "the issuer of the jwt (for validation)";
description: "the issuer of the JWT (for validation)";
}
];
string keys_endpoint = 3 [
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://accounts.google.com/keys\"";
description: "the endpoint to the key (JWK) which are used to sign the JWT with";
description: "the endpoint to the key (JWK) which is used to sign the JWT with";
}
];
string header_name = 4 [

2
proto/zitadel/instance.proto
View File

@ -74,7 +74,7 @@ message Query {
}
}
//IdQuery is always equals
//IdQuery always equals
message IdsQuery {
repeated string ids = 1 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {

2553
proto/zitadel/management.proto
View File

File diff suppressed because it is too large Load Diff

6
proto/zitadel/member.proto
View File

@ -17,7 +17,7 @@ message Member {
zitadel.v1.ObjectDetails details = 2;
repeated string roles = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "[\"role.super.man\"]";
example: "[\"IAM_OWNER\"]";
description: "the role keys granted to the user"
}
];
@ -36,7 +36,7 @@ message Member {
string first_name = 6 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"Gigi\"";
description: "first name of the user"
description: "the first name of the user"
}
];
string last_name = 7 [
@ -53,7 +53,7 @@ message Member {
];
string avatar_url = 9 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "avatar url of the user"
description: "avatar URL of the user"
example: "\"https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32\"";
}
];

6
proto/zitadel/metadata.proto
View File

@ -12,12 +12,14 @@ message Metadata {
zitadel.v1.ObjectDetails details = 1;
string key = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "metadata key"
description: "metadata key",
example: "\"key1\"";
}
];
bytes value = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "metadata value"
description: "metadata value is base64 encoded, make sure to decode to get the value",
example: "\"VGhpcyBpcyBteSBmaXJzdCB2YWx1ZQ==\"";
}
];
}

12
proto/zitadel/object.proto
View File

@ -8,7 +8,7 @@ package zitadel.v1;
option go_package ="github.com/zitadel/zitadel/pkg/grpc/object";
message ObjectDetails {
//sequence represents the order of events. It's always upcounting
//sequence represents the order of events. It's always counting
//
// on read: the sequence of the last event reduced by the projection
//
@ -30,7 +30,7 @@ message ObjectDetails {
//
// on manipulation: the
google.protobuf.Timestamp change_date = 3;
//resource_owner is the organisation an object belongs to
//resource_owner is the organization an object belongs to
string resource_owner = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"69629023906488334\"";
@ -39,6 +39,12 @@ message ObjectDetails {
}
message ListQuery {
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_schema) = {
json_schema: {
title: "General List Query"
description: "Object unspecific list filters like offset, limit and asc/desc."
}
};
uint64 offset = 1 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"10\"";
@ -47,7 +53,7 @@ message ListQuery {
uint32 limit = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "20";
description: "Maximum amount of events returned. Default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If limit exeeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.";
description: "Maximum amount of events returned. The default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If the limit exceeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.";
}
];
bool asc = 3 [

16
proto/zitadel/org.proto
View File

@ -17,17 +17,17 @@ message Org {
zitadel.v1.ObjectDetails details = 2;
OrgState state = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "current state of the organisation";
description: "current state of the organization";
}
];
string name = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"CAOS AG\"";
example: "\"ZITADEL\"";
}
];
string primary_domain = 5 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"caos.ch\"";
example: "\"zitadel.cloud\"";
}
];
}
@ -48,7 +48,7 @@ message Domain {
zitadel.v1.ObjectDetails details = 2;
string domain_name = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"caos.ch\"";
example: "\"zitadel.com\"";
}
];
bool is_verified = 4 [
@ -88,7 +88,7 @@ message OrgNameQuery {
string name = 1 [
(validate.rules).string = {max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"caos ag\"";
example: "\"ZITADEL\"";
}
];
zitadel.v1.TextQueryMethod method = 2 [
@ -103,7 +103,7 @@ message OrgDomainQuery {
string domain = 1 [
(validate.rules).string = {max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"CAOS.C\"";
example: "\"citadel.cloud\"";
}
];
zitadel.v1.TextQueryMethod method = 2 [
@ -118,7 +118,7 @@ message OrgStateQuery {
OrgState state = 1 [
(validate.rules).enum.defined_only = true,
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "current state of the organisation";
description: "current state of the organization";
}
];
}
@ -140,7 +140,7 @@ message DomainNameQuery {
string name = 1 [
(validate.rules).string = {max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"caos.ch\"";
example: "\"zitadel.cloud\"";
}
];
zitadel.v1.TextQueryMethod method = 2 [

149
proto/zitadel/policy.proto
View File

@ -14,12 +14,12 @@ message OrgIAMPolicy {
zitadel.v1.ObjectDetails details = 1;
bool user_login_must_be_domain = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "the username has to end with the domain of it's organisation"
description: "the username has to end with the domain of its organization"
}
];
bool is_default = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if the organisation's admin changed the policy"
description: "defines if the organization's admin changed the policy"
}
];
}
@ -28,22 +28,22 @@ message DomainPolicy {
zitadel.v1.ObjectDetails details = 1;
bool user_login_must_be_domain = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "the username has to end with the domain of it's organisation"
description: "the username has to end with the domain of its organization"
}
];
bool is_default = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if the organisation's admin changed the policy"
description: "defines if the organization's admin changed the policy"
}
];
bool validate_org_domains = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if organisation domains should be validated org count as validated automatically"
description: "defines if organization domains should be validated org count as validated automatically"
}
];
bool smtp_sender_address_matches_instance_domain = 5 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if the smtp sender address domain should match an existing domain on the instance"
description: "defines if the SMTP sender address domain should match an existing domain on the instance"
}
];
}
@ -53,13 +53,14 @@ message LabelPolicy {
// hex value for primary color
string primary_color = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for primary color"
description: "hex value for primary color";
example: "\"#5469d4\"";
}
];
// defines if the organisation's admin changed the policy
// defines if the organization's admin changed the policy
bool is_default = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if the organisation's admin changed the policy"
description: "defines if the organization's admin changed the policy"
}
];
// hides the org suffix on the login form if the scope \"urn:zitadel:iam:org:domain:primary:{domainname}\" is set
@ -71,50 +72,77 @@ message LabelPolicy {
// hex value for secondary color
string warn_color = 6 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for warn color"
description: "hex value for warn color";
example: "\"#CD3D56\"";
}
];
// hex value for background color
string background_color = 7 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for background color"
description: "hex value for background color";
example: "\"#FAFAFA\"";
}
];
// hex value for font color
string font_color = 8 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for font color"
description: "hex value for font color";
example: "\"#000000\"";
}
];
// hex value for primary color dark theme
string primary_color_dark = 9 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for primary color dark theme"
description: "hex value for the primary color dark theme";
example: "\"#BBBAFA\"";
}
];
// hex value for background color dark theme
string background_color_dark = 10 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for background color dark theme"
description: "hex value for background color dark theme";
example: "\"#111827\"";
}
];
// hex value for warn color dark theme
// hex value for warning color dark theme
string warn_color_dark = 11 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for warn color dark theme"
description: "hex value for warning color dark theme";
example: "\"#FF3B5B\"";
}
];
// hex value for font color dark theme
string font_color_dark = 12 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for font color dark theme"
description: "hex value for font color dark theme";
example: "\"#FFFFFF\"";
}
];
bool disable_watermark = 13;
string logo_url = 14;
string icon_url = 15;
string logo_url_dark = 16;
string icon_url_dark = 17;
string logo_url = 14 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for font color dark theme";
example: "\"https://acme.com/assets/v1/165617850692654601/policy/label/logo-180950416321494657\"";
}
];
string icon_url = 15 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for font color dark theme";
example: "\"https://acme.com/assets/v1/165617850692654601/policy/label/icon-180950498874178817\"";
}
];
string logo_url_dark = 16 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for font color dark theme";
example: "\"https://acme.com/assets/v1/165617850692654601/policy/label/logo-dark-180950229376461345\"";
}
];
string icon_url_dark = 17 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "hex value for font color dark theme";
example: "\"https://acme.com/assets/v1/165617850692654601/policy/label/icon-dark-180950243237405441\"";
}
];
string font_url = 18;
}
@ -122,12 +150,12 @@ message LoginPolicy {
zitadel.v1.ObjectDetails details = 1;
bool allow_username_password = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if a user is allowed to login with his username and password"
description: "defines if a user is allowed to log in with his username and password"
}
];
bool allow_register = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if a person is allowed to register a user on this organisation"
description: "defines if a person is allowed to register a user on this organization"
}
];
bool allow_external_idp = 4 [
@ -137,7 +165,7 @@ message LoginPolicy {
];
bool force_mfa = 5 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if a user MUST use a multi factor to log in"
description: "defines if a user MUST use a multi-factor to log in"
}
];
PasswordlessType passwordless_type = 6 [
@ -147,7 +175,7 @@ message LoginPolicy {
];
bool is_default = 7 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if the organisation's admin changed the policy"
description: "defines if the organization's admin changed the policy"
}
];
bool hide_password_reset = 8 [
@ -157,36 +185,57 @@ message LoginPolicy {
];
bool ignore_unknown_usernames = 9 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if unknown username on login screen directly return an error or always display the password screen"
description: "defines if unknown username on login screen directly returns an error or always displays the password screen"
}
];
string default_redirect_uri = 10 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines where the user will be redirected to if the login is started without app context (e.g. from mail)"
description: "defines where the user will be redirected to if the login is started without app context (e.g. from mail)";
example: "\"https://acme.com/ui/console\"";
}
];
google.protobuf.Duration password_check_lifetime = 11 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"864000s\"";
}
];
google.protobuf.Duration external_login_check_lifetime = 12 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"864000s\"";
}
];
google.protobuf.Duration mfa_init_skip_lifetime = 13 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"2592000s\"";
}
];
google.protobuf.Duration second_factor_check_lifetime = 14 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"64800s\"";
}
];
google.protobuf.Duration multi_factor_check_lifetime = 15 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"43200s\"";
}
];
google.protobuf.Duration password_check_lifetime = 11;
google.protobuf.Duration external_login_check_lifetime = 12;
google.protobuf.Duration mfa_init_skip_lifetime = 13;
google.protobuf.Duration second_factor_check_lifetime = 14;
google.protobuf.Duration multi_factor_check_lifetime = 15;
repeated SecondFactorType second_factors = 16;
repeated MultiFactorType multi_factors = 17;
repeated zitadel.idp.v1.IDPLoginPolicyLink idps = 18;
// If set to true, the suffix (@domain.com) of an unknown username input on the login screen will be matched against the org domains and will redirect to the registration of that organisation on success.
// If set to true, the suffix (@domain.com) of an unknown username input on the login screen will be matched against the org domains and will redirect to the registration of that organization on success.
bool allow_domain_discovery = 19 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "If set to true, the suffix (@domain.com) of an unknown username input on the login screen will be matched against the org domains and will redirect to the registration of that organisation on success."
description: "If set to true, the suffix (@domain.com) of an unknown username input on the login screen will be matched against the org domains and will redirect to the registration of that organization on success."
}
];
bool disable_login_with_email = 20 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if user can additionally (to the loginname) be identified by their verified email address"
description: "defines if the user can additionally (to the login name) be identified by their verified email address"
}
];
bool disable_login_with_phone = 21 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if user can additionally (to the loginname) be identified by their verified phone number"
description: "defines if the user can additionally (to the login name) be identified by their verified phone number"
}
];
}
@ -222,7 +271,7 @@ message PasswordComplexityPolicy {
];
bool has_lowercase = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if the password MUST contain a lower case letter"
description: "defines if the password MUST contain a lowercase letter"
}
];
bool has_number = 5 [
@ -237,7 +286,7 @@ message PasswordComplexityPolicy {
];
bool is_default = 7 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if the organisation's admin changed the policy"
description: "defines if the organization's admin changed the policy"
}
];
}
@ -258,7 +307,7 @@ message PasswordAgePolicy {
];
bool is_default = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if the organisation's admin changed the policy"
description: "defines if the organization's admin changed the policy"
}
];
}
@ -267,23 +316,35 @@ message LockoutPolicy {
zitadel.v1.ObjectDetails details = 1;
uint64 max_password_attempts = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "Maximum password check attempts before the account gets locked. Attempts are reset as soon as the password is entered correct or the password is reset."
description: "Maximum password check attempts before the account gets locked. Attempts are reset as soon as the password is entered correctly or the password is reset."
example: "\"10\""
}
];
bool is_default = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "defines if the organisation's admin changed the policy"
description: "defines if the organization's admin changed the policy"
}
];
}
message PrivacyPolicy {
zitadel.v1.ObjectDetails details = 1;
string tos_link = 2;
string privacy_link = 3;
string tos_link = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://zitadel.com/docs/legal/terms-of-service\"";
}
];
string privacy_link = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://zitadel.com/docs/legal/privacy-policy\"";
}
];
bool is_default = 4;
string help_link = 5;
string help_link = 5 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://zitadel.com/docs/manuals/introduction\"";
}
];
}
message NotificationPolicy {

4
proto/zitadel/project.proto
View File

@ -25,11 +25,11 @@ message Project {
description: "current state of the project";
}
];
// describes if roles of user should be added in token
// describes if the roles of the user should be added to the token
bool project_role_assertion = 5;
// ZITADEL checks if the user has at least one on this project
bool project_role_check = 6;
// ZITADEL checks if the org of the user has permission to this project
// ZITADEL checks if the org of the user has permission for this project
bool has_project_check = 7;
// Defines from where the private labeling should be triggered
PrivateLabelingSetting private_labeling_setting = 8;

39
proto/zitadel/settings.proto
View File

@ -3,6 +3,7 @@ syntax = "proto3";
import "zitadel/object.proto";
import "validate/validate.proto";
import "google/protobuf/duration.proto";
import "protoc-gen-openapiv2/options/annotations.proto";
package zitadel.settings.v1;
@ -11,8 +12,16 @@ option go_package ="github.com/zitadel/zitadel/pkg/grpc/settings";
message SecretGenerator {
SecretGeneratorType generator_type = 1;
zitadel.v1.ObjectDetails details = 2;
uint32 length = 3;
google.protobuf.Duration expiry = 4;
uint32 length = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "6";
}
];
google.protobuf.Duration expiry = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"3600s\"";
}
];
bool include_lower_letters = 5;
bool include_upper_letters = 6;
bool include_digits = 7;
@ -43,11 +52,27 @@ enum SecretGeneratorType {
message SMTPConfig {
zitadel.v1.ObjectDetails details = 1;
string sender_address = 2;
string sender_name = 3;
string sender_address = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"noreply@m.zitadel.cloud\"";
}
];
string sender_name = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"ZITADEL\"";
}
];
bool tls = 4;
string host = 5;
string user = 6;
string host = 5 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"smtp.postmarkapp.com:587\"";
}
];
string user = 6 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"197f0117-529e-443d-bf6c-0292dd9a02b7\"";
}
];
}
message SMSProvider {
@ -88,6 +113,6 @@ message SecurityPolicy {
zitadel.v1.ObjectDetails details = 1;
// states if iframe embedding is enabled or disabled
bool enable_iframe_embedding = 2;
// origins allowed to load ZITADEL in an iframe if enable_iframe_embedding is true
// origins allowed loading ZITADEL in an iframe if enable_iframe_embedding is true
repeated string allowed_origins = 3;
}

10
proto/zitadel/system.proto
View File

@ -32,7 +32,11 @@ option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = {
url: "https://github.com/zitadel/zitadel/blob/main/LICENSE";
};
};
tags: [
{
name: "General"
}
];
schemes: HTTPS;
schemes: HTTP;
@ -45,7 +49,7 @@ option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = {
consumes: "application/grpc-web+proto";
produces: "application/grpc-web+proto";
host: "api.zitadel.ch";
host: "$ZITADEL_DOMAIN";
base_path: "/system/v1";
external_docs: {
@ -86,7 +90,7 @@ service SystemService {
};
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
tags: "probes";
tags: "General";
responses: {
key: "200";
value: {

19
proto/zitadel/text.proto
View File

@ -12,37 +12,44 @@ message MessageCustomText {
zitadel.v1.ObjectDetails details = 1;
string title = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "custom text for email title"
description: "custom text for email title";
example: "\"ZITADEL - Message Title\"";
}
];
string pre_header = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "custom text for email pre header"
description: "custom text for email pre-header";
example: "\"User Message\"";
}
];
string subject = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "custom text for email subject"
description: "custom text for email subject";
example: "\"Message Subject\"";
}
];
string greeting = 5 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "custom text for email greeting"
example: "\"Hello {{.FirstName}} {{.LastName}},\"";
}
];
string text = 6 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "custom text for email text"
example: "\"This is my custom message Text. I can also include some fields, depending on the message type I want to send. {{.FirstName}} {{.LastName}},\"";
}
];
string button_text = 7 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "custom text for email button_text"
description: "custom text for email button_text";
example: "\"Call to action\"";
}
];
string footer_text = 8 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "custom text for email footer_text"
description: "custom text for email footer_text";
example: "\"\"";
}
];
bool is_default = 9;
@ -373,7 +380,7 @@ message ExternalUserNotFoundScreenText {
message SuccessLoginScreenText {
string title = 1 [(validate.rules).string = {max_len: 200}];
// Text to describe that auto redirect should happen after successful login
// Text to describe that auto-redirect should happen after successful login
string auto_redirect_description = 2 [(validate.rules).string = {max_len: 500}];
// Text to describe that the window can be closed after redirect
string redirected_description = 3 [(validate.rules).string = {max_len: 100}];

64
proto/zitadel/user.proto
View File

@ -24,17 +24,17 @@ message User {
];
string user_name = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"mr_long_neck\"";
example: "\"gigi-giraffe\"";
}
];
repeated string login_names = 5 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "[\"gigi@caos.ch\", \"gigi@caos-ag.zitadel.ch\"]";
example: "[\"gigi@zitadel.com\", \"gigi@zitadel.zitadel.ch\"]";
}
];
string preferred_login_name = 6 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"gigi@caos.ch\"";
example: "\"gigi@zitadel.com\"";
}
];
oneof type {
@ -103,7 +103,7 @@ message Profile {
];
string nick_name = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"long_neck\"";
example: "\"gigi-giraffe\"";
}
];
string display_name = 4 [
@ -125,7 +125,7 @@ message Profile {
];
string avatar_url = 7 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "avatar url of the user"
description: "avatar URL of the user"
example: "\"https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32\"";
}
];
@ -135,7 +135,7 @@ message Email {
string email = 1 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)"
example: "\"gigi@caos.ch\"";
example: "\"gigi@zitadel.com\"";
}
];
bool is_email_verified = 2 [
@ -192,7 +192,7 @@ message UserNameQuery {
(validate.rules).string = {max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
max_length: 200;
example: "\"mr_long_neck\"";
example: "\"gigi-giraffe\"";
}
];
zitadel.v1.TextQueryMethod method = 2 [
@ -267,7 +267,7 @@ message EmailQuery {
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)"
max_length: 200;
example: "\"gigi@caos.ch\"";
example: "\"gigi@zitadel.com\"";
}
];
zitadel.v1.TextQueryMethod method = 2 [
@ -294,7 +294,7 @@ message LoginNameQuery {
];
}
//UserStateQuery is always equals
//UserStateQuery always equals
message StateQuery {
UserState state = 1 [
(validate.rules).enum.defined_only = true,
@ -304,7 +304,7 @@ message StateQuery {
];
}
//UserTypeQuery is always equals
//UserTypeQuery always equals
message TypeQuery {
Type type = 1 [
(validate.rules).enum.defined_only = true,
@ -342,12 +342,12 @@ message AuthFactor {
oneof type {
AuthFactorOTP otp = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "one of type use otp or u2f"
description: "one type use OTP or U2F"
}
];
AuthFactorU2F u2f = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "one of type use otp or u2f"
description: "one type use OTP or U2F"
}
];
}
@ -379,6 +379,7 @@ message WebAuthNKey {
bytes public_key = 1 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "json representation of public key credential creation options used by the webauthn client"
example: "\"eyJwdWJsaWNLZXkiOnsiY2hhbGxlbmdlIoplfZm4vM21qSzBPdjltN2x6VWhnclYyejFJSlVzZnpLd0Z1TytWTWtzRW1Icz0iLCJycCI6eyJuYW1lIjoiWklUQURFTCIsImlkIjoiYWNtZS1nem9lNHgueml0YWRlbC5jbG91ZCJ9LCJ1c2VyIjp7Im5hbWUiOiJ0ZXN0dXNlcjU1QGFjbWUueml0YWRlbC5jbG91ZCIsImRpc3BsYXlOYW1lIjoiVGVzdCBUZXN0IiwiaWQiOiJNVGd5TVRVMk1qWTBNakk1TXpBMk5qSTEifSwicHViS2V5Q3JlZFBhcmFtcyI6W3sidHlwZSI6InB1YmxpYy1rZXkiLCJhbGciOi03fSx7InR5cGUiOiJwdWJsaWMta2V5IiwiYWxnIjotMzV9LHsidHlwZSI6InB1YmxpYy1rZXkiLCJhbGciOi0zNn0seyJ0eXBlIjoicHVibGljLWtleSIsImFsZyI6LTI1N30seyJ0eXBlIjoicHVibGljLWtleSIsImFsZyI6LTI1OH0seyJ0eXBlIjoicHVibGljLWtleSIsImFsZyI6LTI1OX0seyJ0eXBlIjoicHVibGljLWtleSIsImFsZyI6LTM3fSx7InR5cGUiOiJwdWJsaWMta2V5IiwiYWxnIjotMzh9LHsidHlwZSI6InB1YmxpYy1rZXkiLCJhbGciOi0zOX0seyJ0eXBlIjoicHVibGljLWtleSIsImFsZyI6LTh9XSwiYXV0aGVudGljYXRvclNlbGVjdGlvbiI6eyJ1c2VyVmVyaWZpY2F0aW9uIjoiZGlzY291cmFnZWQifn2ilGltZW91dCI6NjAwMDAsImF0dGVzdGF0aW9uIjoibm9uZSJ9fQ==\""
}
];
}
@ -387,9 +388,9 @@ message WebAuthNVerification {
bytes public_key_credential = 1 [
(validate.rules).bytes.min_len = 55,
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "json representation of public key credential issued by the webauthn client";
description: "JSON representation of public key credential issued by the webauthn client";
min_length: 55;
max_length: 1048576; //1 mb
max_length: 1048576; //1 MB
}
];
string token_name = 2 [
@ -475,7 +476,7 @@ message MembershipQuery {
}
}
// this query is always equals
// this query always equals
message MembershipOrgQuery {
string org_id = 1 [
(validate.rules).string = {max_len: 200},
@ -485,7 +486,7 @@ message MembershipOrgQuery {
];
}
// this query is always equals
// this query always equals
message MembershipProjectQuery {
string project_id = 1 [
(validate.rules).string = {max_len: 200},
@ -495,7 +496,7 @@ message MembershipProjectQuery {
];
}
// this query is always equals
// this query always equals
message MembershipProjectGrantQuery {
string project_grant_id = 1 [
(validate.rules).string = {max_len: 200},
@ -505,7 +506,7 @@ message MembershipProjectGrantQuery {
];
}
// this query is always equals
// this query always equals
message MembershipIAMQuery {
bool iam = 1;
}
@ -533,12 +534,12 @@ message Session {
];
string user_name = 5 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"mr_long_neck\"";
example: "\"gigi-giraffe\"";
}
];
string login_name = 7 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"gigi@caos.ch\"";
example: "\"gigi@zitadel.com\"";
}
];
string display_name = 8 [
@ -550,7 +551,7 @@ message Session {
zitadel.v1.ObjectDetails details = 9;
string avatar_url = 10 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "avatar url of the user"
description: "avatar URL of the user"
example: "\"https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32\"";
}
];
@ -577,16 +578,19 @@ message RefreshToken {
];
google.protobuf.Timestamp auth_time = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"2023-02-13T08:45:00.000000Z\"";
description: "\"time when the user authenticated, does not have to be the same time the token was created\""
}
];
google.protobuf.Timestamp idle_expiration = 5 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"2023-02-14T08:45:00.000000Z\"";
description: "\"time the refresh token will expire if not used, the user will have to reauthenticate\""
}
];
google.protobuf.Timestamp expiration = 6 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"2023-02-14T08:45:00.000000Z\"";
description: "\"time the refresh token will expire, the user will have to reauthenticate\""
}
];
@ -651,7 +655,7 @@ message UserGrant {
];
string user_name = 6 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"mr_long_neck\"";
example: "\"gigi-giraffe\"";
}
];
string first_name = 7 [
@ -668,7 +672,7 @@ message UserGrant {
(validate.rules).string.email = true,
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)"
example: "\"gigi@caos.ch\"";
example: "\"gigi@zitadel.com\"";
}
];
string display_name = 10 [
@ -685,12 +689,12 @@ message UserGrant {
];
string org_name = 12 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"CAOS AG\"";
example: "\"ZITADEL\"";
}
];
string org_domain = 13 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"caos.ch\"";
example: "\"zitadel.cloud\"";
}
];
string project_id = 14 [
@ -710,13 +714,13 @@ message UserGrant {
];
string avatar_url = 17 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "avatar url of the user"
example: "\"https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32\"";
description: "avatar URL of the user"
example: "\"{your-domain}/assets/v1/avatar-32432jkh4kj32\"";
}
];
string preferred_login_name = 18 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"gigi@caos.ch\"";
example: "\"gigi@zitadel.com\"";
}
];
}
@ -798,7 +802,7 @@ message UserGrantUserNameQuery {
string user_name = 1 [
(validate.rules).string = {max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"mr_long_neck\""
example: "\"gigi-giraffe\""
}
];
zitadel.v1.TextQueryMethod method = 2 [
@ -843,7 +847,7 @@ message UserGrantEmailQuery {
string email = 1 [
(validate.rules).string = {max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"gigi@caos.ch\""
example: "\"gigi@zitadel.com\""
}
];
zitadel.v1.TextQueryMethod method = 2 [

4
proto/zitadel/v1.proto
View File

@ -33,9 +33,9 @@ message AddCustomOrgIAMPolicyRequest {
];
bool user_login_must_be_domain = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "the username has to end with the domain of it's organisation"
description: "the username has to end with the domain of its organization"
}
]; // the username has to end with the domain of it's organisation (uniqueness is organisation based)
]; // the username has to end with the domain of its organization (uniqueness is organization based)
}
message ImportDataOrg {
repeated DataOrg orgs = 1;