mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-11 17:57:33 +00:00
fix: add api docs and http handler for openapi files (#1526)
* tests * chore: set vars for platform in dockerfile * simplyfy generate * correct dockerfile * add openapi to gitignore * object files * protos * update protoc version * admin only secuity missing * texts * start secutiry * add handler * add description * add descriptions and remove adddress * default limit * add mapping for openapi * generate statik for openapi * remove address converter * executable * operator test Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
Silvan
File diff suppressed because it is too large
Load Diff
@@ -4,16 +4,29 @@ import "zitadel/object.proto";
|
||||
import "zitadel/message.proto";
|
||||
import "google/protobuf/duration.proto";
|
||||
import "validate/validate.proto";
|
||||
import "protoc-gen-openapiv2/options/annotations.proto";
|
||||
|
||||
package zitadel.app.v1;
|
||||
|
||||
option go_package ="github.com/caos/zitadel/pkg/grpc/app";
|
||||
|
||||
message App {
|
||||
string id = 1;
|
||||
string id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
AppState state = 3;
|
||||
string name = 4;
|
||||
AppState state = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "current state of the application";
|
||||
}
|
||||
];
|
||||
string name = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Console\"";
|
||||
}
|
||||
];
|
||||
oneof config {
|
||||
OIDCConfig oidc_config = 5;
|
||||
APIConfig api_config = 6;
|
||||
@@ -35,28 +48,112 @@ message AppQuery {
|
||||
}
|
||||
|
||||
message AppNameQuery {
|
||||
string name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Conso\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message OIDCConfig {
|
||||
repeated string redirect_uris = 1;
|
||||
repeated OIDCResponseType response_types = 2;
|
||||
repeated OIDCGrantType grant_types = 3;
|
||||
OIDCAppType app_type = 4;
|
||||
string client_id = 5;
|
||||
string client_secret = 6;
|
||||
OIDCAuthMethodType auth_method_type = 7;
|
||||
repeated string post_logout_redirect_uris = 8;
|
||||
OIDCVersion version = 9;
|
||||
bool none_compliant = 10;
|
||||
repeated zitadel.v1.LocalizedMessage compliance_problems = 11;
|
||||
bool dev_mode = 12;
|
||||
OIDCTokenType access_token_type = 13;
|
||||
bool access_token_role_assertion = 14;
|
||||
bool id_token_role_assertion = 15;
|
||||
bool id_token_userinfo_assertion = 16;
|
||||
google.protobuf.Duration clock_skew = 17;
|
||||
repeated string redirect_uris = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "[\"console.zitadel.ch/authorized\"]";
|
||||
description: "Callback URI of the authorization request where the code or tokens will be sent to";
|
||||
}
|
||||
];
|
||||
repeated OIDCResponseType response_types = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "Determines whether a code, id_token token or just id_token will be returned"
|
||||
}
|
||||
];
|
||||
repeated OIDCGrantType grant_types = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "The flow type the application uses to gain access";
|
||||
}
|
||||
];
|
||||
OIDCAppType app_type = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "determines the paradigm of the application";
|
||||
}
|
||||
];
|
||||
string client_id = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334@ZITADEL\"";
|
||||
description: "generated oauth2/oidc client id";
|
||||
}
|
||||
];
|
||||
string client_secret = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gjöq34589uasgh\"";
|
||||
description: "generated secret for this config";
|
||||
}
|
||||
];
|
||||
OIDCAuthMethodType auth_method_type = 7 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines how the application passes login credentials";
|
||||
}
|
||||
];
|
||||
repeated string post_logout_redirect_uris = 8 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "[\"console.zitadel.ch/logout\"]";
|
||||
description: "ZITADEL will redirect to this link after a successful logout";
|
||||
}
|
||||
];
|
||||
OIDCVersion version = 9 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the oidc version used by the application";
|
||||
}
|
||||
];
|
||||
bool none_compliant = 10 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "specifies wheter the config is oidc compliant. A production configuration SHOULD be compliant";
|
||||
}
|
||||
];
|
||||
repeated zitadel.v1.LocalizedMessage compliance_problems = 11 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "lists the problems for non compliancy";
|
||||
}
|
||||
];
|
||||
bool dev_mode = 12 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "used for development";
|
||||
}
|
||||
];
|
||||
OIDCTokenType access_token_type = 13 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "type of the access token returned from ZITADEL";
|
||||
}
|
||||
];
|
||||
bool access_token_role_assertion = 14 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "adds roles to the claims of the access token (only if type == jwt) even if they are not requested by scopes";
|
||||
}
|
||||
];
|
||||
bool id_token_role_assertion = 15 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "adds roles to the claims of the id token even if they are not requested by scopes";
|
||||
}
|
||||
];
|
||||
bool id_token_userinfo_assertion = 16 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "claims of profile, email, address and phone scopes are added to the id token even if an access token is issued. Attention this violates the oidc specification";
|
||||
}
|
||||
];
|
||||
google.protobuf.Duration clock_skew = 17 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "Used to compensate time difference of servers. Duration added to the \"exp\" claim and substracted from \"iat\", \"auth_time\" and \"nbf\" claims";
|
||||
// min: "0s";
|
||||
// max: "5s";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum OIDCResponseType {
|
||||
@@ -99,7 +196,21 @@ enum APIAuthMethodType {
|
||||
}
|
||||
|
||||
message APIConfig {
|
||||
string client_id = 1;
|
||||
string client_secret = 2;
|
||||
APIAuthMethodType auth_method_type = 3;
|
||||
string client_id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334@ZITADEL\"";
|
||||
description: "generated oauth2/oidc client_id";
|
||||
}
|
||||
];
|
||||
string client_secret = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gjöq34589uasgh\"";
|
||||
description: "generated secret for this config";
|
||||
}
|
||||
];
|
||||
APIAuthMethodType auth_method_type = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines how the api passes the login credentials";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
@@ -416,7 +416,11 @@ message GetMyUserRequest {}
|
||||
|
||||
message GetMyUserResponse {
|
||||
zitadel.user.v1.User user = 1;
|
||||
google.protobuf.Timestamp last_login = 2;
|
||||
google.protobuf.Timestamp last_login = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "The timestamp of the last successful login";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message ListMyUserChangesRequest {
|
||||
@@ -542,6 +546,7 @@ message RemoveMyPhoneResponse {
|
||||
}
|
||||
|
||||
message ListMyLinkedIDPsRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 1;
|
||||
//PLANNED: queries for idp name and login name
|
||||
}
|
||||
@@ -641,6 +646,7 @@ message RemoveMyPasswordlessResponse {
|
||||
}
|
||||
|
||||
message ListMyUserGrantsRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 1;
|
||||
}
|
||||
|
||||
@@ -659,7 +665,9 @@ message UserGrant {
|
||||
}
|
||||
|
||||
message ListMyProjectOrgsRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 1;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.org.v1.OrgQuery queries = 2;
|
||||
}
|
||||
|
||||
|
||||
@@ -2,16 +2,30 @@ syntax = "proto3";
|
||||
|
||||
import "zitadel/object.proto";
|
||||
import "google/protobuf/timestamp.proto";
|
||||
import "protoc-gen-openapiv2/options/annotations.proto";
|
||||
|
||||
package zitadel.authn.v1;
|
||||
|
||||
option go_package ="github.com/caos/zitadel/pkg/grpc/authn";
|
||||
|
||||
message Key {
|
||||
string id = 1;
|
||||
string id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
KeyType type = 3;
|
||||
google.protobuf.Timestamp expiration_date = 4;
|
||||
KeyType type = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the file type of the key";
|
||||
}
|
||||
];
|
||||
google.protobuf.Timestamp expiration_date = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the date a key will expire";
|
||||
example: "\"3019-04-01T08:45:00.000000Z\"";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum KeyType {
|
||||
|
||||
@@ -2,22 +2,61 @@ syntax = "proto3";
|
||||
|
||||
import "google/protobuf/timestamp.proto";
|
||||
import "zitadel/message.proto";
|
||||
import "protoc-gen-openapiv2/options/annotations.proto";
|
||||
|
||||
package zitadel.change.v1;
|
||||
|
||||
option go_package ="github.com/caos/zitadel/pkg/grpc/change";
|
||||
|
||||
message Change {
|
||||
google.protobuf.Timestamp change_date = 1;
|
||||
google.protobuf.Timestamp change_date = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the creation date of an event";
|
||||
example: "\"2019-04-01T08:45:00.000000Z\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.LocalizedMessage event_type = 2;
|
||||
uint64 sequence = 3;
|
||||
string editor_id = 4;
|
||||
string editor_display_name = 5;
|
||||
string resource_owner_id = 6;
|
||||
uint64 sequence = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"2\"";
|
||||
}
|
||||
];
|
||||
string editor_id = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the id of the user who created the event";
|
||||
example: "\"69629023906488334\"";
|
||||
}
|
||||
];
|
||||
string editor_display_name = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the display name of the editor";
|
||||
example: "\"Gigi Giraffe\"";
|
||||
}
|
||||
];
|
||||
string resource_owner_id = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the organisation the event belongs to";
|
||||
example: "\"69629023906488334\"";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message ChangeQuery {
|
||||
uint64 sequence = 1;
|
||||
uint32 limit = 2;
|
||||
bool asc = 3;
|
||||
//sequence represents the order of events. It's always upcounting
|
||||
uint64 sequence = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"2\"";
|
||||
}
|
||||
];
|
||||
uint32 limit = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "20";
|
||||
description: "Maximum amount of events returned. Default is set to 1000 in https://github.com/caos/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If no limit is set or the limit exeeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.";
|
||||
}
|
||||
];
|
||||
bool asc = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "default is descending"
|
||||
}
|
||||
];
|
||||
}
|
||||
@@ -2,36 +2,100 @@ syntax = "proto3";
|
||||
|
||||
import "zitadel/object.proto";
|
||||
import "validate/validate.proto";
|
||||
import "protoc-gen-openapiv2/options/annotations.proto";
|
||||
|
||||
package zitadel.idp.v1;
|
||||
|
||||
option go_package ="github.com/caos/zitadel/pkg/grpc/idp";
|
||||
|
||||
message IDP {
|
||||
string id = 1;
|
||||
string id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
IDPState state = 3;
|
||||
string name = 4;
|
||||
IDPStylingType styling_type = 5;
|
||||
IDPOwnerType owner = 6;
|
||||
IDPState state = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the state of the identity provider";
|
||||
}
|
||||
];
|
||||
string name = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"google\"";
|
||||
}
|
||||
];
|
||||
IDPStylingType styling_type = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "some identity providers specify the styling of the button to their login";
|
||||
}
|
||||
];
|
||||
IDPOwnerType owner = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the administrator of this identity provider";
|
||||
}
|
||||
];
|
||||
oneof config {
|
||||
OIDCConfig oidc_config = 7;
|
||||
}
|
||||
}
|
||||
|
||||
message IDPUserLink {
|
||||
string user_id = 1;
|
||||
string idp_id = 2;
|
||||
string idp_name = 3;
|
||||
string provided_user_id = 4;
|
||||
string provided_user_name = 5;
|
||||
IDPType idp_type = 6;
|
||||
string user_id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\"";
|
||||
description: "the id of the user"
|
||||
}
|
||||
];
|
||||
string idp_id = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\"";
|
||||
description: "the id of the identity provider";
|
||||
}
|
||||
];
|
||||
string idp_name = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"google\"";
|
||||
description: "the name of the identity provider";
|
||||
}
|
||||
];
|
||||
string provided_user_id = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"as-12-df-89\"";
|
||||
description: "the id of the user provided by the identity provider";
|
||||
}
|
||||
];
|
||||
string provided_user_name = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gigi.long-neck@gmail.com\"";
|
||||
description: "the id of the identity provider";
|
||||
}
|
||||
];
|
||||
IDPType idp_type = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the authorization framework of the identity provider";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message IDPLoginPolicyLink {
|
||||
string idp_id = 1;
|
||||
string idp_name = 2;
|
||||
IDPType idp_type = 3;
|
||||
string idp_id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\"";
|
||||
description: "the id of the identity provider"
|
||||
}
|
||||
];
|
||||
string idp_name = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"google\"";
|
||||
description: "the name of the identity provider"
|
||||
}
|
||||
];
|
||||
IDPType idp_type = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the authorization framework of the identity provider";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum IDPState {
|
||||
@@ -45,24 +109,50 @@ enum IDPStylingType {
|
||||
STYLING_TYPE_GOOGLE = 1;
|
||||
}
|
||||
|
||||
// authorization framework of the identity provider
|
||||
enum IDPType {
|
||||
IDP_TYPE_UNSPECIFIED = 0;
|
||||
IDP_TYPE_OIDC = 1;
|
||||
//PLANNED: IDP_TYPE_SAML
|
||||
}
|
||||
|
||||
// the owner of the identity provider.
|
||||
enum IDPOwnerType {
|
||||
IDP_OWNER_TYPE_UNSPECIFIED = 0;
|
||||
// system is managed by the ZITADEL administrators
|
||||
IDP_OWNER_TYPE_SYSTEM = 1;
|
||||
// org is managed by de organisation administrators
|
||||
IDP_OWNER_TYPE_ORG = 2;
|
||||
}
|
||||
|
||||
message OIDCConfig {
|
||||
string client_id = 1;
|
||||
string issuer = 2;
|
||||
repeated string scopes = 3;
|
||||
OIDCMappingField display_name_mapping = 4;
|
||||
OIDCMappingField username_mapping = 5;
|
||||
string client_id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "client id generated by the identity provider";
|
||||
}
|
||||
];
|
||||
string issuer = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"https://accounts.google.com\"";
|
||||
description: "the oidc issuer of the identity provider";
|
||||
}
|
||||
];
|
||||
repeated string scopes = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "[\"openid\", \"profile\", \"email\"]";
|
||||
description: "the scopes requested by ZITADEL during the request on the identity provider";
|
||||
}
|
||||
];
|
||||
OIDCMappingField display_name_mapping = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "definition which field is mapped to the display name of the user";
|
||||
}
|
||||
];
|
||||
OIDCMappingField username_mapping = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "definition which field is mapped to the email of the user";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum OIDCMappingField {
|
||||
@@ -72,16 +162,36 @@ enum OIDCMappingField {
|
||||
}
|
||||
|
||||
message IDPIDQuery {
|
||||
string id = 1 [(validate.rules).string = {max_len: 200}];
|
||||
string id = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\"";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message IDPNameQuery {
|
||||
string name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"google\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message IDPOwnerTypeQuery {
|
||||
IDPOwnerType owner_type = 1 [(validate.rules).enum = {defined_only: true}];
|
||||
IDPOwnerType owner_type = 1 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "search for custom or global identity providers";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum IDPFieldName {
|
||||
|
||||
@@ -1857,8 +1857,11 @@ message GetUserByLoginNameGlobalResponse {
|
||||
}
|
||||
|
||||
message ListUsersRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 1;
|
||||
// the field the result is sorted
|
||||
zitadel.user.v1.UserFieldName sorting_column = 2;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.user.v1.SearchQuery queries = 3;
|
||||
}
|
||||
|
||||
@@ -1869,6 +1872,7 @@ message ListUsersResponse {
|
||||
}
|
||||
|
||||
message ListUserChangesRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.change.v1.ChangeQuery query = 1;
|
||||
string user_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
}
|
||||
@@ -2196,6 +2200,7 @@ message GetMachineKeyByIDsResponse {
|
||||
|
||||
message ListMachineKeysRequest {
|
||||
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 2;
|
||||
}
|
||||
|
||||
@@ -2207,7 +2212,12 @@ message ListMachineKeysResponse {
|
||||
message AddMachineKeyRequest {
|
||||
string user_id = 1 [(validate.rules).string.min_len = 1];
|
||||
zitadel.authn.v1.KeyType type = 2 [(validate.rules).enum = {defined_only: true, not_in: [0]}];
|
||||
google.protobuf.Timestamp expiration_date = 3;
|
||||
google.protobuf.Timestamp expiration_date = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"2519-04-01T08:45:00.000000Z\"";
|
||||
description: "The date the key will expire and no logins will be possible";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message AddMachineKeyResponse {
|
||||
@@ -2227,6 +2237,7 @@ message RemoveMachineKeyResponse {
|
||||
|
||||
message ListHumanLinkedIDPsRequest {
|
||||
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 2;
|
||||
}
|
||||
|
||||
@@ -2246,8 +2257,11 @@ message RemoveHumanLinkedIDPResponse {
|
||||
}
|
||||
|
||||
message ListUserMembershipsRequest {
|
||||
//list limitations and ordering
|
||||
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
//the field the result is sorted
|
||||
zitadel.v1.ListQuery query = 2;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.user.v1.MembershipQuery queries = 3;
|
||||
}
|
||||
|
||||
@@ -2267,6 +2281,7 @@ message GetOrgByDomainGlobalRequest {
|
||||
}
|
||||
|
||||
message ListOrgChangesRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.change.v1.ChangeQuery query = 1;
|
||||
}
|
||||
|
||||
@@ -2301,7 +2316,9 @@ message ReactivateOrgResponse {
|
||||
}
|
||||
|
||||
message ListOrgDomainsRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 1;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.org.v1.DomainSearchQuery queries = 2;
|
||||
}
|
||||
|
||||
@@ -2359,12 +2376,16 @@ message ListOrgMemberRolesResponse {
|
||||
}
|
||||
|
||||
message ListOrgMembersRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 1;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.member.v1.SearchQuery queries = 2;
|
||||
}
|
||||
|
||||
message ListOrgMembersResponse {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListDetails details = 1;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.member.v1.Member result = 2;
|
||||
}
|
||||
|
||||
@@ -2411,7 +2432,9 @@ message GetGrantedProjectByIDResponse {
|
||||
}
|
||||
|
||||
message ListProjectsRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 1;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.project.v1.ProjectQuery queries = 2;
|
||||
}
|
||||
|
||||
@@ -2421,7 +2444,9 @@ message ListProjectsResponse {
|
||||
}
|
||||
|
||||
message ListGrantedProjectsRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 1;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.project.v1.ProjectQuery queries = 2;
|
||||
}
|
||||
|
||||
@@ -2431,6 +2456,7 @@ message ListGrantedProjectsResponse {
|
||||
}
|
||||
|
||||
message ListProjectChangesRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.change.v1.ChangeQuery query = 1;
|
||||
string project_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
}
|
||||
@@ -2541,7 +2567,9 @@ message RemoveProjectRoleResponse {
|
||||
|
||||
message ListProjectRolesRequest {
|
||||
string project_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 2;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.project.v1.RoleQuery queries = 3;
|
||||
}
|
||||
|
||||
@@ -2552,7 +2580,9 @@ message ListProjectRolesResponse {
|
||||
|
||||
message ListProjectMembersRequest {
|
||||
string project_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 2;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.member.v1.SearchQuery queries = 3;
|
||||
}
|
||||
|
||||
@@ -2601,7 +2631,9 @@ message GetAppByIDResponse {
|
||||
|
||||
message ListAppsRequest {
|
||||
string project_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 2;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.app.v1.AppQuery queries = 3;
|
||||
}
|
||||
|
||||
@@ -2611,6 +2643,7 @@ message ListAppsResponse {
|
||||
}
|
||||
|
||||
message ListAppChangesRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.change.v1.ChangeQuery query = 1;
|
||||
string project_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string app_id = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
@@ -2642,8 +2675,18 @@ message AddOIDCAppRequest {
|
||||
message AddOIDCAppResponse {
|
||||
string app_id = 1;
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
string client_id = 3;
|
||||
string client_secret = 4;
|
||||
string client_id = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gjöq34589uasgh\"";
|
||||
description: "generated secret for this config";
|
||||
}
|
||||
];
|
||||
string client_secret = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gjöq34589uasgh\"";
|
||||
description: "generated secret for this config";
|
||||
}
|
||||
];
|
||||
bool none_compliant = 5;
|
||||
repeated zitadel.v1.LocalizedMessage compliance_problems = 6;
|
||||
}
|
||||
@@ -2657,8 +2700,18 @@ message AddAPIAppRequest {
|
||||
message AddAPIAppResponse {
|
||||
string app_id = 1;
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
string client_id = 3;
|
||||
string client_secret = 4;
|
||||
string client_id = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gjöq34589uasgh\"";
|
||||
description: "generated secret for this config";
|
||||
}
|
||||
];
|
||||
string client_secret = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gjöq34589uasgh\"";
|
||||
description: "generated secret for this config";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UpdateAppRequest {
|
||||
@@ -2736,7 +2789,12 @@ message RegenerateOIDCClientSecretRequest {
|
||||
}
|
||||
|
||||
message RegenerateOIDCClientSecretResponse {
|
||||
string client_secret = 1;
|
||||
string client_secret = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gjöq34589uasgh\"";
|
||||
description: "generated secret for the client";
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
}
|
||||
|
||||
@@ -2761,6 +2819,7 @@ message GetAppKeyResponse {
|
||||
}
|
||||
|
||||
message ListAppKeysRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 1;
|
||||
string app_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string project_id = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
@@ -2774,7 +2833,12 @@ message AddAppKeyRequest {
|
||||
string project_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string app_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
zitadel.authn.v1.KeyType type = 3 [(validate.rules).enum = {defined_only: true, not_in: [0]}];
|
||||
google.protobuf.Timestamp expiration_date = 4;
|
||||
google.protobuf.Timestamp expiration_date = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"2519-04-01T08:45:00.000000Z\"";
|
||||
description: "The date the key will expire and no logins will be possible";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message AddAppKeyResponse {
|
||||
@@ -2804,7 +2868,9 @@ message GetProjectGrantByIDResponse {
|
||||
|
||||
message ListProjectGrantsRequest {
|
||||
string project_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 2;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.project.v1.ProjectGrantQuery queries = 3;
|
||||
}
|
||||
|
||||
@@ -2872,7 +2938,9 @@ message ListProjectGrantMemberRolesResponse {
|
||||
message ListProjectGrantMembersRequest {
|
||||
string project_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string grant_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 3;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.member.v1.SearchQuery queries = 4;
|
||||
}
|
||||
|
||||
@@ -2923,7 +2991,9 @@ message GetUserGrantByIDResponse {
|
||||
}
|
||||
|
||||
message ListUserGrantRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 1;
|
||||
//criterias the client is looking for
|
||||
repeated zitadel.user.v1.UserGrantQuery queries = 2;
|
||||
}
|
||||
|
||||
@@ -3246,7 +3316,11 @@ message GetDefaultLabelPolicyResponse {
|
||||
message AddCustomLabelPolicyRequest {
|
||||
string primary_color = 1 [(validate.rules).string = {min_len: 1, max_len: 50}];
|
||||
string secondary_color = 2 [(validate.rules).string = {min_len: 1, max_len: 50}];
|
||||
bool hide_login_name_suffix = 3;
|
||||
bool hide_login_name_suffix = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "hides the org suffix on the login form if the scope \"urn:zitadel:iam:org:domain:primary:{domainname}\" is set. Details about this scope in https://docs.zitadel.ch/architecture#Reserved_Scopes";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message AddCustomLabelPolicyResponse {
|
||||
@@ -3256,7 +3330,11 @@ message AddCustomLabelPolicyResponse {
|
||||
message UpdateCustomLabelPolicyRequest {
|
||||
string primary_color = 1 [(validate.rules).string = {min_len: 1, max_len: 50}];
|
||||
string secondary_color = 2 [(validate.rules).string = {min_len: 1, max_len: 50}];
|
||||
bool hide_login_name_suffix = 3;
|
||||
bool hide_login_name_suffix = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "hides the org suffix on the login form if the scope \"urn:zitadel:iam:org:domain:primary:{domainname}\" is set. Details about this scope in https://docs.zitadel.ch/architecture#Reserved_Scopes";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UpdateCustomLabelPolicyResponse {
|
||||
@@ -3278,8 +3356,11 @@ message GetOrgIDPByIDResponse {
|
||||
}
|
||||
|
||||
message ListOrgIDPsRequest {
|
||||
//list limitations and ordering
|
||||
zitadel.v1.ListQuery query = 1;
|
||||
//the field the result is sorted
|
||||
zitadel.idp.v1.IDPFieldName sorting_column = 2;
|
||||
//criterias the client is looking for
|
||||
repeated IDPQuery queries = 3;
|
||||
}
|
||||
|
||||
@@ -3300,15 +3381,56 @@ message ListOrgIDPsResponse {
|
||||
}
|
||||
|
||||
message AddOrgOIDCIDPRequest {
|
||||
string name = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
zitadel.idp.v1.IDPStylingType styling_type = 2 [(validate.rules).enum = {defined_only: true}];
|
||||
string name = 1 [
|
||||
(validate.rules).string = {min_len: 1, max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"google\"";
|
||||
}
|
||||
];
|
||||
zitadel.idp.v1.IDPStylingType styling_type = 2 [
|
||||
(validate.rules).enum = {defined_only: true},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "some identity providers specify the styling of the button to their login";
|
||||
}
|
||||
];
|
||||
|
||||
string client_id = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string client_secret = 4 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string issuer = 5 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
repeated string scopes = 6;
|
||||
zitadel.idp.v1.OIDCMappingField display_name_mapping = 7 [(validate.rules).enum = {defined_only: true}];
|
||||
zitadel.idp.v1.OIDCMappingField username_mapping = 8 [(validate.rules).enum = {defined_only: true}];
|
||||
string client_id = 3 [
|
||||
(validate.rules).string = {min_len: 1, max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "client id generated by the identity provider";
|
||||
}
|
||||
];
|
||||
string client_secret = 4 [
|
||||
(validate.rules).string = {min_len: 1, max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "client secret generated by the identity provider";
|
||||
}
|
||||
];
|
||||
string issuer = 5 [
|
||||
(validate.rules).string = {min_len: 1, max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"https://accounts.google.com\"";
|
||||
description: "the oidc issuer of the identity provider";
|
||||
}
|
||||
];
|
||||
repeated string scopes = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "[\"openid\", \"profile\", \"email\"]";
|
||||
description: "the scopes requested by ZITADEL during the request on the identity provider";
|
||||
}
|
||||
];
|
||||
zitadel.idp.v1.OIDCMappingField display_name_mapping = 7 [
|
||||
(validate.rules).enum = {defined_only: true},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "definition which field is mapped to the display name of the user";
|
||||
}
|
||||
];
|
||||
zitadel.idp.v1.OIDCMappingField username_mapping = 8 [
|
||||
(validate.rules).enum = {defined_only: true},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "definition which field is mapped to the email of the user";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message AddOrgOIDCIDPResponse {
|
||||
@@ -3340,8 +3462,18 @@ message RemoveOrgIDPResponse {}
|
||||
|
||||
message UpdateOrgIDPRequest {
|
||||
string idp_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
zitadel.idp.v1.IDPStylingType styling_type = 3 [(validate.rules).enum = {defined_only: true}];
|
||||
string name = 2 [
|
||||
(validate.rules).string = {min_len: 1, max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"google\"";
|
||||
}
|
||||
];
|
||||
zitadel.idp.v1.IDPStylingType styling_type = 3 [
|
||||
(validate.rules).enum = {defined_only: true},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "some identity providers specify the styling of the button to their login";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UpdateOrgIDPResponse {
|
||||
@@ -3349,14 +3481,50 @@ message UpdateOrgIDPResponse {
|
||||
}
|
||||
|
||||
message UpdateOrgIDPOIDCConfigRequest {
|
||||
string idp_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string idp_id = 1 [
|
||||
(validate.rules).string = {min_len: 1, max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\"";
|
||||
}
|
||||
];
|
||||
|
||||
string client_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string client_secret = 3 [(validate.rules).string = {max_len: 200}];
|
||||
string issuer = 4 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
repeated string scopes = 5;
|
||||
zitadel.idp.v1.OIDCMappingField display_name_mapping = 6 [(validate.rules).enum = {defined_only: true}];
|
||||
zitadel.idp.v1.OIDCMappingField username_mapping = 7 [(validate.rules).enum = {defined_only: true}];
|
||||
string client_id = 2 [
|
||||
(validate.rules).string = {min_len: 1, max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "client id generated by the identity provider";
|
||||
}
|
||||
];
|
||||
string client_secret = 3 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "client secret generated by the identity provider. If empty the secret is not overwritten";
|
||||
}
|
||||
];
|
||||
string issuer = 4 [
|
||||
(validate.rules).string = {min_len: 1, max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"https://accounts.google.com\"";
|
||||
description: "the oidc issuer of the identity provider";
|
||||
}
|
||||
];
|
||||
repeated string scopes = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "[\"openid\", \"profile\", \"email\"]";
|
||||
description: "the scopes requested by ZITADEL during the request on the identity provider";
|
||||
}
|
||||
];
|
||||
zitadel.idp.v1.OIDCMappingField display_name_mapping = 6 [
|
||||
(validate.rules).enum = {defined_only: true},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "definition which field is mapped to the display name of the user";
|
||||
}
|
||||
];
|
||||
zitadel.idp.v1.OIDCMappingField username_mapping = 7 [
|
||||
(validate.rules).enum = {defined_only: true},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "definition which field is mapped to the email of the user";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UpdateOrgIDPOIDCConfigResponse {
|
||||
|
||||
@@ -2,20 +2,55 @@ syntax = "proto3";
|
||||
|
||||
import "zitadel/object.proto";
|
||||
import "validate/validate.proto";
|
||||
import "protoc-gen-openapiv2/options/annotations.proto";
|
||||
|
||||
package zitadel.member.v1;
|
||||
|
||||
option go_package ="github.com/caos/zitadel/pkg/grpc/member";
|
||||
|
||||
message Member {
|
||||
string user_id = 1;
|
||||
string user_id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
repeated string roles = 3;
|
||||
string preferred_login_name = 4;
|
||||
string email = 5;
|
||||
string first_name = 6;
|
||||
string last_name = 7;
|
||||
string display_name = 8;
|
||||
repeated string roles = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "[\"role.super.man\"]";
|
||||
description: "the role keys granted to the user"
|
||||
}
|
||||
];
|
||||
string preferred_login_name = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gigi@caos.ch\"";
|
||||
description: "preferred login name of the user"
|
||||
}
|
||||
];
|
||||
string email = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gigi@caos.ch\"";
|
||||
description: "preferred login name of the user"
|
||||
}
|
||||
];
|
||||
string first_name = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Gigi\"";
|
||||
description: "first name of the user"
|
||||
}
|
||||
];
|
||||
string last_name = 7 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Giraffe\"";
|
||||
description: "last name of the user"
|
||||
}
|
||||
];
|
||||
string display_name = 8 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "display name of the user"
|
||||
example: "\"Gigi Giraffe\"";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message SearchQuery {
|
||||
@@ -30,20 +65,61 @@ message SearchQuery {
|
||||
}
|
||||
|
||||
message FirstNameQuery {
|
||||
string first_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string first_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
max_length: 200;
|
||||
example: "\"Gigi\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message LastNameQuery {
|
||||
string last_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string last_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
max_length: 200;
|
||||
example: "\"Giraffe\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message EmailQuery {
|
||||
string email = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string email = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)"
|
||||
max_length: 200;
|
||||
example: "\"gigi@caos.ch\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UserIDQuery {
|
||||
string user_id = 1 [(validate.rules).string = {max_len: 200}];
|
||||
string user_id = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the id of the user"
|
||||
max_length: 200;
|
||||
example: "\"69629023906488334\"";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
syntax = "proto3";
|
||||
|
||||
import "google/protobuf/timestamp.proto";
|
||||
import "protoc-gen-openapiv2/options/annotations.proto";
|
||||
|
||||
package zitadel.v1;
|
||||
|
||||
@@ -12,7 +13,11 @@ message ObjectDetails {
|
||||
// on read: the sequence of the last event reduced by the projection
|
||||
//
|
||||
// on manipulation: the timestamp of the event(s) added by the manipulation
|
||||
uint64 sequence = 1;
|
||||
uint64 sequence = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"2\"";
|
||||
}
|
||||
];
|
||||
//creation_date is the timestamp where the first operation on the object was made
|
||||
//
|
||||
// on read: the timestamp of the first event of the object
|
||||
@@ -26,19 +31,48 @@ message ObjectDetails {
|
||||
// on manipulation: the
|
||||
google.protobuf.Timestamp change_date = 3;
|
||||
//resource_owner is the organisation an object belongs to
|
||||
string resource_owner = 4;
|
||||
string resource_owner = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\"";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message ListQuery {
|
||||
uint64 offset = 1;
|
||||
uint32 limit = 2;
|
||||
bool asc = 3;
|
||||
uint64 offset = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"10\"";
|
||||
}
|
||||
];
|
||||
uint32 limit = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "20";
|
||||
description: "Maximum amount of events returned. Default is set to 1000 in https://github.com/caos/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If limit exeeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.";
|
||||
}
|
||||
];
|
||||
bool asc = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "default is descending"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message ListDetails {
|
||||
uint64 total_result = 1;
|
||||
uint64 processed_sequence = 2;
|
||||
google.protobuf.Timestamp view_timestamp = 3;
|
||||
uint64 total_result = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"2\"";
|
||||
}
|
||||
];
|
||||
uint64 processed_sequence = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"267831\"";
|
||||
}
|
||||
];
|
||||
google.protobuf.Timestamp view_timestamp = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the last time the view got updated"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum TextQueryMethod {
|
||||
|
||||
@@ -2,17 +2,34 @@ syntax = "proto3";
|
||||
|
||||
import "zitadel/object.proto";
|
||||
import "validate/validate.proto";
|
||||
import "protoc-gen-openapiv2/options/annotations.proto";
|
||||
|
||||
package zitadel.org.v1;
|
||||
|
||||
option go_package ="github.com/caos/zitadel/pkg/grpc/org";
|
||||
|
||||
message Org {
|
||||
string id = 1;
|
||||
string id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
OrgState state = 3;
|
||||
string name = 4;
|
||||
string primary_domain = 5;
|
||||
OrgState state = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "current state of the organisation";
|
||||
}
|
||||
];
|
||||
string name = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"CAOS AG\"";
|
||||
}
|
||||
];
|
||||
string primary_domain = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"caos.ch\"";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum OrgState {
|
||||
@@ -22,12 +39,32 @@ enum OrgState {
|
||||
}
|
||||
|
||||
message Domain {
|
||||
string org_id = 1;
|
||||
string org_id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
string domain_name = 3;
|
||||
bool is_verified = 4;
|
||||
bool is_primary = 5;
|
||||
DomainValidationType validation_type = 6;
|
||||
string domain_name = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"caos.ch\"";
|
||||
}
|
||||
];
|
||||
bool is_verified = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the domain is verified"
|
||||
}
|
||||
];
|
||||
bool is_primary = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the domain is the primary domain"
|
||||
}
|
||||
];
|
||||
DomainValidationType validation_type = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines the protocol the domain was validated with";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum DomainValidationType {
|
||||
@@ -46,13 +83,33 @@ message OrgQuery {
|
||||
}
|
||||
|
||||
message OrgNameQuery {
|
||||
string name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"caos ag\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message OrgDomainQuery {
|
||||
string domain = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string domain = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"CAOS.C\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum OrgFieldName {
|
||||
@@ -69,6 +126,16 @@ message DomainSearchQuery {
|
||||
}
|
||||
|
||||
message DomainNameQuery {
|
||||
string name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"caos.ch\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
syntax = "proto3";
|
||||
|
||||
import "zitadel/object.proto";
|
||||
import "protoc-gen-openapiv2/options/annotations.proto";
|
||||
|
||||
package zitadel.policy.v1;
|
||||
|
||||
@@ -8,26 +9,74 @@ option go_package ="github.com/caos/zitadel/pkg/grpc/policy";
|
||||
|
||||
message OrgIAMPolicy {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
bool user_login_must_be_domain = 2;
|
||||
bool is_default = 3;
|
||||
bool user_login_must_be_domain = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the username has to end with the domain of it's organisation"
|
||||
}
|
||||
];
|
||||
bool is_default = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the organisation's admin changed the policy"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message LabelPolicy {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
string primary_color = 2;
|
||||
string secondary_color = 3;
|
||||
bool is_default = 4;
|
||||
bool hide_login_name_suffix = 5;
|
||||
string primary_color = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "hex value for primary color"
|
||||
}
|
||||
];
|
||||
string secondary_color = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "hex value for secondary color"
|
||||
}
|
||||
];
|
||||
bool is_default = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the organisation's admin changed the policy"
|
||||
}
|
||||
];
|
||||
bool hide_login_name_suffix = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "hides the org suffix on the login form if the scope \"urn:zitadel:iam:org:domain:primary:{domainname}\" is set. Details about this scope in https://docs.zitadel.ch/architecture#Reserved_Scopes";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message LoginPolicy {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
bool allow_username_password = 2;
|
||||
bool allow_register = 3;
|
||||
bool allow_external_idp = 4;
|
||||
bool force_mfa = 5;
|
||||
PasswordlessType passwordless_type = 6;
|
||||
bool is_default = 7;
|
||||
bool allow_username_password = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if a user is allowed to login with his username and password"
|
||||
}
|
||||
];
|
||||
bool allow_register = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if a person is allowed to register a user on this organisation"
|
||||
}
|
||||
];
|
||||
bool allow_external_idp = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if a user is allowed to add a defined identity provider. E.g. Google auth"
|
||||
}
|
||||
];
|
||||
bool force_mfa = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if a user MUST use a multi factor to log in"
|
||||
}
|
||||
];
|
||||
PasswordlessType passwordless_type = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if passwordless is allowed for users"
|
||||
}
|
||||
];
|
||||
bool is_default = 7 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the organisation's admin changed the policy"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum SecondFactorType {
|
||||
@@ -49,24 +98,75 @@ enum PasswordlessType {
|
||||
|
||||
message PasswordComplexityPolicy {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
uint64 min_length = 2;
|
||||
bool has_uppercase = 3;
|
||||
bool has_lowercase = 4;
|
||||
bool has_number = 5;
|
||||
bool has_symbol = 6;
|
||||
bool is_default = 7;
|
||||
uint64 min_length = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"8\""
|
||||
}
|
||||
];
|
||||
bool has_uppercase = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the password MUST contain an upper case letter"
|
||||
}
|
||||
];
|
||||
bool has_lowercase = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the password MUST contain a lower case letter"
|
||||
}
|
||||
];
|
||||
bool has_number = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the password MUST contain a number"
|
||||
}
|
||||
];
|
||||
bool has_symbol = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the password MUST contain a symbol. E.g. \"$\""
|
||||
}
|
||||
];
|
||||
bool is_default = 7 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the organisation's admin changed the policy"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message PasswordAgePolicy {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
uint64 max_age_days = 2;
|
||||
uint64 expire_warn_days = 3;
|
||||
bool is_default = 4;
|
||||
uint64 max_age_days = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "Maximum days since last password change"
|
||||
example: "\"365\""
|
||||
}
|
||||
];
|
||||
uint64 expire_warn_days = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "Days before the password expiry the user gets notified to change the password"
|
||||
example: "\"10\""
|
||||
}
|
||||
];
|
||||
bool is_default = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the organisation's admin changed the policy"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message PasswordLockoutPolicy {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
uint64 max_attempts = 2;
|
||||
bool show_lockout_failure = 3;
|
||||
bool is_default = 4;
|
||||
uint64 max_attempts = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "Maximum attempts before the account gets locked. Attempts are reset as soon as the password is entered correct or the password is reset."
|
||||
example: "\"10\""
|
||||
}
|
||||
];
|
||||
bool show_lockout_failure = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "Enables if the failure should be shown to de user, sometimes for security issues the user should not get to much information"
|
||||
}
|
||||
];
|
||||
bool is_default = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines if the organisation's admin changed the policy"
|
||||
}
|
||||
];
|
||||
}
|
||||
@@ -2,16 +2,29 @@ syntax = "proto3";
|
||||
|
||||
import "zitadel/object.proto";
|
||||
import "validate/validate.proto";
|
||||
import "protoc-gen-openapiv2/options/annotations.proto";
|
||||
|
||||
package zitadel.project.v1;
|
||||
|
||||
option go_package ="github.com/caos/zitadel/pkg/grpc/project";
|
||||
|
||||
message Project {
|
||||
string id = 1;
|
||||
string id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
string name = 3;
|
||||
ProjectState state = 4;
|
||||
string name = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"ZITADEL\""
|
||||
}
|
||||
];
|
||||
ProjectState state = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "current state of the project";
|
||||
}
|
||||
];
|
||||
// describes if roles of user should be added in token
|
||||
bool project_role_assertion = 5;
|
||||
// ZITADEL checks if the user has at least one on this project
|
||||
@@ -19,16 +32,52 @@ message Project {
|
||||
}
|
||||
|
||||
message GrantedProject {
|
||||
string grant_id = 1;
|
||||
string granted_org_id = 2;
|
||||
string granted_org_name = 3;
|
||||
repeated string granted_role_keys = 4;
|
||||
ProjectGrantState state = 5;
|
||||
string grant_id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
string granted_org_id = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
string granted_org_name = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Some Organisation\""
|
||||
}
|
||||
];
|
||||
repeated string granted_role_keys = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "[\"role.super.man\"]"
|
||||
}
|
||||
];
|
||||
ProjectGrantState state = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "current state of the project grant";
|
||||
}
|
||||
];
|
||||
|
||||
string project_id = 6;
|
||||
string project_name = 7;
|
||||
string project_owner_id = 8;
|
||||
string project_owner_name = 9;
|
||||
string project_id = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
string project_name = 7 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"ZITADEL\""
|
||||
}
|
||||
];
|
||||
string project_owner_id = 8 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
string project_owner_name = 9 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"CAOS AG\""
|
||||
}
|
||||
];
|
||||
|
||||
zitadel.v1.ObjectDetails details = 10;
|
||||
}
|
||||
@@ -54,15 +103,37 @@ message ProjectQuery {
|
||||
}
|
||||
|
||||
message ProjectNameQuery {
|
||||
string name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"ZITADEL\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message Role {
|
||||
string key = 1;
|
||||
string key = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"role.super.man\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
string display_name = 3;
|
||||
string group = 4;
|
||||
string display_name = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Super man\""
|
||||
}
|
||||
];
|
||||
string group = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"people\""
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message RoleQuery {
|
||||
@@ -75,13 +146,33 @@ message RoleQuery {
|
||||
}
|
||||
|
||||
message RoleKeyQuery {
|
||||
string key = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string key = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"role.super.man\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message RoleDisplayNameQuery {
|
||||
string display_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string display_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"SUPER\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message ProjectGrantQuery {
|
||||
@@ -94,11 +185,31 @@ message ProjectGrantQuery {
|
||||
}
|
||||
|
||||
message GrantProjectNameQuery {
|
||||
string name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"ZITADEL\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message GrantRoleKeyQuery {
|
||||
string role_key = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string role_key = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"role.super.man\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
@@ -3,20 +3,50 @@ syntax = "proto3";
|
||||
import "zitadel/object.proto";
|
||||
import "validate/validate.proto";
|
||||
|
||||
import "protoc-gen-openapiv2/options/annotations.proto";
|
||||
|
||||
package zitadel.user.v1;
|
||||
|
||||
option go_package ="github.com/caos/zitadel/pkg/grpc/user";
|
||||
|
||||
message User {
|
||||
string id = 1;
|
||||
string id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
UserState state = 3;
|
||||
string user_name = 4;
|
||||
repeated string login_names = 5;
|
||||
string preferred_login_name = 6;
|
||||
UserState state = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "current state of the user";
|
||||
}
|
||||
];
|
||||
string user_name = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"mr_long_neck\"";
|
||||
}
|
||||
];
|
||||
repeated string login_names = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "[\"gigi@caos.ch\", \"gigi@caos-ag.zitadel.ch\"]";
|
||||
}
|
||||
];
|
||||
string preferred_login_name = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gigi@caos.ch\"";
|
||||
}
|
||||
];
|
||||
oneof type {
|
||||
Human human = 7;
|
||||
Machine machine = 8;
|
||||
Human human = 7 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "one of type use human or machine"
|
||||
}
|
||||
];
|
||||
Machine machine = 8 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "one of type use human or machine"
|
||||
}
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@@ -34,39 +64,82 @@ message Human {
|
||||
Profile profile = 1;
|
||||
Email email = 2;
|
||||
Phone phone = 3;
|
||||
Address address = 4;
|
||||
}
|
||||
|
||||
message Machine {
|
||||
string name = 1;
|
||||
string description = 2;
|
||||
string name = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"zitadel\"";
|
||||
}
|
||||
];
|
||||
string description = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"The one and only IAM\"";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message Profile {
|
||||
string first_name = 1;
|
||||
string last_name = 2;
|
||||
string nick_name = 3;
|
||||
string display_name = 4;
|
||||
string preferred_language = 5;
|
||||
Gender gender = 6;
|
||||
string first_name = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Gigi\"";
|
||||
}
|
||||
];
|
||||
string last_name = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Giraffe\"";
|
||||
}
|
||||
];
|
||||
string nick_name = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"long_neck\"";
|
||||
}
|
||||
];
|
||||
string display_name = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "a user can set his display name, if nothing is set ZITADEL computes \"first_name last_name\""
|
||||
example: "\"Gigi Giraffe\"";
|
||||
}
|
||||
];
|
||||
string preferred_language = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "language tag analog https://tools.ietf.org/html/rfc3066"
|
||||
example: "\"en\"";
|
||||
}
|
||||
];
|
||||
Gender gender = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the gender of the human";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message Email {
|
||||
string email = 1;
|
||||
bool is_email_verified = 2;
|
||||
string email = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)"
|
||||
example: "\"gigi@caos.ch\"";
|
||||
}
|
||||
];
|
||||
bool is_email_verified = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "Is true if the user verified his email or if the email is managed outside ZITADEL"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message Phone {
|
||||
string phone = 1;
|
||||
bool is_phone_verified = 2;
|
||||
}
|
||||
|
||||
message Address {
|
||||
string country = 1;
|
||||
string locality = 2;
|
||||
string postal_code = 3;
|
||||
string region = 4;
|
||||
string street_address = 5;
|
||||
string phone = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "mobile phone number of the user. (use global pattern of spec https://tools.ietf.org/html/rfc3966)"
|
||||
example: "\"+41 71 000 00 00\"";
|
||||
}
|
||||
];
|
||||
bool is_phone_verified = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "Is true if the user verified his phone or if the phone is managed outside ZITADEL"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum Gender {
|
||||
@@ -92,43 +165,114 @@ message SearchQuery {
|
||||
}
|
||||
|
||||
message UserNameQuery {
|
||||
string user_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string user_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
max_length: 200;
|
||||
example: "\"mr_long_neck\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message FirstNameQuery {
|
||||
string first_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string first_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
max_length: 200;
|
||||
example: "\"Gigi\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message LastNameQuery {
|
||||
string last_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string last_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
max_length: 200;
|
||||
example: "\"Giraffe\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message NickNameQuery {
|
||||
string nick_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message DisplayNameQuery {
|
||||
string display_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string display_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
max_length: 200;
|
||||
example: "\"Gigi Giraffe\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message EmailQuery {
|
||||
string email_address = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string email_address = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)"
|
||||
max_length: 200;
|
||||
example: "\"gigi@caos.ch\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
//UserStateQuery is always equals
|
||||
message StateQuery {
|
||||
UserState state = 1 [(validate.rules).enum.defined_only = true];
|
||||
UserState state = 1 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "current state of the user";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
//UserTypeQuery is always equals
|
||||
message TypeQuery {
|
||||
Type type = 1 [(validate.rules).enum.defined_only = true];
|
||||
Type type = 1 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the type of the user";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum Type {
|
||||
@@ -150,10 +294,22 @@ enum UserFieldName {
|
||||
}
|
||||
|
||||
message AuthFactor {
|
||||
AuthFactorState state = 1;
|
||||
AuthFactorState state = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "current state of the auth factor";
|
||||
}
|
||||
];
|
||||
oneof type {
|
||||
AuthFactorOTP otp = 2;
|
||||
AuthFactorU2F u2f = 3;
|
||||
AuthFactorOTP otp = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "one of type use otp or u2f"
|
||||
}
|
||||
];
|
||||
AuthFactorU2F u2f = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "one of type use otp or u2f"
|
||||
}
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@@ -167,35 +323,105 @@ enum AuthFactorState {
|
||||
message AuthFactorOTP {}
|
||||
|
||||
message AuthFactorU2F {
|
||||
string id = 1;
|
||||
string name = 2;
|
||||
string id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
string name = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"fido key\""
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message WebAuthNKey {
|
||||
bytes public_key = 1;
|
||||
bytes public_key = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "json representation of public key credential creation options used by the webauthn client"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message WebAuthNVerification {
|
||||
bytes public_key_credential = 1 [(validate.rules).bytes.min_len = 50]; //TODO: define correct min and max len
|
||||
string token_name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
bytes public_key_credential = 1 [
|
||||
(validate.rules).bytes.min_len = 55,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "json representation of public key credential issued by the webauthn client";
|
||||
min_length: 55;
|
||||
max_length: 1048576; //1 mb
|
||||
//TODO: add example validate max
|
||||
}
|
||||
];
|
||||
string token_name = 2 [
|
||||
(validate.rules).string = {min_len: 1, max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
min_length: 1;
|
||||
max_length: 200;
|
||||
example: "\"fido key\""
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message WebAuthNToken {
|
||||
string id = 1;
|
||||
AuthFactorState state = 2;
|
||||
string name = 3;
|
||||
string id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
AuthFactorState state = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "current state of the token";
|
||||
}
|
||||
];
|
||||
string name = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
min_length: 1;
|
||||
max_length: 200;
|
||||
example: "\"fido key\""
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message Membership {
|
||||
string user_id = 1;
|
||||
string user_id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
repeated string roles = 3;
|
||||
string display_name = 4;
|
||||
repeated string roles = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "[\"IAM_OWNER\"]"
|
||||
}
|
||||
];
|
||||
string display_name = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "display name of the user"
|
||||
example: "\"Gigi Giraffe\"";
|
||||
}
|
||||
];
|
||||
oneof type {
|
||||
bool iam = 5;
|
||||
string org_id = 6;
|
||||
string project_id = 7;
|
||||
string project_grant_id = 8;
|
||||
bool iam = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "one of type use iam, org id, project id or project grant id"
|
||||
}
|
||||
];
|
||||
string org_id = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "one of type use iam, org id, project id or project grant id"
|
||||
}
|
||||
];
|
||||
string project_id = 7 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "one of type use iam, org id, project id or project grant id"
|
||||
}
|
||||
];
|
||||
string project_grant_id = 8 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "one of type use iam, org id, project id or project grant id"
|
||||
}
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@@ -210,30 +436,78 @@ message MembershipQuery {
|
||||
}
|
||||
}
|
||||
|
||||
// this query is always equals
|
||||
message MembershipOrgQuery {
|
||||
string org_id = 1 [(validate.rules).string = {max_len: 200}];
|
||||
string org_id = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
// this query is always equals
|
||||
message MembershipProjectQuery {
|
||||
string project_id = 1 [(validate.rules).string = {max_len: 200}];
|
||||
string project_id = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
// this query is always equals
|
||||
message MembershipProjectGrantQuery {
|
||||
string project_grant_id = 1 [(validate.rules).string = {max_len: 200}];
|
||||
string project_grant_id = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
// this query is always equals
|
||||
message MembershipIAMQuery {
|
||||
bool iam = 1;
|
||||
}
|
||||
|
||||
message Session {
|
||||
string session_id = 1;
|
||||
string agent_id = 2;
|
||||
SessionState auth_state = 3;
|
||||
string user_id = 4;
|
||||
string user_name = 5;
|
||||
string login_name = 7;
|
||||
string display_name = 8;
|
||||
string session_id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
string agent_id = 2 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
SessionState auth_state = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "current state of the session";
|
||||
}
|
||||
];
|
||||
string user_id = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
string user_name = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"mr_long_neck\"";
|
||||
}
|
||||
];
|
||||
string login_name = 7 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gigi@caos.ch\"";
|
||||
}
|
||||
];
|
||||
string display_name = 8 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "the display name of the user"
|
||||
example: "\"Gigi Giraffe\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 9;
|
||||
}
|
||||
|
||||
@@ -244,25 +518,87 @@ enum SessionState {
|
||||
}
|
||||
|
||||
message UserGrant {
|
||||
string id = 1;
|
||||
string id = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.ObjectDetails details = 2;
|
||||
repeated string role_keys = 3;
|
||||
UserGrantState state = 4;
|
||||
repeated string role_keys = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "[\"role.super.man\"]"
|
||||
}
|
||||
];
|
||||
UserGrantState state = 4 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "current state of the user";
|
||||
}
|
||||
];
|
||||
|
||||
string user_id = 5;
|
||||
string user_name = 6;
|
||||
string first_name = 7;
|
||||
string last_name = 8;
|
||||
string email = 9;
|
||||
string display_name = 10;
|
||||
|
||||
string org_id = 11;
|
||||
string org_name = 12;
|
||||
string org_domain = 13;
|
||||
|
||||
string project_id = 14;
|
||||
string project_name = 15;
|
||||
string project_grant_id = 16;
|
||||
string user_id = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
string user_name = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"mr_long_neck\"";
|
||||
}
|
||||
];
|
||||
string first_name = 7 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Gigi\"";
|
||||
}
|
||||
];
|
||||
string last_name = 8 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Giraffe\"";
|
||||
}
|
||||
];
|
||||
string email = 9 [
|
||||
(validate.rules).string.email = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)"
|
||||
example: "\"gigi@caos.ch\"";
|
||||
}
|
||||
];
|
||||
string display_name = 10 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "display name of the user"
|
||||
example: "\"Gigi Giraffe\"";
|
||||
}
|
||||
];
|
||||
string org_id = 11 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
string org_name = 12 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"CAOS AG\"";
|
||||
}
|
||||
];
|
||||
string org_domain = 13 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"caos.ch\"";
|
||||
}
|
||||
];
|
||||
string project_id = 14 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
string project_name = 15 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"ZITADEL\"";
|
||||
}
|
||||
];
|
||||
string project_grant_id = 16 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
enum UserGrantState {
|
||||
@@ -292,11 +628,21 @@ message UserGrantQuery {
|
||||
}
|
||||
|
||||
message UserGrantProjectIDQuery {
|
||||
string project_id = 1 [(validate.rules).string = {max_len: 200}];
|
||||
string project_id = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UserGrantUserIDQuery {
|
||||
string user_id = 1 [(validate.rules).string = {max_len: 200}];
|
||||
string user_id = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UserGrantWithGrantedQuery {
|
||||
@@ -304,53 +650,147 @@ message UserGrantWithGrantedQuery {
|
||||
}
|
||||
|
||||
message UserGrantRoleKeyQuery {
|
||||
string role_key = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string role_key = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"role.super.man\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UserGrantProjectGrantIDQuery {
|
||||
string project_grant_id = 1 [(validate.rules).string = {max_len: 200}];
|
||||
string project_grant_id = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"69629023906488334\""
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UserGrantUserNameQuery {
|
||||
string user_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string user_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"mr_long_neck\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UserGrantFirstNameQuery {
|
||||
string first_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string first_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Gigi\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UserGrantLastNameQuery {
|
||||
string last_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string last_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Giraffe\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UserGrantEmailQuery {
|
||||
string email = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string email = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"gigi@caos.ch\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UserGrantOrgNameQuery {
|
||||
string org_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string org_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"cao\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UserGrantOrgDomainQuery {
|
||||
string org_domain = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string org_domain = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"OS AG\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which text equality method is used"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
message UserGrantProjectNameQuery {
|
||||
string project_name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string project_name = 1 [
|
||||
(validate.rules).string = {max_len: 200},
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"ITADE\""
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "3"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
//TODO: needed as you can search first and last name?
|
||||
message UserGrantDisplayNameQuery {
|
||||
string display_name = 1;
|
||||
zitadel.v1.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
|
||||
string display_name = 1 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "display name of a user"
|
||||
example: "\"Gigi Giraffe\"";
|
||||
}
|
||||
];
|
||||
zitadel.v1.TextQueryMethod method = 2 [
|
||||
(validate.rules).enum.defined_only = true,
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "defines which equality method is used";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
//PLANNED: login name query
|
||||
Reference in New Issue
Block a user