# Which Problems Are Solved
- Lack of support for the Romanian language in the application.
# How the Problems Are Solved
- Added translations for the Romanian language
---------
Co-authored-by: Silvan <27845747+adlerhurst@users.noreply.github.com>
# Which Problems Are Solved
Actions v2 are not executed in different functions, as provided by the
actions v1.
# How the Problems Are Solved
Add functionality to call actions v2 through OIDC and SAML logic to
complement tokens and SAMLResponses.
# Additional Changes
- Corrected testing for retrieved intent information
- Added testing for IDP types
- Corrected handling of context for issuer in SAML logic
# Additional Context
- Closes#7247
- Dependent on https://github.com/zitadel/saml/pull/97
- docs for migration are done in separate issue:
https://github.com/zitadel/zitadel/issues/9456
---------
Co-authored-by: Silvan <27845747+adlerhurst@users.noreply.github.com>
# Which Problems Are Solved
Currently I am not able to run the new login with a service account with
an IAM_OWNER role.
As the role is missing some permissions which the LOGIN_CLIENT role does
have
# How the Problems Are Solved
Added session permissions to the IAM_OWNER
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
I looked _several times_ to find how to add the organization name or ID
to the JWT. but kept overlooking this.
The claim `urn:zitadel:iam:user:resourceowner` claim adds the users'
organization. But because the word organization was missing from the
description, it was very much non-obvious.
This fix proposes a clarification of the description to clarify this.
# Which Problems Are Solved
- It is hard to find how to add the organization name or ID to the JWT.
but kept overlooking this.
# How the Problems Are Solved
- This patch proposes a clarification of the description to clarify that
by users `resourceowner`. we mean org.
# Additional Context
- This changes documentation only.
Co-authored-by: Fabienne Bühler <fabienne@zitadel.com>
# Which Problems Are Solved
#9110 introduced more possibilities to search for "own" sessions. Due to
this the permission checks for retrieving a session had to be updated
accordingly. Internal calls, such as retrieving them for sending
notifications do not require a permission, but the code was not properly
adjusted and thus could lead to panics.
# How the Problems Are Solved
- Properly handled (do not require) permission check for internal only
calls when retrieving the session by id.
# Additional Changes
None
# Additional Context
- needs backports to 2.68.x, 2.69.x, 2.70.x
- closeszitadel/devops#117
# Which Problems Are Solved
- #9382 "When I log in and get to my user profile page, I get an empty
error message at the top:"
# How the Problems Are Solved
load metadata using user service
# Additional Changes
- The roles observable returns an empty array instead of never emiting
- Small refactorings in app.component.ts because at first I thought the
errors stems from there.
- Added withLatestFromSynchronousFix RXJS operator because
withLatestFrom has confusing behavior when used in synchronous contexts.
Why this operator is needed is described here:
https://github.com/ReactiveX/rxjs/issues/7068
# Additional Context
- Closes#9382
# Which Problems Are Solved
There were no guideline to how design future APIs and their endpoints.
The V3 documentation was to specific and targeted towards internal
stakeholders.
This PR is intended as base and kept to the minimum. If more details or
additional guideline or rules are needed, they will be added in the
future.
# How the Problems Are Solved
- Removed the V3 description and corresponding examples.
- Provided general guideline for the design of APIs, which includes the
structure, naming, versioning, error handling and more.
# Additional Changes
None
# Additional Context
closes#9184
---------
Co-authored-by: Maximilian <mpa@zitadel.com>
Co-authored-by: Silvan <27845747+adlerhurst@users.noreply.github.com>
# Which Problems Are Solved
The recently introduced notification queue have potential race conditions.
# How the Problems Are Solved
Current code is refactored to use the queue package, which is safe in
regards of concurrency.
# Additional Changes
- the queue is included in startup
- improved code quality of queue
# Additional Context
- closes https://github.com/zitadel/zitadel/issues/9278
# Which Problems Are Solved
- Correctly load Avatar on first load
# How the Problems Are Solved
- The Avatar issue was mostly due to how we resolved the current user, I
changed this behaviour
# Additional Changes
- Removed V2 create human code till seperate page is finished
- Remove Console Use V2 API feature flag from features page (till new
page is added)
# Additional Context
- Partially fixes#9382
- This will get implemented next week
https://github.com/zitadel/zitadel/issues/9382#issuecomment-2681347477
# Which Problems Are Solved
The i18n element `ORG_USER_SELF_MANAGER` is missing a translation.
# How the Problems Are Solved
Added translations for `ORG_USER_SELF_MANAGER` in each language.
Please note that the translations were generated using Copilot, so they
may not be entirely accurate (I'm only confident that they are correct
for English and Japanese). I appreciate any corrections or improvements.
Co-authored-by: Livio Spring <livio.a@gmail.com>
# Which Problems Are Solved
The i18n element `ORG_SETTINGS_MANAGER` is missing a translation.
# How the Problems Are Solved
Added translations for `ORG_SETTINGS_MANAGER` in each language.
Please note that the translations were generated using Copilot, so they
may not be entirely accurate (I'm only confident that they are correct
for English and Japanese). I appreciate any corrections or improvements.
# Which Problems Are Solved
Setup fails to push all role permission events when running Zitadel with
CockroachDB. `TransactionRetryError`s were visible in logs which finally
times out the setup job with `timeout: context deadline exceeded`
# How the Problems Are Solved
As suggested in the [Cockroach documentation](timeout: context deadline
exceeded), _"break down larger transactions"_. The commands to be pushed
for the role permissions are chunked in 50 events per push. This
chunking is only done with CockroachDB.
# Additional Changes
- gci run fixed some unrelated imports
- access to `command.Commands` for the setup job, so we can reuse the
sync logic.
# Additional Context
Closes#9293
---------
Co-authored-by: Silvan <27845747+adlerhurst@users.noreply.github.com>
# Which Problems Are Solved
The community implemented an example for integrating fastAPI with
Zitadel.
So far this example has not been listed.
# How the Problems Are Solved
The example is now listed
Disclaimer is added, that some of the examples are not maintained by us
# Which Problems Are Solved
The rate limit policy doesn't match the actually applied rate limits.
# How the Problems Are Solved
The rate limit policy is updated.
# Additional Conext
- https://github.com/caos/infra/pull/1141
---------
Co-authored-by: Florian Forster <florian@zitadel.com>
# Which Problems Are Solved
No benchmarks for v2.70.0 were provided so far.
# How the Problems Are Solved
Benchmarks added
# Additional changes
- it's now possible to plot multiple charts, one chart per `metric_name`
# Which Problems Are Solved
The `creationDate` property on user search V2 endpoint was missing
# How the Problems Are Solved
Added property in v2 `object.proto` and in the function creating the
details on each call
# Additional Changes
- none
# Additional Context
closes#8552
---------
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
# Which Problems Are Solved
Some OAuth2 and OIDC providers require the use of PKCE for all their
clients. While ZITADEL already recommended the same for its clients, it
did not yet support the option on the IdP configuration.
# How the Problems Are Solved
- A new boolean `use_pkce` is added to the add/update generic OAuth/OIDC
endpoints.
- A new checkbox is added to the generic OAuth and OIDC provider
templates.
- The `rp.WithPKCE` option is added to the provider if the use of PKCE
has been set.
- The `rp.WithCodeChallenge` and `rp.WithCodeVerifier` options are added
to the OIDC/Auth BeginAuth and CodeExchange function.
- Store verifier or any other persistent argument in the intent or auth
request.
- Create corresponding session object before creating the intent, to be
able to store the information.
- (refactored session structs to use a constructor for unified creation
and better overview of actual usage)
Here's a screenshot showing the URI including the PKCE params:
# Additional Changes
None.
# Additional Context
- Closes#6449
- This PR replaces the existing PR (#8228) of @doncicuto. The base he
did was cherry picked. Thank you very much for that!
---------
Co-authored-by: Miguel Cabrerizo <doncicuto@gmail.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
# Which Problems Are Solved
SortingColumn functionality on system API ListIAMMembers
SortingColumn functionality on admin API ListIAMMembers
# How the Problems Are Solved
I have added enum MemberFieldColumnName in` member.proto `file ,
consists of names of the columns on which the request can be sorted.
MEMBER_FIELD_NAME_UNSPECIFIED = 0;
MEMBER_FIELD_NAME_USER_ID=1;
MEMBER_FIELD_NAME_CREATION_DATE = 2;
MEMBER_FIELD_NAME_CHANGE_DATE=3;
MEMBER_FIELD_NAME_USER_RESOURCE_OWNER=4
I have added field Sorting Column for ListIAMMembersRequest in`
system.proto` file. I have added field Sorting Column for
ListIAMMembersRequest in` admin.proto` file.
I have modified ListIAMMembersRequestToQuery function in file
`internal/api/grpc/system/instance_converter.go `to include sorting
column in the query.SearchRequest{}.
I have modified ListIAMMembersRequestToQuery function in file
`internal/api/grpc/admin/iam_member_converter.go ` to include sorting
column in the query.SearchRequest{}.
# Additional Changes
Replace this example text with a concise list of additional changes that
this PR introduces, that are not directly solving the initial problem
but are related.
For example:
- The docs explicitly describe that the property XY is mandatory
- Adds missing translations for validations.
# Additional Context
Replace this example with links to related issues, discussions, discord
threads, or other sources with more context.
Use the Closing #issue syntax for issues that are resolved with this PR.
- Closes https://github.com/zitadel/zitadel/issues/5063
- Discussion #xxx
- Follow-up for PR #xxx
-
https://discordapp.com/channels/927474939156643850/1329872809488416789/1329872809488416789
---------
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
