Commit Graph

818 Commits

Author SHA1 Message Date
Tim Möhlmann
ab4daa0ebb
fix(webkeys): remove include private key from projection index (#8436)
# Which Problems Are Solved

When Web keys with a large RSA Bitsize were generated, the new web key
did not get projected.
Zitadel logs printed the following errors:

```
time="2024-08-15T09:18:47Z" level=debug msg="execution of statements failed" caller="/home/tim/Repositories/zitadel/zitadel/internal/eventstore/handler/v2/handler.go:518" error="statement failed: ID=CRDB-pKtsr Message=exec failed Parent=(ERROR: index row size 3400 exceeds btree version 4 maximum 2704 for index \"web_keys_web_key_state_idx\" (SQLSTATE 54000))" lastProcessedIndex=-1 projection=projections.web_keys
```


# How the Problems Are Solved

Remove the the `WithInclude` option with the Private key from the
`web_keys` projection index and bump the projection version.

# Additional Changes

- Correct RPC summaries for documentation
- Fix docs slug in sidebar.js

# Additional Context

- Found during release review.
2024-08-16 11:41:09 +00:00
Stefan Benz
83c78a470c
fix: add information about target response into error message if inte… (#8281)
# Which Problems Are Solved

Execution responses with HTTP StatusCode not equal to 200 interrupt the
client request silently.

# How the Problems Are Solved

Adds information about the recieved StatusCode and Body into the error
if StatusCode not 200.

# Additional Context

Closes #8177

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-08-16 11:26:15 +02:00
Stefan Benz
5fab533e37
feat: org v2 ListOrganizations (#8411)
# Which Problems Are Solved

Org v2 service does not have a ListOrganizations endpoint.

# How the Problems Are Solved

Implement ListOrganizations endpoint.

# Additional Changes

- moved descriptions in the protos to comments
- corrected the RemoveNoPermissions for the ListUsers, to get the
correct TotalResults

# Additional Context

For new typescript login
2024-08-15 06:37:06 +02:00
Stefan Benz
3e3d46ac0d
feat: idp v2 api GetIDPByID (#8425)
# Which Problems Are Solved

GetIDPByID as endpoint in the API v2 so that it can be available for the
new login.

# How the Problems Are Solved

Create GetIDPByID endpoint with IDP v2 API, throught the GetProviderByID
implementation from admin and management API.

# Additional Changes

- Remove the OwnerType attribute from the response, as the information
is available through the resourceOwner.
- correct refs to messages in proto which are used for doc generation
- renaming of elements for API v3

# Additional Context

Closes #8337

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-08-14 18:18:29 +00:00
Tim Möhlmann
64a3bb3149
feat(v3alpha): web key resource (#8262)
# Which Problems Are Solved

Implement a new API service that allows management of OIDC signing web
keys.
This allows users to manage rotation of the instance level keys. which
are currently managed based on expiry.

The API accepts the generation of the following key types and
parameters:

- RSA keys with 2048, 3072 or 4096 bit in size and:
  - Signing with SHA-256 (RS256)
  - Signing with SHA-384 (RS384)
  - Signing with SHA-512 (RS512)
- ECDSA keys with
  - P256 curve
  - P384 curve
  - P512 curve
- ED25519 keys

# How the Problems Are Solved

Keys are serialized for storage using the JSON web key format from the
`jose` library. This is the format that will be used by OIDC for
signing, verification and publication.

Each instance can have a number of key pairs. All existing public keys
are meant to be used for token verification and publication the keys
endpoint. Keys can be activated and the active private key is meant to
sign new tokens. There is always exactly 1 active signing key:

1. When the first key for an instance is generated, it is automatically
activated.
2. Activation of the next key automatically deactivates the previously
active key.
3. Keys cannot be manually deactivated from the API
4. Active keys cannot be deleted

# Additional Changes

- Query methods that later will be used by the OIDC package are already
implemented. Preparation for #8031
- Fix indentation in french translation for instance event
- Move user_schema translations to consistent positions in all
translation files

# Additional Context

- Closes #8030
- Part of #7809

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-08-14 14:18:14 +00:00
Livio Spring
e2e1100124
feat(idp): provide auto only options (#8420)
# Which Problems Are Solved

As of now, **automatic creation** and **automatic linking options** were
only considered if the corresponding **allowed option** (account
creation / linking allowed) was enabled.

With this PR, this is no longer needed and allows administrators to
address cases, where only an **automatic creation** is allowed, but
users themselves should not be allowed to **manually** create new
accounts using an identity provider or edit the information during the
process.
Also, allowing users to only link to the proposed existing account is
now possible with an enabled **automatic linking option**, while
disabling **account linking allowed**.

# How the Problems Are Solved

- Check for **automatic** options without the corresponding **allowed**
option.
- added technical advisory to notify about the possible behavior change

# Additional Changes

- display the error message on the IdP linking step in the login UI (in
case there is one)
- display an error in case no option is possible
- exchanged deprecated `eventstoreExpect` with `expectEventstore` in
touched test files

# Additional Context

closes https://github.com/zitadel/zitadel/issues/7393

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-08-14 13:04:26 +00:00
Max Peintner
d32e22734f
docs: update typescript repo (#8394)
server package is node package now, idp scope is implemented

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-08-14 11:56:58 +00:00
Elio Bischof
042c438813
feat(v3alpha): read actions (#8357)
# Which Problems Are Solved

The current v3alpha actions APIs don't exactly adhere to the [new
resources API
design](https://zitadel.com/docs/apis/v3#standard-resources).

# How the Problems Are Solved

- **Improved ID access**: The aggregate ID is added to the resource
details object, so accessing resource IDs and constructing proto
messages for resources is easier
- **Explicit Instances**: Optionally, the instance can be explicitly
given in each request
- **Pagination**: A default search limit and a max search limit are
added to the defaults.yaml. They apply to the new v3 APIs (currently
only actions). The search query defaults are changed to ascending by
creation date, because this makes the pagination results the most
deterministic. The creation date is also added to the object details.
The bug with updated creation dates is fixed for executions and targets.
- **Removed Sequences**: Removed Sequence from object details and
ProcessedSequence from search details

# Additional Changes

Object details IDs are checked in unit test only if an empty ID is
expected. Centralizing the details check also makes this internal object
more flexible for future evolutions.

# Additional Context

- Closes #8169 
- Depends on https://github.com/zitadel/zitadel/pull/8225

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-08-12 22:32:01 +02:00
Fabi
18c3f574a9
docs: fix broken links (#8421)
# Which Problems Are Solved
^Since publishing the new V2 GA APi, we have a lot of broken links in
our docs

# How the Problems Are Solved

replace api links with v2 links
2024-08-12 13:58:49 +02:00
Nico Schett
a91e344a62
docs: update pylon.mdx (#8399)
# Which Problems Are Solved

Add a link to the Pylon website.
2024-08-07 13:16:57 +02:00
Benjamin Roedell
0f6003f9a1
docs: Clarify third party apps NOT use embedded view (#8322)
# Which Problems Are Solved

The text appears to contradict the statement in the page on oauth.net.

# How the Problems Are Solved

The text has been updated to reflect the statement in the page on
oauth.net.

# Additional Changes

None

# Additional Context

The page [OAUTH2.0 for mobile and native
apps](https://oauth.net/2/native-apps/) linked just above the text that
was changed states:
> It describes things like not allowing the third-party application to
open an embedded web view which is more susceptible to phishing attacks,
as well as platform-specific recommendations on how to do so.

Co-authored-by: Max Peintner <max@caos.ch>
2024-08-06 09:22:57 +02:00
Nico Schett
31ecbe04ec
docs: update custom-domain.md (#8367)
Co-authored-by: Fabi <fabienne@zitadel.com>
2024-08-05 15:56:39 +02:00
Fuzzbizz
1c7c550d60
fix: singular/plural wording (#8381)
Simple language fix
2024-08-05 12:40:29 +02:00
Elio Bischof
cc3ec1e2a7
feat(v3alpha): write actions (#8225)
# Which Problems Are Solved

The current v3alpha actions APIs don't exactly adhere to the [new
resources API
design](https://zitadel.com/docs/apis/v3#standard-resources).

# How the Problems Are Solved

- **Breaking**: The current v3alpha actions APIs are removed. This is
breaking.
- **Resource Namespace**: New v3alpha actions APIs for targets and
executions are added under the namespace /resources.
- **Feature Flag**: New v3alpha actions APIs still have to be activated
using the actions feature flag
- **Reduced Executions Overhead**: Executions are managed similar to
settings according to the new API design: an empty list of targets
basically makes an execution a Noop. So a single method, SetExecution is
enough to cover all use cases. Noop executions are not returned in
future search requests.
- **Compatibility**: The executions created with previous v3alpha APIs
are still available to be managed with the new executions API.

# Additional Changes

- Removed integration tests which test executions but rely on readable
targets. They are added again with #8169

# Additional Context

Closes #8168
2024-07-31 14:42:12 +02:00
Stefan Benz
7d2d85f57c
feat: api v2beta to api v2 (#8283)
# Which Problems Are Solved

The v2beta services are stable but not GA.

# How the Problems Are Solved

The v2beta services are copied to v2. The corresponding v1 and v2beta
services are deprecated.

# Additional Context

Closes #7236

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-07-26 22:39:55 +02:00
Stefan Benz
bc16962aac
feat: api v2beta to api v2 protos (#8343)
# Which Problems Are Solved

The go linter can't limit the checks to the diff in
https://github.com/zitadel/zitadel/pull/8283 because it's too large

# How the Problems Are Solved

The protos from https://github.com/zitadel/zitadel/pull/8283 are merged
separately

# Additional Context

Contributes to #7236

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-07-26 12:28:28 +02:00
Livio Spring
8d13247413
revert: "feat(IDP): use single callback endpoint"
This reverts commit e126ccc9aa.

# Which Problems Are Solved

#8295 introduced the possibility to handle idps on a single callback,
but broke current setups.

# How the Problems Are Solved

- Revert the change until a proper solution is found. Revert is needed
as docs were also changed.

# Additional Changes

None.

# Additional Context

- relates to #8295
2024-07-24 12:29:05 +00:00
mffap
91dcebbfc9
docs(migrate): update password section (#8232)
# Which Problems Are Solved

Password reset in combination of md5 was not clear

# How the Problems Are Solved

Some additional information in the docs
2024-07-23 14:13:35 +00:00
Silvan
f8b711ca5c
docs(actions): correct actions examples (#8350)
# Which Problems Are Solved

The docs currently link to the wrong trigger.

# How the Problems Are Solved

Changed the links.
2024-07-23 15:45:11 +02:00
Miguel Cabrerizo
b3a60863f5
feat(console): replace secret generator dialogs with cards (#8307) 2024-07-18 05:33:10 +00:00
Silvan
99c645cc60
refactor(database): exchange connection pool (#8325)
# Which Problems Are Solved

The connection pool of go uses a high amount of database connections.

# How the Problems Are Solved

The standard lib connection pool was replaced by `pgxpool.Pool`

# Additional Changes

The `db.BeginTx`-spans are removed because they cause to much noise in
the traces.

# Additional Context

- part of https://github.com/zitadel/zitadel/issues/7639
2024-07-17 15:16:02 +00:00
Livio Spring
e126ccc9aa
feat(IDP): use single callback endpoint (#8295)
# Which Problems Are Solved

Both the login UI and the IdP intent flow have their own IdP callback
endpoints.

This makes configuration hard to impossible (e.g. Github only allows one
endpoint) for customers.

# How the Problems Are Solved

- The login UI prefixes the `state` parameter when creating an auth /
SAML request.
- All requests now use the `/idp/callback` or the corresponding
variation (e.g. SAML)
- On callback, the state, resp. its prefix is checked. In case of the
login UI prefix, the request will be forwarded to the existing login UI
handler without the prefix state.
Existing setups will therefore not be affected and also requests started
before this release can be handled without any impact.
- Console only lists the "new" endpoint(s). Any
`/login/externalidp/callback` is removed.

# Additional Changes

- Cleaned up some images  from the IdP documentation.
- fix the error handling in `handleExternalNotFoundOptionCheck`

# Additional Context

- closes #8236
2024-07-16 13:58:22 +00:00
Fabi
86c124955d
fix: multiple docs issues (#8244)
# Which Problems Are Solved

- `<details>` tag is rendered in some cases in the docs, instead of
rendering a detail section which can be expanded
- New API V2 and V3 services where not rendered correctly
- The plugin which made it possible to integrate external code files and
show them on the docs didn't work anymore

# How the Problems Are Solved

- remove / from details tag, so it is properly rendered
- changing link source from tag to auto
- Someone already forked the repository and made it available for
docusaurus v3, we integrated the forked version

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-07-11 07:54:04 +02:00
Dakshitha Ratnayake
ab7c484157
docs: Add the SAML intro docs (#8112)
Please refer to this issue for more information:
https://github.com/zitadel/zitadel/issues/7436
2024-07-08 11:11:09 +00:00
Mario Andrija Balug
6cd467d773
docs: note audience scope for service user (#8252)
# Which Problems Are Solved
- It is not possible to introspect service user token if
`urn:zitadel:iam:org:project🆔{projectid}:aud` scope is not added in
token request.
- Adding this note to the document could reduce confusion and debugging
time
-
https://discord.com/channels/927474939156643850/1168857403945660436/1168930850029707386

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-07-08 06:03:30 +00:00
Livio Spring
53d47dc87f
docs: add password expiry (#8241)
# Which Problems Are Solved

Adds the missing documentation to the password expiry policy added in
#8132.

# Additional Context

- relates to #8132
2024-07-04 13:01:22 +00:00
Fabi
637f441a7d
fix: change saml sp to saml idp (#8233)
# Which Problems Are Solved

In the configuration of external idps we show SAML SP as provider which
is confusing, as it is a SAML IdP which is configured

# How the Problems Are Solved

Rename SAML SP to SAML IdP
2024-07-03 13:43:20 +02:00
Miguel Cabrerizo
88182f98ba
fix: replace Instance Settings with Default Settings in i18n and docs (#8143)
# Which Problems Are Solved

- The console shows the Instance Settings title and a description.
Instance settings should be replaced with Default settings

# How the Problems Are Solved

- The DESCRIPTIONS.SETTINGS.INSTANCE.TITLE and
DESCRIPTIONS.SETTINGS.INSTANCE.DESCRIPTION have been replaced with
Default Settings and in the corresponding translation files.

Here's a screenshot:


![image](https://github.com/zitadel/zitadel/assets/30386061/b404f209-2043-414c-b06d-3291771d54fb)

# Additional Changes

- The docs have been updated to replace remaining texts mentioning
Instance Settings with Default Settings
- Two unused texts have been deleted from the translation files
- VSCode with Prettier have applied some markdown changes

# Additional Context

- Closes #7632

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-06-25 09:18:06 +00:00
Tim Möhlmann
dc170dc46e
feat(crypto): support md5 plain for imported password hashes (#8189)
# Which Problems Are Solved

Allow verification of imported passwords hashed with plain md5, without
salt. These are password digests typically created by one of:

- `printf "password" | md5sum` on most linux systems.
- PHP's `md5("password")`
- Python3's `hashlib.md5(b"password").hexdigest()`

# How the Problems Are Solved

- Upgrade passwap to
[v0.6.0](https://github.com/zitadel/passwap/releases/tag/v0.6.0)
- Add md5plain as a new verfier option in `defaults.yaml`

# Additional Changes

- Updated documentation to explain difference between `md5` (crypt) and
`md5plain` verifiers.

# Additional Context

- Requested by customer for import case
2024-06-25 11:10:49 +03:00
Jasper van der Neut - Stulen
3e15b881d5
chore(doc): do not expose database to public networks in examples (#8175)
# Which Problems Are Solved

The docker-compose examples expose the database to the world.

# How the Problems Are Solved

Remove the `ports` config from the `db` service.
2024-06-21 15:02:04 +00:00
Fabi
11bdce5b53
docs: add phone scope to docs (#8174)
# Which Problems Are Solved

It is not clear that the phone number can be requested in a separat oidc
scope

# How the Problems Are Solved

Added the phone scope to the scope documentation
2024-06-21 16:19:21 +02:00
Miguel Cabrerizo
3635320ce8
feat: send test mail (#7968)
# Which Problems Are Solved

- Zitadel doesn't have a way to test SMTP settings either before
creating a new provider or once the SMTP provider has been created.
- Zitadel SMTP messages can be more informative for usual errors

# How the Problems Are Solved

- A new step is added to the new/update SMTP provider wizard that allows
us to test a configuration. The result is shown in a text area.
- From the table of SMTP providers you can test your settings too.
- The email address to send the email is by default the email address
for the logged in user as suggested.
- Some of the SMTP error messages have been changed to give more
information about the possible situation. For example: could not contact
with the SMTP server, check the port, firewall issues... instead of
could not dial

Here's a video showing this new option in action:


https://github.com/zitadel/zitadel/assets/30386061/50128ba1-c9fa-4481-8eec-e79a3ca69bda

# Additional Changes

Replace this example text with a concise list of additional changes that
this PR introduces, that are not directly solving the initial problem
but are related.
For example:
- The docs explicitly describe that the property XY is mandatory
- Adds missing translations for validations.

# Additional Context

- Closes #4504
2024-06-20 19:51:42 +00:00
Jan-Frederic Schubert
4101e1cd49
chore(docs): Migrate from Docusaurus v2 to v3 (#8036)
Migrate Docs to latest version of Docusaursu (3.3.2 as of time of
writing)

---------

Co-authored-by: Florian Forster <florian@zitadel.com>
2024-06-20 12:55:03 +00:00
Silvan
65f787cc02
docs: add developing with dev containers (#8095)
# Which Problems Are Solved

Describes how to develop ZITADEL using dev containers.

# Additional Changes

Sets default env variables for using postgres as database in the dev
container.
2024-06-18 08:29:02 +00:00
Tim Möhlmann
1aa8c49e41
fix(oidc): store requested response_mode (#8145)
# Which Problems Are Solved

Zitadel never stored or returned the requested `response_mode` in oidc
Auth Requests. This caused the oidc library to fallback to the default
based on the response_type.

# How the Problems Are Solved

- Store the `response_mode` in the Auth request repo
- Store the `response_mode` in the Auth request v2 events
- Return the `resonse_mode` from the Auth Request v1 and v2
`ResponseMode()` methods. (Was hard-coded to an empty string)

# Additional Changes

- Populate the `response_modes_supported` to the oidc Discovery
Configuration. When it was empty, the standard specifies the default of
`query` and `fragment`. However, our oidc library also supports
`form_post` and by this fix, zitadel now also supports this.

# Additional Context

- Closes #6586
- Reported
https://discord.com/channels/927474939156643850/1151508313717084220

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-06-17 09:50:12 +00:00
Nico Schett
ca69ba41ee
docs: add pylon framework to examples (#8115)
# Which Problems Are Solved

- Lack of documentation on integrating the Pylon framework with ZITADEL

# How the Problems Are Solved

- Adds examples to the ZITADEL documentation on how to integrate with
the Pylon framework.
- Provides clear, step-by-step instructions and code snippets for
seamless integration.

# Additional Changes

- Updates some formatting related issues. This includes changes to
trailing semicolons and array newlines in two or three instances without
significantly altering the previous formatting.
5b23416a8c

# Additional Context

Add the pylon framework to the ZITADEL documentation examples as
previously discussed with @fforootd.

- [Pylon](https://github.com/getcronit/pylon)
- [Pylon Documentation](https://pylon.cronit.io)

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-06-17 07:37:07 +00:00
Jesper We
18222008b6
feat: Contribute i18n swedish language (#8105)
# Which Problems Are Solved

- Swedish speakers cannot use their beautiful native language ;-)

# How the Problems Are Solved

- Contributes Swedish language for Login, Console, common texts and
Emails


# Additional Changes

- none

# Additional Context

- The PR currently provides all translation files according to
https://github.com/zitadel/zitadel/blob/main/CONTRIBUTING.md#contribute-internationalization.

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-06-15 13:45:19 +00:00
Florian Forster
cf72bd6192
chore(docs): use vercel ci again because GH secret problem on forks (#8142)
# Fallback to Vercel CI

Since we cannot share the vercel_token on forks we cannot deploy by
vercel CLI.
This PR reverts to the last working state by using vercel CI.

I will look into a fix with an npm script or a turbo config to ignore
builds on folder changes.
2024-06-14 16:50:58 +02:00
Fabi
cc00ee89ff
docs: link user register to metadata for custom fields (#8117)
# Which Problems Are Solved

an admin wants to know how to register a new user with some custom
fields

# How the Problems Are Solved

We already had examples about user metadata and onboard new users, but
the link between those and how to use it was missing.

# Additional Context

Replace this example with links to related issues, discussions, discord
threads, or other sources with more context.
Use the Closing #issue syntax for issues that are resolved with this PR.
- Closes #7951

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-06-14 12:27:33 +00:00
Tim Möhlmann
120ed0af73
feat(oidc): organization roles scope (#8120)
# Which Problems Are Solved

An admin / application might want to be able to reduce the amount of
roles returned in the token, for example if a user is granted to many
organizations or for specific cases where the application want to narrow
down the access for that token to a specific organization or multiple.
This can now be achieved by providing a scope with the id of the
organization, resp. multiple scopes for every organization, which should
be included.

```
urn:zitadel:iam:org:roles🆔{orgID}
```

**Note:** the new scope does not work when Introspection / Userinfo are
set to legacy mode.

# How the Problems Are Solved

The user info query now has two variants:

1. Variant that returns all organization authorization grants if the new
scope wasn't provided for backward compatibility.
2. Variant that filters the organizations based on the IDs passed in one
or more of the above scopes and returns only those authorization grants.

The query is defined as a `text/template` and both variants are rendered
once in package `init()`.

# Additional Changes

- In the integration tests `assertProjectRoleClaims` now also checks the
org IDs in the roles.

# Additional Context

- Closes #7996
2024-06-14 10:00:43 +02:00
Elio Bischof
3fabe5a2f9
docs: link discussion (#8126)
# Which Problems Are Solved

If users create discussions about the new API on their own, it could
become hard to keep the overview.

# How the Problems Are Solved

We invite to participate in a single dedicated discussion.

# Additional Changes

Removes the link to the office hours event, as it took place already.
2024-06-13 14:58:30 +02:00
Florian Forster
c9e352033e
chore(docs): use gh action to build docs (#8097)
# Which Problems Are Solved

This allows us to build multiple docs in parallel and only runs when
docs/proto are changed.

# Additional Changes

- [ ] Change "required" in GitHub from Vercel to the docs flow

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-06-13 08:07:39 +00:00
Andy Pilate
f4d32d98d3
docs: typo in oauth2-proxy.md (#8098)
# Which Problems Are Solved

This PR fixes a typo in the documentation

# How the Problems Are Solved

N/A

# Additional Changes

N/A

# Additional Context

N/A

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-06-12 11:14:14 +00:00
mffap
b42a3ad309
docs(manage): update terraform provider (#8102)
# Which Problems Are Solved

Terraform provider docs without introcution and "here" links were hard
to search for.

# How the Problems Are Solved

Updated docs page

# Additional Changes

changed the slug for more clarity and added a redirect
2024-06-11 13:01:10 +02:00
Elio Bischof
9b16c61038
docs: link office hours (#8079) 2024-06-06 11:30:16 +00:00
Elio Bischof
cedd992ab9
docs: describe new API concepts (#7975)
# Which Problems Are Solved

We have not enough internal and external input about our ideas for the
new API design.

# How the Problems Are Solved

We make the concepts easily accessible by publishing them in our docs
and making them concise.

# Additional Context

- Contributes to #6305
- Replaces the PR #7821 which defines protos in more detail

Only resources and settings are in the scope of this concept.
A possible solution for defining the outscoped methods could for example
look like this:

## ZITADELInsights

query services for auditing, analytics and data synchronization.

- Events
- Milestones

## ZITADELOperations

- Health
- Failed Events
- Views
- Metrics (version, uptime etc.)
2024-06-05 13:46:48 +00:00
Elio Bischof
b543404af5
docs: fix typo in mirror.mdx (#8056) 2024-05-31 19:18:49 +02:00
Silvan
2243306ef6
feat(cmd): mirror (#7004)
# Which Problems Are Solved

Adds the possibility to mirror an existing database to a new one. 

For that a new command was added `zitadel mirror`. Including it's
subcommands for a more fine grained mirror of the data.

Sub commands:

* `zitadel mirror eventstore`: copies only events and their unique
constraints
* `zitadel mirror system`: mirrors the data of the `system`-schema
*  `zitadel mirror projections`: runs all projections
*  `zitadel mirror auth`: copies auth requests
* `zitadel mirror verify`: counts the amount of rows in the source and
destination database and prints the diff.

The command requires one of the following flags:
* `--system`: copies all instances of the system
* `--instance <instance-id>`, `--instance <comma separated list of
instance ids>`: copies only the defined instances

The command is save to execute multiple times by adding the
`--replace`-flag. This replaces currently existing data except of the
`events`-table

# Additional Changes

A `--for-mirror`-flag was added to `zitadel setup` to prepare the new
database. The flag skips the creation of the first instances and initial
run of projections.

It is now possible to skip the creation of the first instance during
setup by setting `FirstInstance.Skip` to true in the steps
configuration.

# Additional info

It is currently not possible to merge multiple databases. See
https://github.com/zitadel/zitadel/issues/7964 for more details.

It is currently not possible to use files. See
https://github.com/zitadel/zitadel/issues/7966 for more information.

closes https://github.com/zitadel/zitadel/issues/7586
closes https://github.com/zitadel/zitadel/issues/7486

### Definition of Ready

- [x] I am happy with the code
- [x] Short description of the feature/issue is added in the pr
description
- [x] PR is linked to the corresponding user story
- [x] Acceptance criteria are met
- [x] All open todos and follow ups are defined in a new ticket and
justified
- [x] Deviations from the acceptance criteria and design are agreed with
the PO and documented.
- [x] No debug or dead code
- [x] My code has no repetitions
- [x] Critical parts are tested automatically
- [ ] Where possible E2E tests are implemented
- [x] Documentation/examples are up-to-date
- [x] All non-functional requirements are met
- [x] Functionality of the acceptance criteria is checked manually on
the dev system.

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-05-30 09:35:30 +00:00
Livio Spring
fa5e6d1914
docs(advisory): add technical advisory for token type change (#8029)
# Which Problems Are Solved

Among others #7822 changed the event type of the `user.token.added` to
`user.token.v2.added`. To make customers aware of this in case they use
it for calculating DAU / MAU, resp. for an audit trail, we want to raise
awareness.

# How the Problems Are Solved

Technical advisory to state the change.

# Additional Changes

None.

# Additional Context

Relates to #7822

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-05-29 16:14:46 +00:00
mffap
3f77b49a41
docs(service users): improve client id and client secret docs (#7990)
# Which Problems Are Solved

- Misaligned heading
- Curl with auth header is hard to understand without the link

# How the Problems Are Solved

Instead of explaining how to create a proper encoding, just use --user
flag for client_id and client_secret
2024-05-29 09:14:27 +00:00
Silvan
571015703e
docs: add office hours (#7999) 2024-05-29 07:34:37 +00:00
mffap
e3cdf76439
docs(features): clean up audit trail feature (#8018)
# Which Problems Are Solved

duplicated content

# How the Problems Are Solved

reference to primary conent
2024-05-27 13:04:59 +02:00
Silvan
cff0f73e24
fix(init): add setting to enable durable locks on crdb (#7982)
feat(init): add setting to enable durable locks on crdb
2024-05-27 09:03:34 +00:00
Florian Forster
8e55b9713b
chore(cloud): increase rate limits (#8005)
# Which Problems Are Solved

We identified some frequent rate limits in ZITADEL Cloud.

# How the Problems Are Solved

We increase the rate limits of some endpoint.

# Additional Context

(Private) Relates to https://github.com/zitadel/DevOps/issues/43
2024-05-24 13:44:15 +00:00
Stefan Benz
f37113194d
fix: actions v2 circular check for includes (#7563)
Add a check for circular includes in action v2 executions, so that no
self-includes or infinite loops can happen.

Closes #7445 

### Definition of Ready

- [x] I am happy with the code
- [x] Short description of the feature/issue is added in the pr
description
- [x] PR is linked to the corresponding user story
- [x] Acceptance criteria are met
- [x] All open todos and follow ups are defined in a new ticket and
justified
- [x] Deviations from the acceptance criteria and design are agreed with
the PO and documented.
- [x] No debug or dead code
- [x] My code has no repetitions
- [x] Critical parts are tested automatically
- [x] Where possible E2E tests are implemented
- [x] Documentation/examples are up-to-date
- [x] All non-functional requirements are met
- [x] Functionality of the acceptance criteria is checked manually on
the dev system.

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-05-22 16:05:06 +00:00
Tim Möhlmann
5b1160de1e
feat(session): allow update of session without token (#7963)
# Which Problems Are Solved

The session update requires the current session token as argument.
Since this adds extra complexity but no real additional security and
prevents case like magic links, we want to remove this requirement.

We still require the session token on other resouces / endpoints, e.g.
for finalizing the auth request or on idp intents.

# How the Problems Are Solved

- Removed the session token verifier in the Update Session GRPc call.
- Removed the session token from login UI examples session update calls

# Additional Changes

- none

# Additional Context

- Closes #7883
2024-05-22 05:56:11 +00:00
Brahim Boukoufallah
d55aae5160
docs(go.md): HTTP example URL (#7906)
## Description

When implementing the Backend setup of my Go project, I figured out that
the URL point to the HTTP example is wrong. So I did a little update in
order to fix that.

Cheer!

### Definition of Ready

- [x] I am happy with the code
- [x] Short description of the feature/issue is added in the pr
description

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-05-21 11:21:11 +02:00
Dakshitha Ratnayake
9e91b53bd4
docs:Update quickstart.mdx (#7958)
[docs]Update quickstart.mdx
2024-05-16 20:23:27 +05:30
Max Peintner
6cf9ca9f7e
docs: update typescript repo state (#7953) 2024-05-15 09:24:54 +00:00
Miguel Cabrerizo
15d5338b91
feat(cnsl): docs link can be customized and custom button is available (#7840)
* feat: customize doc link and additional custom link

* feat: add e2e tests

* fix: update docs

* fix: add @peintnermax changes about cache

* fix: golangci-lint complains preparation.PrepareCommands

---------

Co-authored-by: Max Peintner <max@caos.ch>
2024-05-13 16:01:50 +02:00
mffap
6942324741
docs(concepts): Update resources and features, add account linking (#7934)
* account linking

* updates to concepts and features

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Fabi <fabienne@zitadel.com>

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-05-13 08:29:25 +02:00
Dakshitha Ratnayake
e4905f1431
docs(sdk-examples): Added description about setting up samples in console (#7838)
* Added description about setting up samples in console

* Changed default text.

* Update introduction.mdx

* Update introduction.mdx
2024-05-08 14:13:37 +05:30
Fabi
1139dfb391
docs: add note about symbol of passwords (#7919)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-05-07 10:10:45 +00:00
Stefan Benz
1c5ecba42a
feat: add action v2 execution on requests and responses (#7637)
* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: split request and response logic to handle the different context information

* feat: split request and response logic to handle the different context information

* fix: integration test

* fix: import alias

* fix: refactor execution package

* fix: refactor execution interceptor integration and unit tests

* fix: refactor execution interceptor integration and unit tests

* fix: refactor execution interceptor integration and unit tests

* fix: refactor execution interceptor integration and unit tests

* fix: refactor execution interceptor integration and unit tests

* docs: basic documentation for executions and targets

* fix: change order for interceptors

* fix: merge back origin/main

* fix: change target definition command and query side (#7735)

* fix: change target definition command and query side

* fix: correct refactoring name changes

* fix: correct refactoring name changes

* fix: changing execution defintion with target list and type

* fix: changing execution definition with target list and type

* fix: add back search queries for target and include

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* docs: add example to actions v2

* docs: add example to actions v2

* fix: correct integration tests on query for executions

* fix: add separate event for execution v2 as content changed

* fix: add separate event for execution v2 as content changed

* fix: added review comment changes

* fix: added review comment changes

* fix: added review comment changes

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>

* fix: added review comment changes

* fix: added review comment changes

* Update internal/api/grpc/server/middleware/execution_interceptor.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: added review comment changes

* fix: added review comment changes

* fix: added review comment changes

* fix: added review comment changes

* fix: added review comment changes

* fix: added review comment changes

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-05-04 11:55:57 +02:00
Max Peintner
7e345444bf
docs: feature settings in console (#7899)
* docs: feature settings in console

* update default settings
2024-05-03 13:13:06 +00:00
Fabi
83c5066ab9
docs: fix example for self hosting load balancing (#7890)
Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-05-02 10:15:35 +00:00
Livio Spring
9950cafafc
fix: improve information on unsupported hash algorithms (#7870)
* fix: improve information on unsupported hash algorithms

* Update de.yaml
2024-04-30 17:50:33 +00:00
Dakshitha Ratnayake
251d855f5d
docs(integrate): Add google login video (#7836)
* Update google.mdx

* Update google.mdx
2024-04-26 09:37:37 +05:30
mffap
66d185d74d
docs(concepts): identity brokering (#7812)
* docs(concepts): identity brokering

* add comments from review
2024-04-22 13:59:11 +00:00
Livio Spring
74624018c2
feat(actions): allow getting metadata of organizations from user grants (#7782)
* feat(actions): allow getting metadata of (other) organizations from user grants

* docs add action example
2024-04-22 11:34:23 +00:00
mffap
48d7307d0e
docs(features): external user grant (#7771)
* docs(features): external user grant

* cross link

* add image

* fix link to blog

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@zitadel.com>

---------

Co-authored-by: Florian Forster <florian@zitadel.com>
2024-04-15 12:13:05 +00:00
Max Peintner
9865425a0c
docs: update state of typescript repository (#7754)
Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-04-11 09:02:31 +00:00
Miguel Cabrerizo
d229da6af7
feat: SMTP Templates (#6932)
* feat: smtp templates poc

* feat: add isActive & ProviderType to SMTP backend

* feat: change providertype to uint32 and fix tests

* feat: minimal smtp provider component

* feat: woking on diiferent providers

* feat: keep working on providers

* feat: initial stepper for new provider

* fix: settings list and working on stepper

* feat: step 1 and 2 form inputs

* feat: starter for smtp test step

* fix: misspelled SMPT

* fix: remove tests for now

* feat: add tls toggle remove old google provider

* feat: working on add smtp and table

* fix: duplicated identifiers

* fix: settings list

* fix: add missing smtp config properties

* fix: add configID to smtp config table

* fix: working on listproviders

* feat: working in listSMTPConfigs

* fix: add count to listsmtpconfigs

* fix: getting empty results from listSMTPConfigs

* feat: table now shows real data

* fix: remaining styles for smtp-table

* fix: remove old notification-smtp-provider-component

* feat: delete smtp configuration

* feat: deactivate smtp config

* feat: replace isActive with state for smtp config

* feat: activate smtp config

* fix: remaining errors after main merge

* fix: list smtp providers panic and material mdc

* feat: refactor to only one provider component

* feat: current provider details view

* fix: refactor AddSMTPConfig and ChangeSMTPConfig

* fix: smtp config reduce issue

* fix: recover domain in NewIAMSMTPConfigWriteModel

* fix: add code needed by SetUpInstance

* fix: go tests and warn about passing context to InstanceAggregateFromWriteModel

* fix: i18n and add missing trans for fr, it, zh

* fix: add e2e tests

* docs: add smtp templates

* fix: remove provider_type, add description

* fix: remaining error from merge main

* fix: add @stebenz change for primary key

* fix: inactive placed after removed to prevent deleted configs to show as inactive

* fix: smtp provider id can be empty (migrated)

* feat: add mailchimp transactional template

* feat: add Brevo (Sendinblue) template

* feat: change brevo logo, add color to tls icon

* fix: queries use resourceowner, id must not be empty

* fix: deal with old smtp settings and tests

* fix: resourceOwner is the instanceID

* fix: remove aggregate_id, rename SMTPConfigByAggregateID with SMTPConfigActive

* fix: add tests for multiple configs with different IDs

* fix: conflict

* fix: remove notification-smtp-provider

* fix: add @peintnermax suggestions, rename module and fix e2e tests

* fix: remove material legacy modules

* fix: remove ctx as parameter for  InstanceAggregateFromWriteModel

* fix: add Id to SMTPConfigToPb

* fix:  change InstanceAggregateFromWriteModel to avoid linter errors

* fix import

* rm unused package-lock

* update yarn lock

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-04-11 09:16:10 +02:00
Livio Spring
153df2e12f
feat: provide option to limit (T)OTP checks (#7693)
* feat: provide option to limit (T)OTP checks

* fix requests in console

* update errors pkg

* cleanup

* cleanup

* improve naming of existing config
2024-04-10 09:14:55 +00:00
Livio Spring
2566f33aa2
docs(actions): describe user grant list (#7687) 2024-04-10 09:02:13 +02:00
Stefan Benz
6dcdef0268
fix: add action v2 execution to features (#7597)
* fix: add action v2 execution to features

* fix: add action v2 execution to features

* fix: add action v2 execution to features

* fix: update internal/command/instance_features_model.go

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* fix: merge back main

* fix: merge back main

* fix: rename feature and service

* fix: rename feature and service

* fix: review changes

* fix: review changes

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-04-09 20:21:21 +03:00
thariton
3bbf38acc5
docs: postgres healthcheck failing (#7692) 2024-04-08 14:08:06 +00:00
mffap
b0e515243d
docs(legal): add responsibilities in service description (#7711) 2024-04-05 11:23:21 +00:00
Tim Möhlmann
2089992d75
feat(crypto): use passwap for machine and app secrets (#7657)
* feat(crypto): use passwap for machine and app secrets

* fix command package tests

* add hash generator command test

* naming convention, fix query tests

* rename PasswordHasher and cleanup start commands

* add reducer tests

* fix intergration tests, cleanup old config

* add app secret unit tests

* solve setup panics

* fix push of updated events

* add missing event translations

* update documentation

* solve linter errors

* remove nolint:SA1019 as it doesn't seem to help anyway

* add nolint to deprecated filter usage

* update users migration version

* remove unused ClientSecret from APIConfigChangedEvent

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-04-05 09:35:49 +00:00
Alex Rimlin
fa9635eb93
docs(guides/integrate/service-users/private-key-jwt): (#7677)
* docs(guides/integrate/service-users/private-key-jwt): adjust incomplete, outdated and incorrect parts of the python example.

* wrong variable name for kid in the header

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-04-03 15:51:13 +00:00
mffap
e4e8361f66
docs: redirect identity providers introduction (#7695) 2024-04-03 07:02:01 +00:00
Tijl
2d25244c77
fix: docs: keycloak user migration api error (#7626)
fix user importing api error

Co-authored-by: Florian Forster <florian@zitadel.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-03-28 18:40:54 +00:00
Tim Möhlmann
3ca80d637d
docs(oidc): token exchange beta feature info (#7670)
* docs(oidc): token exchange beta feature info

This change adds an info box to the token exchange documentation, informing the reader of the beta state of the feature and how to enable it.

* Update docs/docs/apis/openidoauth/endpoints.mdx

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/token-exchange.mdx

Co-authored-by: Fabi <fabienne@zitadel.com>

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-03-28 13:02:54 +00:00
Max Peintner
20fb032743
docs: typescript login (#7621)
* typescript docs

* docs

* self service part

* deploy part

* headers

* update description

* illustration description

* endpoints

* Update docs/docs/guides/integrate/login-ui/typescript-repo.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/typescript-repo.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/typescript-repo.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/typescript-repo.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/typescript-repo.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/typescript-repo.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* rm scope

* Update docs/docs/guides/integrate/login-ui/typescript-repo.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* screenshot deploy to vercel

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-03-28 08:19:36 +00:00
Elio Bischof
d26391a642
feat(console): guide users when configuring IDPs (#7572)
* feat(console): show external idp remote config

* reuse copy-row

* finish google and saml sp

* finish apps

* add next steps modal

* rollout

* activate

* fix saml urls

* fix saml provider

* complete providers

* translate

* update google docs

* update entra id oidc docs

* update entra id saml docs

* update github docs

* update gitlab docs

* update apple docs

* update okta oidc docs

* update okta saml docs

* update keycloak docs

* update mocksaml

* cleanup

* lint

* lint

* fix overriden classes

* encapsulate styles

* fix icon classes

---------

Co-authored-by: peintnermax <max@caos.ch>
2024-03-27 20:10:31 +00:00
Dakshitha Ratnayake
2ea0b520fd
docs: Added a new intro page for configuring external IdPs. (#7595)
* Added a new intro page for configuring external IdPs.

* Fixed broken links

* Resolved build errors.

* Update docs/docs/guides/integrate/identity-providers/introduction.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/identity-providers/introduction.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Addressed review comments.

* Update docs/docs/guides/integrate/identity-providers/introduction.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/identity-providers/introduction.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Addressed review comments.

* Update docs/docs/guides/integrate/identity-providers/introduction.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/identity-providers/introduction.md

Co-authored-by: Fabi <fabienne@zitadel.com>

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-03-27 15:49:08 +05:30
Livio Spring
1121ebfdb8
fix: prevent custom urn:zitadel:iam claims (#7647) 2024-03-27 08:26:14 +01:00
Tim Möhlmann
2021bad0ad
docs(oidc): token exchange guide (#7625)
* docs(oidc): token exchange guide

This change adds a token exchange guide which includes "simple" and impersonation examples.
The endpoint, claims and grant type documentation also has been amended with token exchange specifics.

* solve suggestions

* fix impersonated event type

* add link to event store concept

* fix links build error

* add to sidebar and update some info boxes
2024-03-26 06:28:17 +00:00
Fabi
62652f4f91
docs: add linkedin guide (#7600)
* docs: add linkedin guide

* docs: change pictures and settings
2024-03-25 18:34:49 +02:00
mffap
376c3a3fff
docs(integrate): improve service user authentication (#7492)
* service users

* wip

* wip

* wip

* lower case titles

* wip

* wip

* private key jwt

* wip

* wip

* token introspection

* zitadel apis

* expiration

* replace mermaid with svg

* Apply suggestions from code review

Co-authored-by: Fabi <fabienne@zitadel.com>

* Apply suggestions from code review

* boulevard of broken links

* my hrefs will go on

* docs: add token type to client credential

* Update docs/docs/apis/introduction.mdx

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/service-users/authenticate-service-users.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/service-users/authenticate-service-users.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/service-users/authenticate-service-users.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/service-users/private-key-jwt.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/service-users/private-key-jwt.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/service-users/authenticate-service-users.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/service-users/client-credentials.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/service-users/client-credentials.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/_accessing_zitadel_api.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/zitadel-apis/access-zitadel-apis.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* docs: add token type to client credential

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@zitadel.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-03-25 10:30:43 +01:00
Livio Spring
d313e6d498
fix(setup): enable init-projection by default (#7616)
* fix(setup): enable init-projection by default

* update A10008
2024-03-23 12:52:52 +01:00
Livio Spring
7494a7b6d9
feat(api): add possibility to retrieve user schemas (#7614)
This PR extends the user schema service (V3 API) with the possibility to ListUserSchemas and GetUserSchemaByID.
The previously started guide is extended to demonstrate how to retrieve the schema(s) and notes the generated revision property.
2024-03-22 13:26:13 +00:00
Silvan
b338171585
docs: move jwt idp to guides (#7570) 2024-03-20 10:46:05 +01:00
Silvan
cc26eb1116
feat(actions): ctx.org.getMetadata() in external authentication (#7571) 2024-03-19 07:34:38 +01:00
Dakshitha Ratnayake
d30fb3118d
docs: Update additional-information.mdx (#7590)
Update additional-information.mdx
2024-03-18 16:01:03 +05:30
Max Peintner
0d46c39d00
docs: typescript login progress (#7378)
* docs: typescript login progress

* docs

* space

* Update docs/docs/guides/integrate/login-ui/typescript-repo.mdx

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/login-ui/typescript-repo.mdx

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/login-ui/typescript-repo.mdx

Co-authored-by: Fabi <fabienne@zitadel.com>

* future login, show email password login

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-03-15 11:02:56 +01:00
Silvan
150f3bddf0
docs: add azure entra saml (#7566) 2024-03-15 10:07:30 +01:00
Fabi
802b6c7fd1
docs: Okta saml idp docs (#7523)
* docs: add guide to setup okta saml idp

* docs: remove todo

* docs: okta user data info

* docs: fix broken links

* docs: add references to API docs

* Update docs/docs/guides/integrate/identity-providers/okta_saml.mdx

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update docs/docs/guides/integrate/identity-providers/okta_saml.mdx

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update docs/docs/guides/integrate/identity-providers/okta_saml.mdx

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update docs/docs/guides/integrate/identity-providers/okta_saml.mdx

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update docs/docs/guides/integrate/identity-providers/okta_saml.mdx

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update docs/docs/guides/integrate/identity-providers/okta_saml.mdx

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* docs: default settings

* docs: default settings

* docs: add saml mapping action

* docs: add saml mapping action

* docs: add saml mapping action

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2024-03-14 11:47:03 +00:00
Fabi
bcff220cb4
docs: onboarding users (#7462)
* docs: log module for actions

* docs: info on registration options

* docs: add saml description

* Update docs/docs/guides/integrate/onboarding/end-users.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Update docs/docs/guides/integrate/onboarding/end-users.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Update docs/docs/guides/integrate/onboarding/end-users.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Update docs/docs/guides/integrate/onboarding/end-users.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Update docs/docs/guides/integrate/onboarding/end-users.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Update docs/docs/guides/integrate/onboarding/end-users.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* docs: org scope

---------

Co-authored-by: mffap <mpa@zitadel.com>
2024-03-14 08:25:46 +00:00
Miguel Cabrerizo
dff5984f7d
fix: add expiration date information to service users keys (#7497)
* feat: add ExpirationDate to MachineKey JSON detail

* fix: include time in expiration date column for machine keys table

* fix: show expiration date in ShowKeyDialog if available

* fix: add machine key expiration date note

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-03-13 18:21:19 +00:00