mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-11 17:27:31 +00:00
2928c6ac2b
# Which Problems Are Solved We move the login code to the zitadel repo. # How the Problems Are Solved The login repo is added to ./login as a git subtree pulled from the dockerize-ci branch. Apart from the login code, this PR contains the changes from #10116 # Additional Context - Closes https://github.com/zitadel/typescript/issues/474 - Also merges #10116 - Merging is blocked by failing check because of: - https://github.com/zitadel/zitadel/pull/10134#issuecomment-3012086106 --------- Co-authored-by: Max Peintner <peintnerm@gmail.com> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Florian Forster <florian@zitadel.com>
111 lines
3.9 KiB
YAML
111 lines
3.9 KiB
YAML
Log:
|
|
Level: info
|
|
|
|
ExternalSecure: false
|
|
|
|
TLS:
|
|
Enabled: false
|
|
|
|
Caches:
|
|
Connectors:
|
|
Memory:
|
|
Enabled: true
|
|
Postgres:
|
|
Enabled: true
|
|
Redis:
|
|
Enabled: true
|
|
Instance:
|
|
Connector: "memory"
|
|
MaxAge: 5m
|
|
LastUsage: 1m
|
|
Log:
|
|
Level: info
|
|
Milestones:
|
|
Connector: "postgres"
|
|
MaxAge: 5m
|
|
LastUsage: 1m
|
|
Log:
|
|
Level: info
|
|
Organization:
|
|
Connector: "redis"
|
|
MaxAge: 5m
|
|
LastUsage: 1m
|
|
Log:
|
|
Level: info
|
|
|
|
Quotas:
|
|
Access:
|
|
Enabled: true
|
|
|
|
Telemetry:
|
|
Enabled: true
|
|
Endpoints:
|
|
- http://localhost:8081/milestone
|
|
Headers:
|
|
single-value: "single-value"
|
|
multi-value:
|
|
- "multi-value-1"
|
|
- "multi-value-2"
|
|
|
|
FirstInstance:
|
|
Org:
|
|
Human:
|
|
PasswordChangeRequired: false
|
|
|
|
LogStore:
|
|
Execution:
|
|
Stdout:
|
|
Enabled: true
|
|
|
|
Projections:
|
|
HandleActiveInstances: 30m
|
|
RequeueEvery: 5s
|
|
Customizations:
|
|
NotificationsQuotas:
|
|
RequeueEvery: 1s
|
|
telemetry:
|
|
HandleActiveInstances: 60s
|
|
RequeueEvery: 1s
|
|
|
|
DefaultInstance:
|
|
LoginPolicy:
|
|
MfaInitSkipLifetime: "0"
|
|
|
|
SystemAPIUsers:
|
|
- tester:
|
|
KeyData: "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF6aStGRlNKTDdmNXl3NEtUd3pnTQpQMzRlUEd5Y20vTStrVDBNN1Y0Q2d4NVYzRWFESXZUUUtUTGZCYUVCNDV6YjlMdGpJWHpEdzByWFJvUzJoTzZ0CmgrQ1lRQ3ozS0N2aDA5QzBJenhaaUIySVMzSC9hVCs1Qng5RUZZK3ZuQWtaamNjYnlHNVlOUnZtdE9sbnZJZUkKSDdxWjB0RXdrUGZGNUdFWk5QSlB0bXkzVUdWN2lvZmRWUVMxeFJqNzMrYU13NXJ2SDREOElkeWlBQzNWZWtJYgpwdDBWajBTVVgzRHdLdG9nMzM3QnpUaVBrM2FYUkYwc2JGaFFvcWRKUkk4TnFnWmpDd2pxOXlmSTV0eXhZc3duCitKR3pIR2RIdlczaWRPRGxtd0V0NUsycGFzaVJJV0syT0dmcSt3MEVjbHRRSGFidXFFUGdabG1oQ2tSZE5maXgKQndJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tCg=="
|
|
Memberships:
|
|
- MemberType: System
|
|
Roles:
|
|
- "SYSTEM_OWNER"
|
|
- "IAM_OWNER"
|
|
- "ORG_OWNER"
|
|
- cypress:
|
|
KeyData: "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF6aStGRlNKTDdmNXl3NEtUd3pnTQpQMzRlUEd5Y20vTStrVDBNN1Y0Q2d4NVYzRWFESXZUUUtUTGZCYUVCNDV6YjlMdGpJWHpEdzByWFJvUzJoTzZ0CmgrQ1lRQ3ozS0N2aDA5QzBJenhaaUIySVMzSC9hVCs1Qng5RUZZK3ZuQWtaamNjYnlHNVlOUnZtdE9sbnZJZUkKSDdxWjB0RXdrUGZGNUdFWk5QSlB0bXkzVUdWN2lvZmRWUVMxeFJqNzMrYU13NXJ2SDREOElkeWlBQzNWZWtJYgpwdDBWajBTVVgzRHdLdG9nMzM3QnpUaVBrM2FYUkYwc2JGaFFvcWRKUkk4TnFnWmpDd2pxOXlmSTV0eXhZc3duCitKR3pIR2RIdlczaWRPRGxtd0V0NUsycGFzaVJJV0syT0dmcSt3MEVjbHRRSGFidXFFUGdabG1oQ2tSZE5maXgKQndJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tCg=="
|
|
- system-user-with-no-permissions:
|
|
KeyData: "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFqTVdFWDZtK0gzWndaV1ptTUhxbApHbVoxa0wvRVlWZzJCb24yQm5wOU5LTXdoVTlpK29CcUwrR0FzVVZYdnBkMmhVTy9ZK1VpVzlRdnJ4K3ZBeVpNCmdrNjRRNlFFNm5ZMWJncnV3aEJDUC85ZWlMMzVvOTRHelhiS2RDSEF5bFNBQmRHemZaTDN1YUgwVndvRk9neU0KZkJveTdGMHFLRXA0bVp5ZUhmMFo3ZXZacVVyRDVNcEZMTjBhUnRqVWpwOTFpd0tGU29kYXY1S25sYW4vSGtQaQpzN3NnLzBmVURRRDRzZ2ZvcndManJWYnI1aUtxSTBHQ3VhUEwzazRQOEdnY1haczVJcHUzb1BDZXdWUTBvd1hoCjJvRXVTdlNDYS8wTmxYanRLMlRqbmlYeTVSL2NaVXF3NzNOd0NFdjl4N1pLaU51dkpEWkw2UnM5Q0xJT3RhVkUKTFFJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tCg=="
|
|
Memberships:
|
|
# MemberType System allows the user to access all APIs for all instances or organizations
|
|
- MemberType: IAM
|
|
Roles:
|
|
- "NO_ROLES"
|
|
|
|
InitProjections:
|
|
Enabled: true
|
|
|
|
# Extend key lifetimes so we do not see more legacy keys when
|
|
# integration tests are rerun on the same DB with more than 6 hours apart.
|
|
# The test counts the amount of keys returned from the JWKS endpoint and fails
|
|
# with 2 or more legacy public keys,
|
|
SystemDefaults:
|
|
KeyConfig:
|
|
PrivateKeyLifetime: 7200h
|
|
PublicKeyLifetime: 14400h
|
|
|
|
OIDC:
|
|
DefaultLoginURLV2: "/login?authRequest=" # ZITADEL_OIDC_DEFAULTLOGINURLV2
|
|
DefaultLogoutURLV2: "/logout?post_logout_redirect=" # ZITADEL_OIDC_DEFAULTLOGOUTURLV2
|
|
|
|
SAML:
|
|
DefaultLoginURLV2: "/login?authRequest=" # ZITADEL_SAML_DEFAULTLOGINURLV2
|