mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-11 03:53:40 +00:00
8ec4a74d76
* fix: my usermemberships * frontend Co-authored-by: Max Peintner <max@caos.ch>
919 lines
21 KiB
Protocol Buffer
919 lines
21 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
import "google/api/annotations.proto";
|
|
import "google/protobuf/empty.proto";
|
|
import "google/protobuf/struct.proto";
|
|
import "google/protobuf/timestamp.proto";
|
|
import "validate/validate.proto";
|
|
import "protoc-gen-swagger/options/annotations.proto";
|
|
import "authoption/options.proto";
|
|
import "proto/message.proto";
|
|
|
|
package caos.zitadel.auth.api.v1;
|
|
|
|
option go_package = "github.com/caos/zitadel/pkg/grpc/auth";
|
|
|
|
option (grpc.gateway.protoc_gen_swagger.options.openapiv2_swagger) = {
|
|
info: {
|
|
title: "Auth API";
|
|
version: "0.1";
|
|
contact:{
|
|
url: "https://github.com/caos/zitadel/pkg/auth"
|
|
};
|
|
};
|
|
|
|
schemes: HTTPS;
|
|
|
|
consumes: "application/json";
|
|
consumes: "application/grpc";
|
|
|
|
produces: "application/json";
|
|
produces: "application/grpc";
|
|
};
|
|
|
|
service AuthService {
|
|
// Readiness
|
|
rpc Healthz(google.protobuf.Empty) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
get: "/healthz"
|
|
};
|
|
}
|
|
|
|
// Authorization
|
|
rpc GetMyUserSessions(google.protobuf.Empty) returns (UserSessionViews) {
|
|
option (google.api.http) = {
|
|
get: "/users/me/sessions"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
//User
|
|
rpc GetMyUser(google.protobuf.Empty) returns (UserView) {
|
|
option (google.api.http) = {
|
|
get: "/users/me"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc GetMyUserProfile(google.protobuf.Empty) returns (UserProfileView) {
|
|
option (google.api.http) = {
|
|
get: "/users/me/profile"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc UpdateMyUserProfile(UpdateUserProfileRequest) returns (UserProfile) {
|
|
option (google.api.http) = {
|
|
put: "/users/me/profile"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc ChangeMyUserName(ChangeUserNameRequest) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
put: "/users/me/username"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc GetMyUserEmail(google.protobuf.Empty) returns (UserEmailView) {
|
|
option (google.api.http) = {
|
|
get: "/users/me/email"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc ChangeMyUserEmail(UpdateUserEmailRequest) returns (UserEmail) {
|
|
option (google.api.http) = {
|
|
put: "/users/me/email"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc VerifyMyUserEmail(VerifyMyUserEmailRequest) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
post: "/users/me/email/_verify"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc ResendMyEmailVerificationMail(google.protobuf.Empty) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
post: "/users/me/email/_resendverification"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc GetMyUserPhone(google.protobuf.Empty) returns (UserPhoneView) {
|
|
option (google.api.http) = {
|
|
get: "/users/me/phone"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc ChangeMyUserPhone(UpdateUserPhoneRequest) returns (UserPhone) {
|
|
option (google.api.http) = {
|
|
put: "/users/me/phone"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc RemoveMyUserPhone(google.protobuf.Empty) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
delete: "/users/me/phone"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc VerifyMyUserPhone(VerifyUserPhoneRequest) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
post: "/users/me/phone/_verify"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc ResendMyPhoneVerificationCode(google.protobuf.Empty) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
post: "/users/me/phone/_resendverification"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc GetMyUserAddress(google.protobuf.Empty) returns (UserAddressView) {
|
|
option (google.api.http) = {
|
|
get: "/users/me/address"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc GetMyUserChanges(ChangesRequest) returns (Changes) {
|
|
option (google.api.http) = {
|
|
get: "/users/me/changes"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc UpdateMyUserAddress(UpdateUserAddressRequest) returns (UserAddress) {
|
|
option (google.api.http) = {
|
|
put: "/users/me/address"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc GetMyMfas(google.protobuf.Empty) returns (MultiFactors) {
|
|
option (google.api.http) = {
|
|
get: "/users/me/mfas"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
//Password
|
|
rpc ChangeMyPassword(PasswordChange) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
put: "/users/me/passwords/_change"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc GetMyPasswordComplexityPolicy(google.protobuf.Empty) returns (PasswordComplexityPolicy) {
|
|
option (google.api.http) = {
|
|
get: "/policies/passwords/complexity"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
//ExternalIDP
|
|
rpc SearchMyExternalIDPs(ExternalIDPSearchRequest) returns (ExternalIDPSearchResponse) {
|
|
option (google.api.http) = {
|
|
post: "/users/me/externalidps/_search"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc RemoveMyExternalIDP(ExternalIDPRemoveRequest) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
delete: "/users/me/externalidps/{idp_config_id}/{external_user_id}"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
// MFA
|
|
rpc AddMfaOTP(google.protobuf.Empty) returns (MfaOtpResponse) {
|
|
option (google.api.http) = {
|
|
post: "/users/me/mfas/otp"
|
|
body: "*"
|
|
};
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc VerifyMfaOTP(VerifyMfaOtp) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
put: "/users/me/mfas/otp/_verify"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc RemoveMfaOTP(google.protobuf.Empty) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
delete: "/users/me/mfas/otp"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc AddMyMfaU2F(google.protobuf.Empty) returns (WebAuthNResponse) {
|
|
option (google.api.http) = {
|
|
post: "/users/me/mfas/u2f"
|
|
body: "*"
|
|
};
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc VerifyMyMfaU2F(VerifyWebAuthN) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
put: "/users/me/mfas/u2f/_verify"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc RemoveMyMfaU2F(WebAuthNTokenID) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
delete: "/users/me/mfas/u2f/{id}"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc GetMyPasswordless(google.protobuf.Empty) returns (WebAuthNTokens) {
|
|
option (google.api.http) = {
|
|
get: "/users/me/passwordless"
|
|
};
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc AddMyPasswordless(google.protobuf.Empty) returns (WebAuthNResponse) {
|
|
option (google.api.http) = {
|
|
post: "/users/me/passwordless"
|
|
body: "*"
|
|
};
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc VerifyMyPasswordless(VerifyWebAuthN) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
put: "/users/me/passwordless/_verify"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc RemoveMyPasswordless(WebAuthNTokenID) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
delete: "/users/me/passwordless/{id}"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc SearchMyUserGrant(UserGrantSearchRequest) returns (UserGrantSearchResponse) {
|
|
option (google.api.http) = {
|
|
post: "/usergrants/me/_search"
|
|
body: "*"
|
|
};
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc SearchMyProjectOrgs(MyProjectOrgSearchRequest) returns (MyProjectOrgSearchResponse) {
|
|
option (google.api.http) = {
|
|
post: "/global/projectorgs/_search"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
//Permission
|
|
rpc GetMyZitadelPermissions(google.protobuf.Empty) returns (MyPermissions) {
|
|
option (google.api.http) = {
|
|
get: "/permissions/zitadel/me"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc GetMyProjectPermissions(google.protobuf.Empty) returns (MyPermissions) {
|
|
option (google.api.http) = {
|
|
get: "/permissions/me"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
|
|
rpc SearchMyUserMemberships(UserMembershipSearchRequest) returns (UserMembershipSearchResponse) {
|
|
option (google.api.http) = {
|
|
post: "/users/me/memberships/_search"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "authenticated"
|
|
};
|
|
}
|
|
}
|
|
|
|
message UserSessionViews {
|
|
repeated UserSessionView user_sessions = 1;
|
|
}
|
|
|
|
message UserSessionView {
|
|
string id = 1;
|
|
string agent_id = 2;
|
|
UserSessionState auth_state = 3;
|
|
string user_id = 4;
|
|
string user_name = 5;
|
|
uint64 sequence = 6;
|
|
string login_name = 7;
|
|
string display_name = 8;
|
|
}
|
|
|
|
enum UserSessionState {
|
|
USERSESSIONSTATE_UNSPECIFIED = 0;
|
|
USERSESSIONSTATE_ACTIVE = 1;
|
|
USERSESSIONSTATE_TERMINATED = 2;
|
|
}
|
|
|
|
message UserView {
|
|
string id = 1;
|
|
UserState state = 2;
|
|
google.protobuf.Timestamp creation_date = 3;
|
|
google.protobuf.Timestamp change_date = 4;
|
|
uint64 sequence = 5;
|
|
repeated string login_names = 6;
|
|
string preferred_login_name = 7;
|
|
google.protobuf.Timestamp last_login = 8;
|
|
string resource_owner = 9;
|
|
string user_name = 10;
|
|
|
|
oneof user {
|
|
option (validate.required) = true;
|
|
|
|
HumanView human = 11;
|
|
MachineView machine = 12;
|
|
}
|
|
}
|
|
|
|
message MachineView {
|
|
google.protobuf.Timestamp last_key_added = 1;
|
|
|
|
string name = 2;
|
|
string description = 3;
|
|
}
|
|
|
|
message MachineKeyView {
|
|
string id = 1;
|
|
MachineKeyType type = 2;
|
|
uint64 sequence = 3;
|
|
|
|
google.protobuf.Timestamp creation_date = 4;
|
|
google.protobuf.Timestamp expiration_date = 5;
|
|
}
|
|
|
|
enum MachineKeyType {
|
|
MACHINEKEY_UNSPECIFIED = 0;
|
|
MACHINEKEY_JSON = 1;
|
|
}
|
|
|
|
message HumanView {
|
|
google.protobuf.Timestamp password_changed = 1;
|
|
string first_name = 2;
|
|
string last_name = 3;
|
|
string display_name = 4;
|
|
string nick_name = 5;
|
|
string preferred_language = 6;
|
|
Gender gender = 7;
|
|
string email = 8;
|
|
bool is_email_verified = 9;
|
|
string phone = 10;
|
|
bool is_phone_verified = 11;
|
|
string country = 12;
|
|
string locality = 13;
|
|
string postal_code = 14;
|
|
string region = 15;
|
|
string street_address = 16;
|
|
}
|
|
|
|
enum UserState {
|
|
USERSTATE_UNSPECIFIED = 0;
|
|
USERSTATE_ACTIVE = 1;
|
|
USERSTATE_INACTIVE = 2;
|
|
USERSTATE_DELETED = 3;
|
|
USERSTATE_LOCKED = 4;
|
|
USERSTATE_SUSPEND = 5;
|
|
USERSTATE_INITIAL = 6;
|
|
}
|
|
|
|
enum Gender {
|
|
GENDER_UNSPECIFIED = 0;
|
|
GENDER_FEMALE = 1;
|
|
GENDER_MALE = 2;
|
|
GENDER_DIVERSE = 3;
|
|
}
|
|
|
|
message UserProfile {
|
|
string id = 1;
|
|
string first_name = 2;
|
|
string last_name = 3;
|
|
string nick_name = 4;
|
|
string display_name = 5;
|
|
string preferred_language = 6;
|
|
Gender gender = 7;
|
|
uint64 sequence = 8;
|
|
google.protobuf.Timestamp creation_date = 9;
|
|
google.protobuf.Timestamp change_date = 10;
|
|
}
|
|
|
|
message UserProfileView {
|
|
string id = 1;
|
|
string first_name = 2;
|
|
string last_name = 3;
|
|
string nick_name = 4;
|
|
string display_name = 5;
|
|
string preferred_language = 6;
|
|
Gender gender = 7;
|
|
uint64 sequence = 8;
|
|
google.protobuf.Timestamp creation_date = 9;
|
|
google.protobuf.Timestamp change_date = 10;
|
|
repeated string login_names = 11;
|
|
string preferred_login_name = 12;
|
|
}
|
|
|
|
message UpdateUserProfileRequest {
|
|
string first_name = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
string last_name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
string nick_name = 3 [(validate.rules).string.max_len = 200];
|
|
string preferred_language = 4 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
Gender gender = 5;
|
|
}
|
|
|
|
message ChangeUserNameRequest {
|
|
string user_name = 1 [(validate.rules).string.pattern = "^[^[:space:]]{1,200}$"];
|
|
}
|
|
|
|
message UserEmail {
|
|
string id = 1;
|
|
string email = 2;
|
|
bool isEmailVerified = 3;
|
|
uint64 sequence = 4;
|
|
google.protobuf.Timestamp creation_date = 5;
|
|
google.protobuf.Timestamp change_date = 6;
|
|
}
|
|
|
|
message UserEmailView {
|
|
string id = 1;
|
|
string email = 2;
|
|
bool isEmailVerified = 3;
|
|
uint64 sequence = 4;
|
|
google.protobuf.Timestamp creation_date = 5;
|
|
google.protobuf.Timestamp change_date = 6;
|
|
}
|
|
|
|
message VerifyMyUserEmailRequest {
|
|
string code = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
}
|
|
|
|
message UpdateUserEmailRequest {
|
|
string email = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
}
|
|
|
|
message UserPhone {
|
|
string id = 1;
|
|
string phone = 2;
|
|
bool is_phone_verified = 3;
|
|
uint64 sequence = 4;
|
|
google.protobuf.Timestamp creation_date = 5;
|
|
google.protobuf.Timestamp change_date = 6;
|
|
}
|
|
|
|
message UserPhoneView {
|
|
string id = 1;
|
|
string phone = 2;
|
|
bool is_phone_verified = 3;
|
|
uint64 sequence = 4;
|
|
google.protobuf.Timestamp creation_date = 5;
|
|
google.protobuf.Timestamp change_date = 6;
|
|
}
|
|
|
|
message UpdateUserPhoneRequest {
|
|
string phone = 1 [(validate.rules).string = {min_len: 1, max_len: 20}];
|
|
}
|
|
|
|
message VerifyUserPhoneRequest {
|
|
string code = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
}
|
|
|
|
message UserAddress {
|
|
string id = 1;
|
|
string country = 2;
|
|
string locality = 3;
|
|
string postal_code = 4;
|
|
string region = 5;
|
|
string street_address = 6;
|
|
uint64 sequence = 7;
|
|
google.protobuf.Timestamp creation_date = 8;
|
|
google.protobuf.Timestamp change_date = 9;
|
|
}
|
|
|
|
message UserAddressView {
|
|
string id = 1;
|
|
string country = 2;
|
|
string locality = 3;
|
|
string postal_code = 4;
|
|
string region = 5;
|
|
string street_address = 6;
|
|
uint64 sequence = 7;
|
|
google.protobuf.Timestamp creation_date = 8;
|
|
google.protobuf.Timestamp change_date = 9;
|
|
}
|
|
|
|
message UpdateUserAddressRequest {
|
|
string country = 1 [(validate.rules).string = {max_len: 200}];
|
|
string locality = 2 [(validate.rules).string = {max_len: 200}];
|
|
string postal_code = 3 [(validate.rules).string = {max_len: 200}];
|
|
string region = 4 [(validate.rules).string = {max_len: 200}];
|
|
string street_address = 5 [(validate.rules).string = {max_len: 200}];
|
|
}
|
|
|
|
message PasswordChange {
|
|
string old_password = 1 [(validate.rules).string = {min_len: 1, max_len: 72}];
|
|
string new_password = 2 [(validate.rules).string = {min_len: 1, max_len: 72}];
|
|
}
|
|
|
|
enum MfaType {
|
|
MFATYPE_UNSPECIFIED = 0;
|
|
MFATYPE_OTP = 1;
|
|
MFATYPE_U2F = 2;
|
|
}
|
|
|
|
message VerifyMfaOtp {
|
|
string code = 1 [(validate.rules).string = {min_len: 1}];
|
|
}
|
|
|
|
message MultiFactors {
|
|
repeated MultiFactor mfas = 1;
|
|
}
|
|
|
|
message MultiFactor {
|
|
MfaType type = 1;
|
|
MFAState state = 2;
|
|
string attribute = 3;
|
|
string id = 4;
|
|
}
|
|
|
|
message MfaOtpResponse {
|
|
string user_id = 1;
|
|
string url = 2;
|
|
string secret = 3;
|
|
MFAState state = 4;
|
|
}
|
|
|
|
message WebAuthNTokens {
|
|
repeated WebAuthNToken tokens = 1;
|
|
}
|
|
|
|
message WebAuthNToken {
|
|
string id = 1;
|
|
string name = 2;
|
|
MFAState state = 3;
|
|
}
|
|
|
|
message WebAuthNResponse {
|
|
string id = 1;
|
|
bytes public_key = 2;
|
|
MFAState state = 3;
|
|
}
|
|
|
|
message VerifyWebAuthN {
|
|
bytes public_key_credential = 1;
|
|
string token_name = 2;
|
|
}
|
|
|
|
message WebAuthNTokenID {
|
|
string id = 1;
|
|
}
|
|
|
|
enum MFAState {
|
|
MFASTATE_UNSPECIFIED = 0;
|
|
MFASTATE_NOT_READY = 1;
|
|
MFASTATE_READY = 2;
|
|
MFASTATE_REMOVED = 3;
|
|
}
|
|
|
|
message UserGrantSearchRequest {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
UserGrantSearchKey sorting_column = 3 [(validate.rules).enum = {not_in: [0]}];;
|
|
bool asc = 4;
|
|
repeated UserGrantSearchQuery queries = 5;
|
|
}
|
|
|
|
message UserGrantSearchQuery {
|
|
UserGrantSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];;
|
|
SearchMethod method = 2;
|
|
string value = 3;
|
|
}
|
|
|
|
enum UserGrantSearchKey {
|
|
UserGrantSearchKey_UNKNOWN = 0;
|
|
UserGrantSearchKey_ORG_ID = 1;
|
|
UserGrantSearchKey_PROJECT_ID = 2;
|
|
}
|
|
|
|
message UserGrantSearchResponse {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
uint64 total_result = 3;
|
|
repeated UserGrantView result = 4;
|
|
uint64 processed_sequence = 5;
|
|
google.protobuf.Timestamp view_timestamp = 6;
|
|
}
|
|
|
|
message UserGrantView {
|
|
string OrgId = 1;
|
|
string ProjectId = 2;
|
|
string UserId = 3;
|
|
repeated string Roles = 4;
|
|
string OrgName = 5;
|
|
string GrantId = 6;
|
|
}
|
|
|
|
message MyProjectOrgSearchRequest {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
bool asc = 4;
|
|
repeated MyProjectOrgSearchQuery queries = 5;
|
|
}
|
|
|
|
message MyProjectOrgSearchQuery {
|
|
MyProjectOrgSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];;
|
|
SearchMethod method = 2;
|
|
string value = 3;
|
|
}
|
|
|
|
enum MyProjectOrgSearchKey {
|
|
MYPROJECTORGSEARCHKEY_UNSPECIFIED = 0;
|
|
MYPROJECTORGSEARCHKEY_ORG_NAME = 1;
|
|
}
|
|
|
|
message MyProjectOrgSearchResponse {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
uint64 total_result = 3;
|
|
repeated Org result = 4;
|
|
}
|
|
|
|
message Org {
|
|
string id = 1;
|
|
string name = 2;
|
|
}
|
|
|
|
message MyPermissions {
|
|
repeated string permissions = 1;
|
|
}
|
|
|
|
enum SearchMethod {
|
|
SEARCHMETHOD_EQUALS = 0;
|
|
SEARCHMETHOD_STARTS_WITH = 1;
|
|
SEARCHMETHOD_CONTAINS = 2;
|
|
SEARCHMETHOD_EQUALS_IGNORE_CASE = 3;
|
|
SEARCHMETHOD_STARTS_WITH_IGNORE_CASE = 4;
|
|
SEARCHMETHOD_CONTAINS_IGNORE_CASE = 5;
|
|
}
|
|
|
|
message ChangesRequest {
|
|
uint64 limit = 1;
|
|
uint64 sequence_offset = 2;
|
|
bool asc = 3;
|
|
}
|
|
|
|
message Changes {
|
|
repeated Change changes = 1;
|
|
uint64 offset = 2;
|
|
uint64 limit = 3;
|
|
}
|
|
|
|
message Change {
|
|
google.protobuf.Timestamp change_date = 1;
|
|
caos.zitadel.api.v1.LocalizedMessage event_type = 2;
|
|
uint64 sequence = 3;
|
|
string editor_id = 4;
|
|
string editor = 5;
|
|
google.protobuf.Struct data = 6;
|
|
}
|
|
|
|
message PasswordComplexityPolicy {
|
|
string id = 1;
|
|
string description = 2;
|
|
google.protobuf.Timestamp creation_date = 3;
|
|
google.protobuf.Timestamp change_date = 4;
|
|
uint64 min_length = 5;
|
|
bool has_lowercase = 6;
|
|
bool has_uppercase = 7;
|
|
bool has_number = 8;
|
|
bool has_symbol = 9;
|
|
uint64 sequence = 10;
|
|
bool is_default = 11;
|
|
}
|
|
|
|
message ExternalIDPResponse {
|
|
string idp_config_id = 1;
|
|
string user_id = 2;
|
|
string display_name = 3;
|
|
}
|
|
|
|
message ExternalIDPRemoveRequest {
|
|
string idp_config_id = 1;
|
|
string external_user_id = 2;
|
|
}
|
|
|
|
message ExternalIDPSearchRequest {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
}
|
|
|
|
message ExternalIDPSearchResponse {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
uint64 total_result = 3;
|
|
repeated ExternalIDPView result = 4;
|
|
uint64 processed_sequence = 5;
|
|
google.protobuf.Timestamp view_timestamp = 6;
|
|
}
|
|
|
|
message ExternalIDPView {
|
|
string user_id = 1;
|
|
string idp_config_id = 2;
|
|
string external_user_id = 3;
|
|
string idp_name = 4;
|
|
string external_user_display_name = 5;
|
|
google.protobuf.Timestamp creation_date = 6;
|
|
google.protobuf.Timestamp change_date = 7;
|
|
}
|
|
|
|
|
|
message UserMembershipSearchResponse {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
uint64 total_result = 3;
|
|
repeated UserMembershipView result = 4;
|
|
uint64 processed_sequence = 5;
|
|
google.protobuf.Timestamp view_timestamp = 6;
|
|
}
|
|
|
|
message UserMembershipSearchRequest {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
repeated UserMembershipSearchQuery queries = 3;
|
|
}
|
|
|
|
message UserMembershipSearchQuery {
|
|
UserMembershipSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];
|
|
SearchMethod method = 2 [(validate.rules).enum = {in: [0]}];
|
|
string value = 3;
|
|
}
|
|
|
|
enum UserMembershipSearchKey {
|
|
USERMEMBERSHIPSEARCHKEY_UNSPECIFIED = 0;
|
|
USERMEMBERSHIPSEARCHKEY_TYPE = 1;
|
|
USERMEMBERSHIPSEARCHKEY_OBJECT_ID = 2;
|
|
}
|
|
|
|
message UserMembershipView {
|
|
string user_id = 1;
|
|
MemberType member_type = 2;
|
|
string aggregate_id = 3;
|
|
string object_id = 4;
|
|
repeated string roles = 5;
|
|
string display_name = 6;
|
|
google.protobuf.Timestamp creation_date = 7;
|
|
google.protobuf.Timestamp change_date = 8;
|
|
uint64 sequence = 9;
|
|
string resource_owner = 10;
|
|
}
|
|
|
|
enum MemberType {
|
|
MEMBERTYPE_UNSPECIFIED = 0;
|
|
MEMBERTYPE_ORGANISATION = 1;
|
|
MEMBERTYPE_PROJECT = 2;
|
|
MEMBERTYPE_PROJECT_GRANT = 3;
|
|
}
|