TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-13 11:34:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
22d4c345be
zitadel/site/docs/administrate/06-users.en.md
Max Peintner 22d4c345be
docs: image gallery viewer (#905) 
* add assets, photoswipe html element to body

* add single script, gallery for multiple items

* update docs for image gallery

* fix relative links

* inject image script on mount

* replace inline script

* remove facebook, twitter, pinterest sharing

* fix hover on share

* fix start img aspect radio, reduce size

* right align json script

* right align go script

* change script background
2020-10-26 13:03:51 +01:00

4.4 KiB
Raw Blame History

title
Users

What are users

In ZITADEL there are different users. Some belong to dedicated organisations other belong to the global organisations. Some of them are human users others are machines. Nonetheless we treat them all the same in regard to roles management and audit trail.

Human vs. Service Users

The major difference between humane vs. machine users is the type of credentials who can be used. With machine users there is only a non interactive login process possible. As such we utilize “JWT as Authorization Grant”.

TODO Link to “JWT as Authorization Grant” explanation.

How ZITADEL handles usernames

ZITADEL is built around the concept of organisations. Each organisation has it's own pool of usernames which include human and service users. For example a user with the username road.runner can only exist once the organisation ACME. ZITADEL will automatically generate a "logonname" for each user consisting of {username}@{domainname}.{zitadeldomain}. Without verifying the domain name this would result in the logonname road.runner@acme.zitadel.ch. If you use a dedicated ZITADEL replace zitadel.ch with your domain name.

If someone verifies a domain name within the organisation ZITADEL will generate additional logonames for each user with that domain. For example if the domain is acme.ch the resulting logonname would be road.runner@acme.ch and as well the generated one road.runner@acme.zitadel.ch.

Domain verification also removes the logonname from all [users](administrate#Users who might have used this combination in the global organisation. Relating to example with acme.ch if a user in the global organisation, let's call him coyote used coyote@acme.ch this logonname will be replaced with coyote@randomvalue.tld ZITADEL notifies the user about this change

Manage Users

Search Users

User list Search
User list Search

Image 1: User List Search

Create Users

User list
User list

Image 2: User List

User Create Form
User Create Form

Image 3: User Create Form

User Create Done
User Create Done

Image 4: User Create Done

Set Password

Screenshot here

Manage Service Users

Screenshot here

Authorizations

Screenshot here

Audit user changes

Screenshot here