TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-15 12:27:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
3fabe5a2f9
zitadel/internal/api/grpc
History
Livio Spring fb2b1610f9
fix(oidc): remove MFA requirement on ZITADEL API based on user auth methods (#8069) 
# Which Problems Are Solved

Request to the ZITADEL API currently require multi factor authentication
if the user has set up any second factor.
However, the login UI will only prompt the user to check factors that
are allowed by the login policy.
This can lead to situations, where the user has set up a factor (e.g.
some OTP) which was not allowed by the policy, therefore will not have
to verify the factor, the ZITADEL API however will require the check
since the user has set it up.

# How the Problems Are Solved

The requirement for multi factor authentication based on the user's
authentication methods is removed when accessing the ZITADEL APIs.
Those requests will only require MFA in case the login policy does so
because of `requireMFA` or `requireMFAForLocalUsers`.

# Additional Changes

None.

# Additional Context

- a customer reached out to support
- discussed internally
- relates #7822 
- backport to 2.53.x
2024-06-12 12:24:17 +00:00
..
action fix: actions v2 circular check for includes (#7563) 2024-05-22 16:05:06 +00:00
admin fix: consider oidc session events for authN milestones (#8089) 2024-06-12 06:49:14 +02:00
auth fix: allow sorting of MyProjectOrgs (by name) (#7970) 2024-05-17 09:52:15 +02:00
authn chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
change refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
client/middleware refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
event refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
feature/v2 refactor(query): use new packages for org by id query (#7826) 2024-05-24 13:32:57 +02:00
gerrors fix: exclude db connection error details (#7785) 2024-04-23 08:35:25 +00:00
idp feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
instance feat(api): feature flags (#7356) 2024-02-28 10:55:54 +02:00
management feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
member refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
metadata fix(api): correct mapping of metadata queries (#7609) 2024-03-21 14:56:58 +00:00
object feat: user v2 service query (#7095) 2024-01-17 10:00:10 +01:00
oidc/v2 perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
org fix: allow sorting of MyProjectOrgs (by name) (#7970) 2024-05-17 09:52:15 +02:00
policy feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
project feat(oidc): token exchange impersonation (#7516) 2024-03-20 10:18:46 +00:00
server fix: potential panics in login and return proper http 405 (#8065) 2024-06-07 07:30:04 +00:00
session/v2 fix(oidc): remove MFA requirement on ZITADEL API based on user auth methods (#8069) 2024-06-12 12:24:17 +00:00
settings feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
system fix: consider oidc session events for authN milestones (#8089) 2024-06-12 06:49:14 +02:00
text feat(idp): provide option to auto link user (#7734) 2024-04-10 15:46:30 +00:00
user feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
config.go remove pointers on configs 2020-03-27 13:57:16 +01:00
fields.go fix: provide more information in the retrieve idp information (#5927) 2023-06-20 14:39:50 +02:00
header_test.go remove negated integration tags 2023-04-26 19:55:13 +03:00
header.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
probes_test.go add server reflection to Probes list 2023-05-07 16:47:43 +02:00
probes.go add server reflection to Probes list 2023-05-07 16:47:43 +02:00