TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-04 23:45:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
ZITADEL - Identity infrastructure, simplified for you.
3,245 Commits 162 Branches 1,924 Tags 666 MiB
Go 82.3%
TypeScript 10.4%
HTML 4.3%
SCSS 2%
CSS 0.6%
Other 0.2%
64a3bb3149
Go to file
Tim Möhlmann 64a3bb3149
feat(v3alpha): web key resource (#8262) 
# Which Problems Are Solved

Implement a new API service that allows management of OIDC signing web
keys.
This allows users to manage rotation of the instance level keys. which
are currently managed based on expiry.

The API accepts the generation of the following key types and
parameters:

- RSA keys with 2048, 3072 or 4096 bit in size and:
  - Signing with SHA-256 (RS256)
  - Signing with SHA-384 (RS384)
  - Signing with SHA-512 (RS512)
- ECDSA keys with
  - P256 curve
  - P384 curve
  - P512 curve
- ED25519 keys

# How the Problems Are Solved

Keys are serialized for storage using the JSON web key format from the
`jose` library. This is the format that will be used by OIDC for
signing, verification and publication.

Each instance can have a number of key pairs. All existing public keys
are meant to be used for token verification and publication the keys
endpoint. Keys can be activated and the active private key is meant to
sign new tokens. There is always exactly 1 active signing key:

1. When the first key for an instance is generated, it is automatically
activated.
2. Activation of the next key automatically deactivates the previously
active key.
3. Keys cannot be manually deactivated from the API
4. Active keys cannot be deleted

# Additional Changes

- Query methods that later will be used by the OIDC package are already
implemented. Preparation for #8031
- Fix indentation in french translation for instance event
- Move user_schema translations to consistent positions in all
translation files

# Additional Context

- Closes #8030
- Part of #7809

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-08-14 14:18:14 +00:00
.codecov chore(codecov): make codecov configurable in repo (#40) 2020-04-08 07:37:24 +02:00
.devcontainer docs: add developing with dev containers (#8095) 2024-06-18 08:29:02 +00:00
.github fix: change pr template to not link to existing issues and prs (#8412) 2024-08-09 15:41:40 +02:00
build chore(deps): bump node from 18-buster to 20-buster in /build (#6258) 2023-10-12 16:51:50 +00:00
cmd feat(v3alpha): web key resource (#8262) 2024-08-14 14:18:14 +00:00
console feat(idp): provide auto only options (#8420) 2024-08-14 13:04:26 +00:00
deploy/knative docs: fix knative docs (#7752) 2024-04-18 13:45:15 +00:00
docs feat(v3alpha): web key resource (#8262) 2024-08-14 14:18:14 +00:00
e2e test(e2e): wait before select org (#8403) 2024-08-08 09:53:55 +02:00
internal feat(v3alpha): web key resource (#8262) 2024-08-14 14:18:14 +00:00
load-test test: add load test for session creation (#8088) 2024-07-09 15:16:50 +00:00
openapi ci: improve performance (#5953) 2023-07-17 10:08:20 +02:00
pkg/grpc feat: api v2beta to api v2 (#8283) 2024-07-26 22:39:55 +02:00
proto feat(v3alpha): web key resource (#8262) 2024-08-14 14:18:14 +00:00
statik feat: api v2beta to api v2 (#8283) 2024-07-26 22:39:55 +02:00
.dockerignore ci: improve performance (#5953) 2023-07-17 10:08:20 +02:00
.gitattributes chore(devcontainer): improve devcontainer to work on windows and linux (#8194) 2024-06-25 14:40:34 +00:00
.gitignore chore(docs): use gh action to build docs (#8097) 2024-06-13 08:07:39 +00:00
.golangci.yaml chore(deps): update all go deps (#7773) 2024-04-15 09:17:36 +00:00
.releaserc.js chore: avoid latest on maintenance releases (#7702) 2024-04-10 11:56:05 +00:00
buf.gen.yaml ci: improve performance (#5953) 2023-07-17 10:08:20 +02:00
buf.work.yaml chore(console): buf stub build (#5215) 2023-02-17 14:09:11 +00:00
changelog.config.js feat: Merge master (#1260) 2021-02-08 16:48:41 +01:00
CODE_OF_CONDUCT.md chore: rename docs links (#3668) 2022-05-20 14:32:06 +00:00
CONTRIBUTING.md docs: add developing with dev containers (#8095) 2024-06-18 08:29:02 +00:00
go.mod fix: update oidc lib (#8393) 2024-08-06 13:07:55 +00:00
go.sum fix: update oidc lib (#8393) 2024-08-06 13:07:55 +00:00
LICENSE chore: Update LICENSE (#1087) 2020-12-14 09:40:09 +01:00
main.go chore: test server for direct resource access 2023-04-24 20:40:31 +03:00
Makefile chore: update dependencies (#8242) 2024-07-04 08:28:56 +02:00
MEETING_SCHEDULE.md docs: add office hour #4 (#8398) 2024-08-08 08:05:48 +00:00
README.md docs: add office hours (#7999) 2024-05-29 07:34:37 +00:00
release-channels.yaml chore(stable): update to v2.53.9 (#8405) 2024-08-08 11:26:22 +02:00
SECURITY.md docs: rename instance settings to default settings (#7484) 2024-03-06 10:36:04 +00:00

README.md

Zitadel Logo Zitadel Logo

GitHub Workflow Status (with event) Dynamic YAML Badge GitHub contributors

Community Meeting
ZITADEL holds bi-weekly community calls. To join the community calls or to watch previous meeting notes and recordings, please visit the meeting schedule.

Are you searching for a user management tool that is quickly set up like Auth0 and open source like Keycloak?

Do you have a project that requires multi-tenant user management with self-service for your customers?

Look no further — ZITADEL is the identity infrastructure, simplified for you.

We provide you with a wide range of out-of-the-box features to accelerate your project, including:

Multi-tenancy with team management
Secure login
Self-service
OpenID Connect
OAuth2.x
SAML2
LDAP
Passkeys / FIDO2
OTP
and an unlimited audit trail is there for you, ready to use.

With ZITADEL, you are assured of a robust and customizable turnkey solution for all your authentication and authorization needs.

🏡 Website 💬 Chat 📋 Docs 🧑‍💻 Blog 📞 Contact

Get started

👉 Quick Start Guide

Deploy ZITADEL (Self-Hosted)

Deploying ZITADEL locally takes less than 3 minutes. Go ahead and give it a try!

See all guides here

If you are interested to get professional support for your self-hosted ZITADEL please reach out to us!

Setup ZITADEL Cloud (SaaS)

If you want to experience a hands-free ZITADEL, you should use ZITADEL Cloud.

ZITADEL Cloud comes with a free tier, providing you with all the same features as the open-source version. Learn more about the pay-as-you-go pricing.

Example applications

Clone one of our example applications or deploy them directly to Vercel.

SDKs

Use our SDKs for your favorite language and framework.

Why choose ZITADEL

We built ZITADEL with a complex multi-tenancy architecture in mind and provide the best solution to handle B2B customers and partners. Yet it offers everything you need for a customer identity (CIAM) use case.

Features

Authentication

Multi-Tenancy

Integration

Self-Service

Deployment

Track upcoming features on our roadmap.

How To Contribute

Find details about how you can contribute in our Contribution Guide

Contributors

Made with contrib.rocks.

Showcase

Quick Start Guide

Secure a React Application using OpenID Connect Authorization Code with PKCE

Quick Start Guide

Login with Passkeys

Use our login widget to allow easy and secure access to your applications and enjoy all the benefits of Passkeys (FIDO 2 / WebAuthN):

Passkeys

Admin Console

Use Console or our APIs to setup organizations, projects and applications.

Console Showcase

Security

You can find our security policy here.

Technical Advisories are published regarding major issues with the ZITADEL platform that could potentially impact security or stability in production environments.

License

here are our exact licensing terms.

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See our license for detailed information governing permissions and limitations on use.