zitadel/pkg/admin/api/proto/admin.proto

syntax = "proto3";

import "google/api/annotations.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/timestamp.proto";
import "google/protobuf/struct.proto";
import "validate/validate.proto";
import "protoc-gen-swagger/options/annotations.proto";
import "authoption/options.proto";

package caos.zitadel.admin.api.v1;

option go_package ="github.com/caos/zitadel/pkg/admin/api/grpc";

option (grpc.gateway.protoc_gen_swagger.options.openapiv2_swagger) = {
    info: {
        title: "admin service";
        version: "0.1";
        contact:{
            url: "https://github.com/caos/zitadel/pkg/admin"
        };
    };

    schemes: HTTPS;

    consumes: "application/json";
    consumes: "application/grpc";

    produces: "application/json";
    produces: "application/grpc";
};

service AdminService {
    // ---------
    // Probes
    // ---------

    // Healthz returns status OK as soon as the service started
    rpc Healthz(google.protobuf.Empty) returns (google.protobuf.Empty) {
        option (google.api.http) = {
           get: "/healthz"
        };
    }

    // Ready returns status OK as soon as all dependent services are available
    rpc Ready(google.protobuf.Empty) returns (google.protobuf.Empty) {
        option (google.api.http) = {
           get: "/ready"
        };
    }

    rpc Validate(google.protobuf.Empty) returns (google.protobuf.Struct) {
        option (google.api.http) = {
            get: "/validate"
        };
    }

//ORG
    rpc IsOrgUnique(UniqueOrgRequest) returns (UniqueOrgResponse) {
        option (google.api.http) = {
            get: "/orgs/_isunique"
        };

        option (caos.zitadel.utils.v1.auth_option) = {
            permission: "iam.read"
        };
    }

    rpc GetOrgByID(OrgID) returns (Org) {
        option (google.api.http) = {
            get: "/orgs/{id}"
        };

        option (caos.zitadel.utils.v1.auth_option) = {
            permission: "iam.read"
        };
    }

    rpc SearchOrgs(OrgSearchRequest) returns (OrgSearchResponse) {
        option (google.api.http) = {
            post: "/orgs/_search"
            body: "*"
        };

        option (caos.zitadel.utils.v1.auth_option) = {
            permission: "iam.read"
        };
    }

    rpc SetUpOrg(OrgSetUpRequest) returns (OrgSetUpResponse) {
        option (google.api.http) = {
            post: "/orgs/_setup"
            body: "*"
        };

        option (caos.zitadel.utils.v1.auth_option) = {
            permission: "iam.write"
        };
    }
}

message OrgID {
    string id = 1;
}

message UniqueOrgRequest {
    string name = 1 [(validate.rules).string.min_len = 1];
    string domain = 2 [(validate.rules).string.min_len = 1];
}

message UniqueOrgResponse {
    bool is_unique = 1;
}

message Org {
    string id = 1;
    OrgState state = 2;
    google.protobuf.Timestamp creation_date = 3;
    google.protobuf.Timestamp change_date = 4;
    string name = 5;
    string domain = 6;
}

enum OrgState {
    ORGSTATE_UNSPECIFIED = 0;
    ORGSTATE_ACTIVE = 1;
    ORGSTATE_INACTIVE = 2;
}

message OrgSearchRequest {
    uint64 offset = 1;
    uint64 limit = 2;
    OrgSearchKey sorting_column = 3 [(validate.rules).enum = {not_in: [0]}];;
    bool asc = 4;
    repeated OrgSearchQuery queries = 5;
}

message OrgSearchQuery {
    OrgSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];;
    OrgSearchMethod method = 2;
    string value = 3;
}

enum OrgSearchKey {
    ORGSEARCHKEY_UNSPECIFIED = 0;
    ORGSEARCHKEY_ORG_NAME = 1;
    ORGSEARCHKEY_DOMAIN = 2;
    ORGSEARCHKEY_STATE = 3;
}

message OrgSearchResponse {
    uint64 offset = 1;
    uint64 limit = 2;
    uint64 total_result = 3;
    repeated Org result = 4;
}

enum OrgSearchMethod {
    ORGSEARCHMETHOD_EQUALS = 0;
    ORGSEARCHMETHOD_STARTS_WITH = 1;
    ORGSEARCHMETHOD_CONTAINS = 2;
}

message OrgSetUpRequest {
    CreateOrgRequest org = 1;
    CreateUserRequest user = 2;
}

message OrgSetUpResponse {
    Org org = 1;
    User user = 2;
}

message CreateUserRequest {
    string user_name = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
    string first_name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
    string last_name = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
    string nick_name = 4 [(validate.rules).string = {max_len: 200}];
    string display_name = 5 [(validate.rules).string = {max_len: 200}];
    string preferred_language = 6 [(validate.rules).string = {max_len: 200}];
    Gender gender = 7;
    string email = 8 [(validate.rules).string = {min_len: 1, max_len: 200, email: true}];
    bool is_email_verified = 9;
    string phone = 11 [(validate.rules).string = {max_len: 20}];
    bool is_phone_verified = 12;
    string country = 13 [(validate.rules).string = {max_len: 200}];
    string locality = 14 [(validate.rules).string = {max_len: 200}];
    string postal_code = 15 [(validate.rules).string = {max_len: 200}];
    string region = 16 [(validate.rules).string = {max_len: 200}];
    string street_address = 17 [(validate.rules).string = {max_len: 200}];
    string password = 18 [(validate.rules).string = {max_len: 72}];
}

message User {
    string id = 1;
    UserState state = 2;
    google.protobuf.Timestamp creation_date = 3;
    google.protobuf.Timestamp change_date = 4;
    string user_name = 5;
    string first_name = 6;
    string last_name = 7;
    string nick_name = 8;
    string display_name = 9;
    string preferred_language = 10;
    Gender gender = 11;
    string email = 12;
    bool isEmailVerified = 13;
    string phone = 14;
    bool isPhoneVerified = 15;
    string country = 16;
    string locality = 17;
    string postal_code = 18;
    string region = 19;
    string street_address = 20;
    uint64 sequence = 21;
}

enum UserState {
    USERSTATE_UNSPECIFIED = 0;
    USERSTATE_ACTIVE = 1;
    USERSTATE_INACTIVE = 2;
    USERSTATE_DELETED = 3;
    USERSTATE_LOCKED = 4;
    USERSTATE_SUSPEND = 5;
    USERSTATE_INITIAL= 6;
}

enum Gender {
    GENDER_UNSPECIFIED = 0;
    GENDER_FEMALE = 1;
    GENDER_MALE = 2;
    GENDER_DIVERSE = 3;
}

message CreateOrgRequest {
    string name = 1 [(validate.rules).string.min_len = 1];
    string domain = 2 [(validate.rules).string.min_len = 1];
}