mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-07 15:37:45 +00:00
3f22fb3a5c
* feat(user/v1): support composite queries * fix: added proper error handling for NotQuery * Added error when there are too many levels of nesting * Add localization keys for english * Update internal/api/grpc/user/query.go
984 lines
32 KiB
Protocol Buffer
984 lines
32 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
import "zitadel/object.proto";
|
|
import "validate/validate.proto";
|
|
import "google/protobuf/timestamp.proto";
|
|
|
|
import "protoc-gen-openapiv2/options/annotations.proto";
|
|
|
|
package zitadel.user.v1;
|
|
|
|
option go_package ="github.com/zitadel/zitadel/pkg/grpc/user";
|
|
|
|
message User {
|
|
string id = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\"";
|
|
}
|
|
];
|
|
zitadel.v1.ObjectDetails details = 2;
|
|
UserState state = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "current state of the user";
|
|
}
|
|
];
|
|
string user_name = 4 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"gigi-giraffe\"";
|
|
}
|
|
];
|
|
repeated string login_names = 5 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "[\"gigi@zitadel.com\", \"gigi@zitadel.zitadel.ch\"]";
|
|
}
|
|
];
|
|
string preferred_login_name = 6 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"gigi@zitadel.com\"";
|
|
}
|
|
];
|
|
oneof type {
|
|
Human human = 7 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "one of type use human or machine"
|
|
}
|
|
];
|
|
Machine machine = 8 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "one of type use human or machine"
|
|
}
|
|
];
|
|
}
|
|
}
|
|
|
|
enum UserState {
|
|
USER_STATE_UNSPECIFIED = 0;
|
|
USER_STATE_ACTIVE = 1;
|
|
USER_STATE_INACTIVE = 2;
|
|
USER_STATE_DELETED = 3;
|
|
USER_STATE_LOCKED = 4;
|
|
USER_STATE_SUSPEND = 5;
|
|
USER_STATE_INITIAL = 6;
|
|
}
|
|
|
|
message Human {
|
|
Profile profile = 1;
|
|
Email email = 2;
|
|
Phone phone = 3;
|
|
}
|
|
|
|
message Machine {
|
|
string name = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"zitadel\"";
|
|
}
|
|
];
|
|
string description = 2 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"The one and only IAM\"";
|
|
}
|
|
];
|
|
bool has_secret = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"true\"";
|
|
}
|
|
];
|
|
AccessTokenType access_token_type = 4 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "Type of access token to receive";
|
|
}
|
|
];
|
|
}
|
|
|
|
message Profile {
|
|
string first_name = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"Gigi\"";
|
|
}
|
|
];
|
|
string last_name = 2 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"Giraffe\"";
|
|
}
|
|
];
|
|
string nick_name = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"gigi-giraffe\"";
|
|
}
|
|
];
|
|
string display_name = 4 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "a user can set his display name, if nothing is set ZITADEL computes \"first_name last_name\""
|
|
example: "\"Gigi Giraffe\"";
|
|
}
|
|
];
|
|
string preferred_language = 5 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "language tag analog https://tools.ietf.org/html/rfc3066"
|
|
example: "\"en\"";
|
|
}
|
|
];
|
|
Gender gender = 6 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "the gender of the human";
|
|
}
|
|
];
|
|
string avatar_url = 7 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "avatar URL of the user"
|
|
example: "\"https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32\"";
|
|
}
|
|
];
|
|
}
|
|
|
|
message Email {
|
|
string email = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)"
|
|
example: "\"gigi@zitadel.com\"";
|
|
}
|
|
];
|
|
bool is_email_verified = 2 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "Is true if the user verified his email or if the email is managed outside ZITADEL"
|
|
}
|
|
];
|
|
}
|
|
|
|
message Phone {
|
|
string phone = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "mobile phone number of the user. (use global pattern of spec https://tools.ietf.org/html/rfc3966)"
|
|
example: "\"+41 71 000 00 00\"";
|
|
}
|
|
];
|
|
bool is_phone_verified = 2 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "Is true if the user verified his phone or if the phone is managed outside ZITADEL"
|
|
}
|
|
];
|
|
}
|
|
|
|
enum Gender {
|
|
GENDER_UNSPECIFIED = 0;
|
|
GENDER_FEMALE = 1;
|
|
GENDER_MALE = 2;
|
|
GENDER_DIVERSE = 3;
|
|
}
|
|
|
|
enum AccessTokenType {
|
|
ACCESS_TOKEN_TYPE_BEARER = 0;
|
|
ACCESS_TOKEN_TYPE_JWT = 1;
|
|
}
|
|
|
|
message SearchQuery {
|
|
oneof query {
|
|
option (validate.required) = true;
|
|
|
|
UserNameQuery user_name_query = 1;
|
|
FirstNameQuery first_name_query = 2;
|
|
LastNameQuery last_name_query = 3;
|
|
NickNameQuery nick_name_query = 4;
|
|
DisplayNameQuery display_name_query = 5;
|
|
EmailQuery email_query = 6;
|
|
StateQuery state_query = 7;
|
|
TypeQuery type_query = 8;
|
|
LoginNameQuery login_name_query = 9;
|
|
InUserIDQuery in_user_ids_query = 10;
|
|
OrQuery or_query = 11;
|
|
AndQuery and_query = 12;
|
|
NotQuery not_query = 13;
|
|
}
|
|
}
|
|
|
|
message OrQuery {
|
|
repeated SearchQuery queries = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "the sub queries to 'OR'"
|
|
}
|
|
];
|
|
}
|
|
message AndQuery {
|
|
repeated SearchQuery queries = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "the sub queries to 'AND'"
|
|
}
|
|
];
|
|
}
|
|
|
|
message NotQuery {
|
|
SearchQuery query = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "the sub query to negate (NOT)"
|
|
}
|
|
];
|
|
}
|
|
|
|
message InUserIDQuery {
|
|
repeated string user_ids = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "the ids of the users to include"
|
|
example: "[\"69629023906488334\",\"69622366012355662\"]";
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserNameQuery {
|
|
string user_name = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
max_length: 200;
|
|
example: "\"gigi-giraffe\"";
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used";
|
|
}
|
|
];
|
|
}
|
|
|
|
message FirstNameQuery {
|
|
string first_name = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
max_length: 200;
|
|
example: "\"Gigi\"";
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used";
|
|
}
|
|
];
|
|
}
|
|
|
|
message LastNameQuery {
|
|
string last_name = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
max_length: 200;
|
|
example: "\"Giraffe\"";
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used";
|
|
}
|
|
];
|
|
}
|
|
|
|
message NickNameQuery {
|
|
string nick_name = 1 [(validate.rules).string = {max_len: 200}];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used";
|
|
}
|
|
];
|
|
}
|
|
|
|
message DisplayNameQuery {
|
|
string display_name = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
max_length: 200;
|
|
example: "\"Gigi Giraffe\"";
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used";
|
|
}
|
|
];
|
|
}
|
|
|
|
message EmailQuery {
|
|
string email_address = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)"
|
|
max_length: 200;
|
|
example: "\"gigi@zitadel.com\"";
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used";
|
|
}
|
|
];
|
|
}
|
|
|
|
message LoginNameQuery {
|
|
string login_name = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
max_length: 200;
|
|
example: "\"gigi@zitadel.cloud\"";
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used";
|
|
}
|
|
];
|
|
}
|
|
|
|
//UserStateQuery always equals
|
|
message StateQuery {
|
|
UserState state = 1 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "current state of the user";
|
|
}
|
|
];
|
|
}
|
|
|
|
//UserTypeQuery always equals
|
|
message TypeQuery {
|
|
Type type = 1 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "the type of the user";
|
|
}
|
|
];
|
|
}
|
|
|
|
enum Type {
|
|
TYPE_UNSPECIFIED = 0;
|
|
TYPE_HUMAN = 1;
|
|
TYPE_MACHINE = 2;
|
|
}
|
|
|
|
enum UserFieldName {
|
|
USER_FIELD_NAME_UNSPECIFIED = 0;
|
|
USER_FIELD_NAME_USER_NAME = 1;
|
|
USER_FIELD_NAME_FIRST_NAME = 2;
|
|
USER_FIELD_NAME_LAST_NAME = 3;
|
|
USER_FIELD_NAME_NICK_NAME = 4;
|
|
USER_FIELD_NAME_DISPLAY_NAME = 5;
|
|
USER_FIELD_NAME_EMAIL = 6;
|
|
USER_FIELD_NAME_STATE = 7;
|
|
USER_FIELD_NAME_TYPE = 8;
|
|
USER_FIELD_NAME_CREATION_DATE = 9;
|
|
}
|
|
|
|
message AuthFactor {
|
|
AuthFactorState state = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "current state of the auth factor";
|
|
}
|
|
];
|
|
oneof type {
|
|
AuthFactorOTP otp = 2 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "one type use OTP, OTPSMS, OTPEmail or U2F"
|
|
}
|
|
];
|
|
AuthFactorU2F u2f = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "one type use OTP, OTPSMS, OTPEmail or U2F"
|
|
}
|
|
];
|
|
AuthFactorOTPSMS otp_sms = 4 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "one type use OTP, OTPSMS, OTPEmail or U2F"
|
|
}
|
|
];
|
|
AuthFactorOTPEmail otp_email = 5 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "one type use OTP, OTPSMS, OTPEmail or U2F"
|
|
}
|
|
];
|
|
}
|
|
}
|
|
|
|
enum AuthFactorState {
|
|
AUTH_FACTOR_STATE_UNSPECIFIED = 0;
|
|
AUTH_FACTOR_STATE_NOT_READY = 1;
|
|
AUTH_FACTOR_STATE_READY = 2;
|
|
AUTH_FACTOR_STATE_REMOVED = 3;
|
|
}
|
|
|
|
message AuthFactorOTP {}
|
|
message AuthFactorOTPSMS {}
|
|
message AuthFactorOTPEmail {}
|
|
|
|
message AuthFactorU2F {
|
|
string id = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
string name = 2 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"fido key\""
|
|
}
|
|
];
|
|
}
|
|
|
|
message WebAuthNKey {
|
|
bytes public_key = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "json representation of public key credential creation options used by the webauthn client"
|
|
example: "\"eyJwdWJsaWNLZXkiOnsiY2hhbGxlbmdlIoplfZm4vM21qSzBPdjltN2x6VWhnclYyejFJSlVzZnpLd0Z1TytWTWtzRW1Icz0iLCJycCI6eyJuYW1lIjoiWklUQURFTCIsImlkIjoiYWNtZS1nem9lNHgueml0YWRlbC5jbG91ZCJ9LCJ1c2VyIjp7Im5hbWUiOiJ0ZXN0dXNlcjU1QGFjbWUueml0YWRlbC5jbG91ZCIsImRpc3BsYXlOYW1lIjoiVGVzdCBUZXN0IiwiaWQiOiJNVGd5TVRVMk1qWTBNakk1TXpBMk5qSTEifSwicHViS2V5Q3JlZFBhcmFtcyI6W3sidHlwZSI6InB1YmxpYy1rZXkiLCJhbGciOi03fSx7InR5cGUiOiJwdWJsaWMta2V5IiwiYWxnIjotMzV9LHsidHlwZSI6InB1YmxpYy1rZXkiLCJhbGciOi0zNn0seyJ0eXBlIjoicHVibGljLWtleSIsImFsZyI6LTI1N30seyJ0eXBlIjoicHVibGljLWtleSIsImFsZyI6LTI1OH0seyJ0eXBlIjoicHVibGljLWtleSIsImFsZyI6LTI1OX0seyJ0eXBlIjoicHVibGljLWtleSIsImFsZyI6LTM3fSx7InR5cGUiOiJwdWJsaWMta2V5IiwiYWxnIjotMzh9LHsidHlwZSI6InB1YmxpYy1rZXkiLCJhbGciOi0zOX0seyJ0eXBlIjoicHVibGljLWtleSIsImFsZyI6LTh9XSwiYXV0aGVudGljYXRvclNlbGVjdGlvbiI6eyJ1c2VyVmVyaWZpY2F0aW9uIjoiZGlzY291cmFnZWQifn2ilGltZW91dCI6NjAwMDAsImF0dGVzdGF0aW9uIjoibm9uZSJ9fQ==\""
|
|
}
|
|
];
|
|
}
|
|
|
|
message WebAuthNVerification {
|
|
bytes public_key_credential = 1 [
|
|
(validate.rules).bytes.min_len = 55,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "JSON representation of public key credential issued by the webauthn client";
|
|
min_length: 55;
|
|
max_length: 1048576; //1 MB
|
|
}
|
|
];
|
|
string token_name = 2 [
|
|
(validate.rules).string = {min_len: 1, max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
min_length: 1;
|
|
max_length: 200;
|
|
example: "\"fido key\""
|
|
}
|
|
];
|
|
}
|
|
|
|
message WebAuthNToken {
|
|
string id = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
AuthFactorState state = 2 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "current state of the token";
|
|
}
|
|
];
|
|
string name = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
min_length: 1;
|
|
max_length: 200;
|
|
example: "\"fido key\""
|
|
}
|
|
];
|
|
}
|
|
|
|
message Membership {
|
|
string user_id = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
zitadel.v1.ObjectDetails details = 2;
|
|
repeated string roles = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "[\"IAM_OWNER\"]"
|
|
}
|
|
];
|
|
string display_name = 4 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "display name of the user"
|
|
example: "\"Gigi Giraffe\"";
|
|
}
|
|
];
|
|
oneof type {
|
|
bool iam = 5 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "one of type use iam, org id, project id or project grant id"
|
|
}
|
|
];
|
|
string org_id = 6 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "one of type use iam, org id, project id or project grant id"
|
|
}
|
|
];
|
|
string project_id = 7 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "one of type use iam, org id, project id or project grant id"
|
|
}
|
|
];
|
|
string project_grant_id = 8 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "one of type use iam, org id, project id or project grant id"
|
|
}
|
|
];
|
|
}
|
|
}
|
|
|
|
message MembershipQuery {
|
|
oneof query {
|
|
option (validate.required) = true;
|
|
|
|
MembershipOrgQuery org_query = 1;
|
|
MembershipProjectQuery project_query = 2;
|
|
MembershipProjectGrantQuery project_grant_query = 3;
|
|
MembershipIAMQuery iam_query = 4;
|
|
}
|
|
}
|
|
|
|
// this query always equals
|
|
message MembershipOrgQuery {
|
|
string org_id = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
}
|
|
|
|
// this query always equals
|
|
message MembershipProjectQuery {
|
|
string project_id = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
}
|
|
|
|
// this query always equals
|
|
message MembershipProjectGrantQuery {
|
|
string project_grant_id = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
}
|
|
|
|
// this query always equals
|
|
message MembershipIAMQuery {
|
|
bool iam = 1;
|
|
}
|
|
|
|
message Session {
|
|
string session_id = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
string agent_id = 2 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
SessionState auth_state = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "current state of the session";
|
|
}
|
|
];
|
|
string user_id = 4 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
string user_name = 5 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"gigi-giraffe\"";
|
|
}
|
|
];
|
|
string login_name = 7 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"gigi@zitadel.com\"";
|
|
}
|
|
];
|
|
string display_name = 8 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "the display name of the user"
|
|
example: "\"Gigi Giraffe\"";
|
|
}
|
|
];
|
|
zitadel.v1.ObjectDetails details = 9;
|
|
string avatar_url = 10 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "avatar URL of the user"
|
|
example: "\"https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32\"";
|
|
}
|
|
];
|
|
}
|
|
|
|
enum SessionState {
|
|
SESSION_STATE_UNSPECIFIED = 0;
|
|
SESSION_STATE_ACTIVE = 1;
|
|
SESSION_STATE_TERMINATED = 2;
|
|
}
|
|
|
|
message RefreshToken {
|
|
string id = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906489455\""
|
|
}
|
|
];
|
|
zitadel.v1.ObjectDetails details = 2;
|
|
string client_id = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334@ZITADEL\"";
|
|
description: "oauth2/oidc client_id of the authorized application";
|
|
}
|
|
];
|
|
google.protobuf.Timestamp auth_time = 4 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"2023-02-13T08:45:00.000000Z\"";
|
|
description: "\"time when the user authenticated, does not have to be the same time the token was created\""
|
|
}
|
|
];
|
|
google.protobuf.Timestamp idle_expiration = 5 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"2023-02-14T08:45:00.000000Z\"";
|
|
description: "\"time the refresh token will expire if not used, the user will have to reauthenticate\""
|
|
}
|
|
];
|
|
google.protobuf.Timestamp expiration = 6 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"2023-02-14T08:45:00.000000Z\"";
|
|
description: "\"time the refresh token will expire, the user will have to reauthenticate\""
|
|
}
|
|
];
|
|
repeated string scopes = 7 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "[\"openid\",\"email\",\"profile\",\"offline_access\"]";
|
|
description: "scopes of the initial auth request, access tokens created by this refresh token can have a subset of these scopes";
|
|
}
|
|
];
|
|
repeated string audience = 8 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "[\"69629023906488334@ZITADEL\", \"69629023906481256\"]"
|
|
description: "audience of the initial auth request and of all access tokens created by this refresh token";
|
|
}
|
|
];
|
|
}
|
|
|
|
|
|
message PersonalAccessToken {
|
|
string id = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\"";
|
|
}
|
|
];
|
|
zitadel.v1.ObjectDetails details = 2;
|
|
google.protobuf.Timestamp expiration_date = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "the date the token will expire";
|
|
example: "\"3019-04-01T08:45:00.000000Z\"";
|
|
}
|
|
];
|
|
repeated string scopes = 4 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "scopes granted to the token";
|
|
example: "[\"openid\"]";
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrant {
|
|
string id = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
zitadel.v1.ObjectDetails details = 2;
|
|
repeated string role_keys = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "[\"role.super.man\"]"
|
|
}
|
|
];
|
|
UserGrantState state = 4 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "current state of the user";
|
|
}
|
|
];
|
|
|
|
string user_id = 5 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
string user_name = 6 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"gigi-giraffe\"";
|
|
}
|
|
];
|
|
string first_name = 7 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"Gigi\"";
|
|
}
|
|
];
|
|
string last_name = 8 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"Giraffe\"";
|
|
}
|
|
];
|
|
string email = 9 [
|
|
(validate.rules).string.email = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)"
|
|
example: "\"gigi@zitadel.com\"";
|
|
}
|
|
];
|
|
string display_name = 10 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "display name of the user"
|
|
example: "\"Gigi Giraffe\"";
|
|
}
|
|
];
|
|
string org_id = 11 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
string org_name = 12 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"ZITADEL\"";
|
|
}
|
|
];
|
|
string org_domain = 13 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"zitadel.cloud\"";
|
|
}
|
|
];
|
|
string project_id = 14 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
string project_name = 15 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"ZITADEL\"";
|
|
}
|
|
];
|
|
string project_grant_id = 16 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
string avatar_url = 17 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "avatar URL of the user"
|
|
example: "\"{your-domain}/assets/v1/avatar-32432jkh4kj32\"";
|
|
}
|
|
];
|
|
string preferred_login_name = 18 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"gigi@zitadel.com\"";
|
|
}
|
|
];
|
|
Type user_type = 19 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "type of the user (human / machine)"
|
|
}
|
|
];
|
|
}
|
|
|
|
enum UserGrantState {
|
|
USER_GRANT_STATE_UNSPECIFIED = 0;
|
|
USER_GRANT_STATE_ACTIVE = 1;
|
|
USER_GRANT_STATE_INACTIVE = 2;
|
|
}
|
|
|
|
message UserGrantQuery {
|
|
oneof query {
|
|
option (validate.required) = true;
|
|
|
|
UserGrantProjectIDQuery project_id_query = 1;
|
|
UserGrantUserIDQuery user_id_query = 2;
|
|
UserGrantWithGrantedQuery with_granted_query = 3;
|
|
UserGrantRoleKeyQuery role_key_query = 4;
|
|
UserGrantProjectGrantIDQuery project_grant_id_query = 5;
|
|
UserGrantUserNameQuery user_name_query = 6;
|
|
UserGrantFirstNameQuery first_name_query = 7;
|
|
UserGrantLastNameQuery last_name_query = 8;
|
|
UserGrantEmailQuery email_query = 9;
|
|
UserGrantOrgNameQuery org_name_query = 10;
|
|
UserGrantOrgDomainQuery org_domain_query = 11;
|
|
UserGrantProjectNameQuery project_name_query = 12;
|
|
UserGrantDisplayNameQuery display_name_query = 13;
|
|
UserGrantUserTypeQuery user_type_query = 14;
|
|
}
|
|
}
|
|
|
|
message UserGrantProjectIDQuery {
|
|
string project_id = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantUserIDQuery {
|
|
string user_id = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantWithGrantedQuery {
|
|
bool with_granted = 1;
|
|
}
|
|
|
|
message UserGrantRoleKeyQuery {
|
|
string role_key = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"role.super.man\""
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used"
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantProjectGrantIDQuery {
|
|
string project_grant_id = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\""
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantUserNameQuery {
|
|
string user_name = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"gigi-giraffe\""
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used"
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantFirstNameQuery {
|
|
string first_name = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"Gigi\""
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used"
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantLastNameQuery {
|
|
string last_name = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"Giraffe\""
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used"
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantEmailQuery {
|
|
string email = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"gigi@zitadel.com\""
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used"
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantOrgNameQuery {
|
|
string org_name = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"cao\""
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used"
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantOrgDomainQuery {
|
|
string org_domain = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"OS AG\""
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used"
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantProjectNameQuery {
|
|
string project_name = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"ITADE\""
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "3"
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantDisplayNameQuery {
|
|
string display_name = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "display name of a user"
|
|
example: "\"Gigi Giraffe\"";
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which equality method is used";
|
|
}
|
|
];
|
|
}
|
|
|
|
message UserGrantUserTypeQuery {
|
|
Type type = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "type of user"
|
|
example: "\"TYPE_HUMAN\"";
|
|
}
|
|
];
|
|
}
|
|
|
|
//PLANNED: login name query
|