mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-06 14:17:17 +00:00
dd53f70fd5
* docs(contributing): Update contributing guide * update link for login interface texts * move gfi to main section * contributing docs * typos, links Co-authored-by: Florian Forster <florian@caos.ch> * chore(console): contributing to console (#3891) * fix: return absolute url for avatar in user sessions (#3724) * fix: return absolute url for avatar in user sessions * fix: refresh token unique constraint * feat: system api requires authenticated requests (#3570) * begin auth * feat: system api requires authenticated requests * fix tests * feat: directly specify factors/idps on addCustomLoginPolicy and return on LoginPolicy responses (#3711) * feat: directly specify factors on addCustomLoginPolicy and return on LoginPolicy responses * fix proto * update login policy * feat: directly specify idp on addCustomLoginPolicy and return on LoginPolicy responses * fix: tests Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> * fix: read key data for system api users from config (#3731) * chore: make docs searchable (#3734) * chore: make docs searchable * Update netlify.toml * fix: SMTP config in defaults (#3736) * fix(command): create smtp provider cmds after domains * chore(defaults): add smtp configuration * fix(console): Idp settings, settings reset warn dialog, Accept-Language header interceptor, i18n (#3727) * fix idp table, settings reset warn dialog, fix i18n interceptor, i18n * fix label policy on org change * fallback * fix preview button styles * footer, login-policy null check * org create btn alignment * show error with toast * error toast * fix(console): header image fallback (#3735) fix: fallback icon in header Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix(login): checkbox, label, container styles (#3732) fix: checkbox, label styles * docs: add java sample project (#3738) Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> * fix: use issuer for jwt profile check on system api (#3741) * fix(current_sequence): no error if not found (#3740) * fix: login checkbox contrast, login policy factors, asset urls (#3742) * checkbox contrast * idp create before remove, add, asset service * login policy events Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> * fix(query): show views and failed events (#3743) * fix(system): show views and failed events * fix: set correct database on failed events and views * fix(console): application grid overflow (#3744) * fix: use css grid instead of flex * ellipsis overflow Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> * fix(projection): add missing col to idp login policy links (#3745) * fix(projection): add missing col to projection * refactor: method naming * fix(console): get idps from login policy, add policy if not existent (#3746) * fix: return correct empty flow if not found (#3749) * feat: get current label and privacy policies (#3748) * chore(console): dependencies (#3730) * cli, core * material, cdk * chore(deps-dev): bump karma-jasmine-html-reporter from 1.7.0 to 2.0.0 in /console (#3722) chore(deps-dev): bump karma-jasmine-html-reporter in /console Bumps [karma-jasmine-html-reporter](https://github.com/dfederm/karma-jasmine-html-reporter) from 1.7.0 to 2.0.0. - [Release notes](https://github.com/dfederm/karma-jasmine-html-reporter/releases) - [Commits](https://github.com/dfederm/karma-jasmine-html-reporter/compare/v1.7.0...v2.0.0) --- updated-dependencies: - dependency-name: karma-jasmine-html-reporter dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump @typescript-eslint/parser from 5.25.0 to 5.26.0 in /console (#3717) chore(deps-dev): bump @typescript-eslint/parser in /console Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.25.0 to 5.26.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.26.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump libphonenumber-js from 1.10.4 to 1.10.6 in /console (#3716) Bumps [libphonenumber-js](https://gitlab.com/catamphetamine/libphonenumber-js) from 1.10.4 to 1.10.6. - [Release notes](https://gitlab.com/catamphetamine/libphonenumber-js/tags) - [Changelog](https://gitlab.com/catamphetamine/libphonenumber-js/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/catamphetamine/libphonenumber-js/compare/v1.10.4...v1.10.6) --- updated-dependencies: - dependency-name: libphonenumber-js dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * jasmine * lock Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: compatibility for cockroach v22.1 (#3754) * fix: compatability for cockroach v22.1 * update cr version in docs and compose * bind dev cockroach to 127.0.0.1 * Revert "bind dev cockroach to 127.0.0.1" This reverts commit 1c7c6304ae6682801f8475a8eac91569442b6b8d. * remove --listen-addr flag * use v2.0.0-v2-alpha.16 * use v2.0.0-v2-alpha.17 Co-authored-by: Elio Bischof <eliobischof@gmail.com> * fix: render only base language in html (#3759) * fix: sql error check (#3762) * docs: Docs v2 (#3733) * fix: change images * fix: change images, add policies * fix: change images, add policies * docs: add customer portal docs * docs: add customer portal docs * docs: add customer portal docs * docs: add customer portal docs * docs: organization creation * docs: policy docs * docs: change password * docs: verify domain * docs: profile page * docs: profile page * docs: profile page * docs: login page * docs: login page * docs: fix broken links * docs: customer portal users * docs: instance detail * docs: instance detail * docs: getting started * Update organizations.mdx Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix(console, login): Idp detail and create layout optimization, login - sub formfield link spacing (#3755) * idp detail, create layout * fat finger fix Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: handle default org id (#3769) * fix: update user sessions after avatar or primary domain change (#3768) * fix: grpc gateway interceptors (#3767) * fix: improve oidc issuer / endpoints (#3753) * fix: improve oidc issuer / endpoints * docs: update endpoints * fix(console): datepicker, formfield cleanup, member role help, domain layout (#3765) * key datepicker, formfield cleanup, member role help, domain layout * accounts card template overlay * fix account card trigger * chore(deps-dev): bump @typescript-eslint/parser from 5.26.0 to 5.27.0 in /console (#3752) chore(deps-dev): bump @typescript-eslint/parser in /console Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.26.0 to 5.27.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.27.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * deps, i18n, feature info section * lint Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(console, login): console - ensure permission is available, login - i18n fixes, input borders, lgn-touched script to add class on blur (#3760) * permission restriction, member, login i18n input borders, secondary text * add touched js * test: ensure consistency of TestSpooler_awaitError (#3750) * docs: add gitlab and auth0 (#3700) * docs: add gitlab and auth0 * Apply suggestions from code review * fix wrong domain * Apply suggestions from code review Co-authored-by: mffap <mpa@zitadel.com> * fix redirect-uris * typos * replace image wip * smaller typos * Update docs/docs/guides/basics/applications.mdx Co-authored-by: mffap <mpa@zitadel.com> * Update docs/docs/guides/basics/applications.mdx Co-authored-by: mffap <mpa@zitadel.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: mffap <mpa@zitadel.com> Co-authored-by: Maximilian Panne <mpa@caos.ch> Co-authored-by: Livio Spring <livio.a@gmail.com> * feat: return instance domains on list instances, fix: login policy and avatar url in oidc responses (#3785) * feat: return instance domains on list instances * fix: filter login policy idps correctly * remove debug * fix: absolute avatar url in oidc responses * fix: allow project grants without roles in database (#3786) * fix: password check policy correctly (#3787) * fix: password check policy correctly * fix: password check policy correctly * docs: Identity providers and customer portal (#3790) * docs: identity provider and customer portal page * docs: identity provider and customer portal page * docs: identity provider and customer portal page * docs: urls * fix: add smtp config, remove smtp and sms provider, console adaptations (#3792) * fix: add AddSMTPConfig to admin api * addsmtpconfig * fix: add RemoveSMTPConfig and RemoveSMSProvider to admin api * update twilio, token fcn * fix account switcher, twilio token set, cleanup dialog * cleanup * buttons Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix(console, login): label policy and privacy policy from authservice, login - remove double footer element, mobile (#3795) fix: cnsl auth policy, lgn footer mobile * docs: change architecture graphic (#3794) * fix(console): configWithPrompt cleanup (#3796) * fix: configWithPrompt cleanup * code dialog text Co-authored-by: Livio Spring <livio.a@gmail.com> * fix: set instanceID correctly in org project mapping (#3789) * fix: idp styling (#3797) * fix: idp styling * escape idp a color * elevation on hover * css gen Co-authored-by: Max Peintner <max@caos.ch> * fix: allow env vars to override setup defaults (#3800) * fix: sms providers (#3801) * fix(login): idp, link font color (#3814) fix: idp, a font color * fix(console): remove basepath from statehandler (#3815) fix: remove basepath from statehandler * fix(query): realtime data on defined requests (#3726) * feat: directly specify factors on addCustomLoginPolicy and return on LoginPolicy responses * fix proto * update login policy * feat: directly specify idp on addCustomLoginPolicy and return on LoginPolicy responses * fix: tests * fix(projection): trigger bulk * refactor: clean projection pkg * instance should bulk * fix(query): should trigger bulk on id calls * tests * build prerelease * fix: add shouldTriggerBulk * fix: test Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Max Peintner <max@caos.ch> * fix(system): search for existing domain globally (#3822) * docs(legal): Updated agreements and policies v2 (#3823) * tos * adds cloud service * cloud service description WIP * action minute * service level description * SAML and last revised * tos credit and payment * dpa basic, profile, and payment data * service description: authenticated requests * cloud service description: ui * add notification box * sla description * support services * removes dedicated instance annex * remove dedicated instance annex sidebar, links * update dedicated terms * merge additional terms in sidebar * privacy formatting * pp update piid table * remove cloudflare cookies * privacy customer portal cookies * revert editing guides * dates * docs: test * modification of services * Apply suggestions from code review Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> * add disclaimer to regions list Co-authored-by: Maximilian Panne <mpa@caos.ch> Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com> Co-authored-by: mffap <mpa@zitadel.com> * fix(notify): fail if required fields are empty (#3831) * fix(login): text color for idp, footer (#3830) Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> * fix(auth): read user if not found after create (#3835) * fix(notify): correct get user (#3836) * feat: enable insecure console for custom domains (#3819) * fix: enable insecure console * Revert "fix: enable insecure console" This reverts commit e6c10ae937a04e14da9aede4ef1b1ea9b16612d1. * don't require HTTPS for non-localhost domains Co-authored-by: Max Peintner <max@caos.ch> * docs: update ZITADEL cloud readme (#3849) * docs: update ZITADEL cloud readme * Update README.md * Update README.md Co-authored-by: mffap <mpa@zitadel.com> Co-authored-by: mffap <mpa@zitadel.com> * docs: add curl for introspection_endpoint with basic auth (#3851) * docs: update api introduction (#3781) * fix: update oidc pkg (state and redirect_uri handling) (#3853) * chore(console): add customer portal link (#3837) * feat: add customer portal link * add customer portal to environment.json from backend Co-authored-by: Livio Amstutz <livio.a@gmail.com> * feat: TLS support (#3862) * feat: TLS support * add comment * fix comment * chore: set tleMode disabled in docker compose (#3865) * chore(docs): fix typo (#3866) * fix: primary domain scope (handle context correctly) (#3872) * feat: provide instance info on admin api and return version on instances responses (admin and system api) (#3802) * feat: provide instance info on admin api and return version on instances responses (admin and system api) * fix GetMyInstance * fix: enable env vars in setup steps (and deprecate admin subcommand) (#3871) * fix: enable env vars in setup steps (and deprecate admin subcommand) * fix tests and error text * chore(console): angular 14 (#3799) * eslint schematics * cli, core migrations * material * schematics * ng-qrcode update * fix input, formfield errorstatemixin * other packages * downgrade codemirror * codemirror * @next of alphas Co-authored-by: Livio Spring <livio.a@gmail.com> * docs(installation): improve guides (#3817) * split config descriptions * install and configure * custom domains * typo * remove comments * try compose with secure crdb * secure crdb with compose * describe ExternalSecure restriction * add near production example * add login credentials * fix configure compose * make the docs more transparent * name archive amd64 * Revert "name archive amd64" This reverts commit 0d4dae551b47e6bc7584a27a05f290ae92648966. * fix download url * extract archives * fix dawin download * fix start zitadel commands * add helm installation docs * remove windows * make downloaded files description friendlier * link to github raw * link login process * remove healthcheck from compose * remove compose healthchecks * use --tlsMode external for lb example * uname -i * disable tls mode locally * Update docs/docs/guides/installation/get-started/macos.mdx Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> * docs(guides): user metadata (#3838) * docs(guides): user metadata * add python * export to BASIC_AUTH * add js * add alternative with id_token * fix img path * adds reserved scopes, and info about opaque token * Apply suggestions from code review Co-authored-by: Elio Bischof <eliobischof@gmail.com> * Apply suggestions from code review Co-authored-by: Elio Bischof <eliobischof@gmail.com> Co-authored-by: Maximilian Panne <mpa@caos.ch> Co-authored-by: Elio Bischof <eliobischof@gmail.com> * docs(installation): knative (#3860) * added initial knative docu * added menu bar * simplified installation * normalized versions to latest * update envs * update envs * Update zitadel-knative-service.yaml * Update knative.mdx * Update knative.mdx * move knative into correct folder Co-authored-by: Livio Spring <livio.a@gmail.com> * docs(installation): fix overview items (#3880) * docs(installation): fix overview items * installation after getting started * fix broken links * fix broken links * fix broken link * docs(installation): fix guides (#3878) * docs(installation): download traefik config * docs(installation): remove unnecessary zitadel user certs * docs(installation): fix broken link (#3883) * docs: edit instance docs (#3885) * chore: contributing console Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Florian Forster <florian@caos.ch> Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: mffap <mpa@zitadel.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Elio Bischof <eliobischof@gmail.com> Co-authored-by: Maximilian Panne <mpa@caos.ch> Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com> Co-authored-by: Nicolas Hedger <649677+nhedger@users.noreply.github.com> Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com> * describe local frontend development * finish local frontend dev * ignore environment.json * redirect environment.json to file * add context and teardown information * omit installation of dev dependencies * unskip remove project tests * build base image * use network_mode host for e2e container * quote uid * add backend contribution guide * typo * note on cypress xserver with wsl2 * add links * build custom cypress image * remove --help * Revert "remove --help" This reverts commit 14b50bc48b21438c2c844548d087632f34c7892d. * Revert "build custom cypress image" This reverts commit bc2caaac9ceea361554d30e95863b44c7ccaad68. * remove dot * Update CONTRIBUTING.md Co-authored-by: Florian Forster <florian@zitadel.com> Co-authored-by: Maximilian Panne <mpa@caos.ch> Co-authored-by: Florian Forster <florian@caos.ch> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Elio Bischof <eliobischof@gmail.com> Co-authored-by: Nicolas Hedger <649677+nhedger@users.noreply.github.com> Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com> Co-authored-by: Florian Forster <florian@zitadel.com>
You want auth that's quickly set up like Auth0 but open source like Keycloak? Look no further— ZITADEL combines the ease of Auth0 and the versatility of Keycloak.
We provide a wide range of out of the box features like secure login, self-service, OpenID Connect, OAuth2.x, SAML2, branding, Passwordless with FIDO2, OTP, U2F, and an unlimited audit trail to improve the life of developers. Especially noteworthy is that ZITADEL supports not only B2C and B2E scenarios but also B2B. This is super useful for people who build B2B Solutions, as ZITADEL can handle all the delegated user and access management.
With ZITADEL you rely on a battle tested, hardened and extensible turnkey solution to solve all of your authentication and authorization needs. With the unique way of how ZITADEL stores data it gives you an unlimited audit trail which provides a peace of mind for even the harshest audit and analytics requirements.
🏡 Website 💬 Chat 📋 Docs 🧑💻 Blog 📞 Contact
Get started
ZITADEL Cloud (SaaS)
The easiest way to get started with ZITADEL Cloud.
It's free for up to 25'000 authenticated requests. Learn more about the pay-as-you-go pricing.
Install ZITADEL
Quickstarts - Integrate your app
Multiple Examples can be found here
If you miss something please feel free to join the Discussion
Why ZITADEL
- API-first
- Strong audit trail thanks to event sourcing
- Actions to react on events with custom code
- Branding for a uniform user experience
- CockroachDB is the only dependency
Features
- Single Sign On (SSO)
- Passwordless with FIDO2 support
- Username / Password
- Multifactor authentication with OTP, U2F
- Identity Brokering
- Machine-to-machine (JWT profile)
- Personal Access Tokens (PAT)
- Role Based Access Control (RBAC)
- Delegate role management to third-parties
- Self-registration including verification
- User self service
- Service Accounts
- OpenID Connect certified
- 🚧 SAML 2.0
- 🚧 Postgres
Track upcoming features on our roadmap.
Client libraries
| Language | Client | API | Machine auth (*) | Auth check (**) | Thanks to the maintainers |
|---|---|---|---|---|---|
| .NET | zitadel-net | GRPC | ✔️ | ✔️ | buehler 👑 |
| Dart | zitadel-dart | GRPC | ✔️ | ❌ | buehler 👑 |
| Elixir | zitadel_api | GRPC | ✔️ | ✔️ | jshmrtn 🙏🏻 |
| Go | zitadel-go | GRPC | ✔️ | ✔️ | ZITADEL |
| Rust | zitadel-rust | GRPC | ✔️ | ❌ | buehler 👑 |
| JVM | 🚧 WIP | ❓ | ❓ | TBD | |
| Python | 🚧 WIP | ❓ | ❓ | TBD | |
| Javascript | ❓ | ❓ | ❓ | Maybe you? |
(*) Automatically authenticate service accounts with JWT Profile.
(**) Automatically check if the access token is valid and claims match
How To Contribute
Details about how to contribute you can find in the Contribution Guide
Contributors
Made with contrib.rocks.
Showcase
Passwordless Login
Use our login widget to allow easy and secure access to your applications and enjoy all the benefits of passwordless (FIDO 2 / WebAuthN):
- works on all modern platforms, devices, and browsers
- phishing resistant alternative
- requires only one gesture by the user
- easy enrollment of the device during registration
Admin Console
Use Console or our APIs to setup organizations, projects and applications.
Register new applications
Delegate the right to assign roles to another organization
Customize login and console with your design
Security
See the policy here
License
See the exact licensing terms here
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.