Add Azure AD Identity Provider​
Add Azure AD Identity Provider
Request Body required
client id generated by the Azure AD
client secret generated by the Azure AD
tenant object
Defines what kind of accounts are allowed to authenticate (Personal, Organizational, All). If not provided the common
tenant will be used (All accounts)
Possible values: [AZURE_AD_TENANT_TYPE_COMMON
, AZURE_AD_TENANT_TYPE_ORGANISATIONS
, AZURE_AD_TENANT_TYPE_CONSUMERS
]
Default value: AZURE_AD_TENANT_TYPE_COMMON
Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent)
the scopes requested by ZITADEL during the request to Azure AD
providerOptions object
Enable if users should be able to link an existing ZITADEL user with an external account.
Enable if users should be able to create a new account in ZITADEL when using an external account.
Enable if a new account in ZITADEL should be created automatically when login with an external account.
Enable if a the ZITADEL account fields should be updated automatically on each login.
Possible values: [AUTO_LINKING_OPTION_UNSPECIFIED
, AUTO_LINKING_OPTION_USERNAME
, AUTO_LINKING_OPTION_EMAIL
]
Default value: AUTO_LINKING_OPTION_UNSPECIFIED
Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches.
Request Body required
client id generated by the Azure AD
client secret generated by the Azure AD
tenant object
Defines what kind of accounts are allowed to authenticate (Personal, Organizational, All). If not provided the common
tenant will be used (All accounts)
Possible values: [AZURE_AD_TENANT_TYPE_COMMON
, AZURE_AD_TENANT_TYPE_ORGANISATIONS
, AZURE_AD_TENANT_TYPE_CONSUMERS
]
Default value: AZURE_AD_TENANT_TYPE_COMMON
Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent)
the scopes requested by ZITADEL during the request to Azure AD
providerOptions object
Enable if users should be able to link an existing ZITADEL user with an external account.
Enable if users should be able to create a new account in ZITADEL when using an external account.
Enable if a new account in ZITADEL should be created automatically when login with an external account.
Enable if a the ZITADEL account fields should be updated automatically on each login.
Possible values: [AUTO_LINKING_OPTION_UNSPECIFIED
, AUTO_LINKING_OPTION_USERNAME
, AUTO_LINKING_OPTION_EMAIL
]
Default value: AUTO_LINKING_OPTION_UNSPECIFIED
Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches.
Request Body required
client id generated by the Azure AD
client secret generated by the Azure AD
tenant object
Defines what kind of accounts are allowed to authenticate (Personal, Organizational, All). If not provided the common
tenant will be used (All accounts)
Possible values: [AZURE_AD_TENANT_TYPE_COMMON
, AZURE_AD_TENANT_TYPE_ORGANISATIONS
, AZURE_AD_TENANT_TYPE_CONSUMERS
]
Default value: AZURE_AD_TENANT_TYPE_COMMON
Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent)
the scopes requested by ZITADEL during the request to Azure AD
providerOptions object
Enable if users should be able to link an existing ZITADEL user with an external account.
Enable if users should be able to create a new account in ZITADEL when using an external account.
Enable if a new account in ZITADEL should be created automatically when login with an external account.
Enable if a the ZITADEL account fields should be updated automatically on each login.
Possible values: [AUTO_LINKING_OPTION_UNSPECIFIED
, AUTO_LINKING_OPTION_USERNAME
, AUTO_LINKING_OPTION_EMAIL
]
Default value: AUTO_LINKING_OPTION_UNSPECIFIED
Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches.
- 200
- default
A successful response.
Schema
details object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
{
"details": {
"sequence": "2",
"creationDate": "2024-05-24T10:54:22.339Z",
"changeDate": "2024-05-24T10:54:22.339Z",
"resourceOwner": "69629023906488334"
},
"id": "string"
}
Schema
details object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
{
"details": {
"sequence": "2",
"creationDate": "2024-05-24T10:54:22.339Z",
"changeDate": "2024-05-24T10:54:22.339Z",
"resourceOwner": "69629023906488334"
},
"id": "string"
}
Schema
details object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
{
"details": {
"sequence": "2",
"creationDate": "2024-05-24T10:54:22.339Z",
"changeDate": "2024-05-24T10:54:22.339Z",
"resourceOwner": "69629023906488334"
},
"id": "string"
}
An unexpected error response.
Schema
- Array [
- ]
details object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
Schema
- Array [
- ]
details object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
Schema
- Array [
- ]
details object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}