Add Generic OAuth Identity Provider​
Add Generic OAuth Identity Provider
Request Body required
Client id generated by the identity provider
Client secret generated by the identity provider
The endpoint where ZITADEL send the user to authenticate
The endpoint where ZITADEL can get the token
The endpoint where ZITADEL can get the user information
The scopes requested by ZITADEL during the request on the identity provider
Identifying attribute of the user in the response of the user_endpoint
providerOptions object
Request Body required
Client id generated by the identity provider
Client secret generated by the identity provider
The endpoint where ZITADEL send the user to authenticate
The endpoint where ZITADEL can get the token
The endpoint where ZITADEL can get the user information
The scopes requested by ZITADEL during the request on the identity provider
Identifying attribute of the user in the response of the user_endpoint
providerOptions object
Request Body required
Client id generated by the identity provider
Client secret generated by the identity provider
The endpoint where ZITADEL send the user to authenticate
The endpoint where ZITADEL can get the token
The endpoint where ZITADEL can get the user information
The scopes requested by ZITADEL during the request on the identity provider
Identifying attribute of the user in the response of the user_endpoint
providerOptions object
- 200
- default
A successful response.
Schema
details object
{
"details": {
"sequence": "2",
"creationDate": "2024-05-24T10:54:22.326Z",
"changeDate": "2024-05-24T10:54:22.326Z",
"resourceOwner": "69629023906488334"
},
"id": "string"
}
Schema
details object
{
"details": {
"sequence": "2",
"creationDate": "2024-05-24T10:54:22.326Z",
"changeDate": "2024-05-24T10:54:22.326Z",
"resourceOwner": "69629023906488334"
},
"id": "string"
}
Schema
details object
{
"details": {
"sequence": "2",
"creationDate": "2024-05-24T10:54:22.326Z",
"changeDate": "2024-05-24T10:54:22.326Z",
"resourceOwner": "69629023906488334"
},
"id": "string"
}
An unexpected error response.
Schema
details object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
Schema
details object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
Schema
details object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
POST /idps/oauth
Authorization
name: OAuth2type: oauth2scopes:openid,urn:zitadel:iam:org:project:id:zitadel:aud
flows: { "authorizationCode": { "authorizationUrl": "$CUSTOM-DOMAIN/oauth/v2/authorize", "tokenUrl": "$CUSTOM-DOMAIN/oauth/v2/token", "scopes": { "openid": "openid", "urn:zitadel:iam:org:project:id:zitadel:aud": "urn:zitadel:iam:org:project:id:zitadel:aud" } } }
Request
Request
curl -L -X POST 'https://$CUSTOM-DOMAIN/management/v1/idps/oauth' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
"name": "My Provider",
"clientId": "client-id",
"clientSecret": "client-secret",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id",
"providerOptions": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
}
}'
curl -L -X POST 'https://$CUSTOM-DOMAIN/management/v1/idps/oauth' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
"name": "My Provider",
"clientId": "client-id",
"clientSecret": "client-secret",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id",
"providerOptions": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
}
}'
curl -L -X POST 'https://$CUSTOM-DOMAIN/management/v1/idps/oauth' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
"name": "My Provider",
"clientId": "client-id",
"clientSecret": "client-secret",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id",
"providerOptions": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
}
}'
curl -L -X POST 'https://$CUSTOM-DOMAIN/management/v1/idps/oauth' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
"name": "My Provider",
"clientId": "client-id",
"clientSecret": "client-secret",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id",
"providerOptions": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
}
}'
curl -L -X POST 'https://$CUSTOM-DOMAIN/management/v1/idps/oauth' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
"name": "My Provider",
"clientId": "client-id",
"clientSecret": "client-secret",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id",
"providerOptions": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
}
}'
curl -L -X POST 'https://$CUSTOM-DOMAIN/management/v1/idps/oauth' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
"name": "My Provider",
"clientId": "client-id",
"clientSecret": "client-secret",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id",
"providerOptions": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
}
}'
curl -L -X POST 'https://$CUSTOM-DOMAIN/management/v1/idps/oauth' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
"name": "My Provider",
"clientId": "client-id",
"clientSecret": "client-secret",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id",
"providerOptions": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
}
}'
curl -L -X POST 'https://$CUSTOM-DOMAIN/management/v1/idps/oauth' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
"name": "My Provider",
"clientId": "client-id",
"clientSecret": "client-secret",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id",
"providerOptions": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
}
}'
curl -L -X POST 'https://$CUSTOM-DOMAIN/management/v1/idps/oauth' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
"name": "My Provider",
"clientId": "client-id",
"clientSecret": "client-secret",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id",
"providerOptions": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
}
}'