Add Generic OAuth Identity Provider
POST/idps/oauth
Add Generic OAuth Identity Provider
Request​
Header Parameters
The default is always the organization of the requesting user. If you like to get/set a result of another organization include the header. Make sure the user has permission to access the requested data.
- application/json
- application/grpc
- application/grpc-web+proto
Body
required
Client id generated by the identity provider
Client secret generated by the identity provider
The endpoint where ZITADEL send the user to authenticate
The endpoint where ZITADEL can get the token
The endpoint where ZITADEL can get the user information
The scopes requested by ZITADEL during the request on the identity provider
Identifying attribute of the user in the response of the user_endpoint
providerOptions
object
Enable if users should be able to manually link an existing ZITADEL user with an external account. Disable if users should only be allowed to link the proposed account in case of active auto_linking.
Enable if users should be able to manually create a new account in ZITADEL when using an external account. Disable if users should not be able to edit account information when auto_creation is enabled.
Enable if a new account in ZITADEL should be created automatically when login with an external account.
Enable if a the ZITADEL account fields should be updated automatically on each login.
Possible values: [AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL]
Default value: AUTO_LINKING_OPTION_UNSPECIFIED
Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches.
Enable the use of Proof Key for Code Exchange (PKCE) for the OAuth2 flow.
Body
required
Client id generated by the identity provider
Client secret generated by the identity provider
The endpoint where ZITADEL send the user to authenticate
The endpoint where ZITADEL can get the token
The endpoint where ZITADEL can get the user information
The scopes requested by ZITADEL during the request on the identity provider
Identifying attribute of the user in the response of the user_endpoint
providerOptions
object
Enable if users should be able to manually link an existing ZITADEL user with an external account. Disable if users should only be allowed to link the proposed account in case of active auto_linking.
Enable if users should be able to manually create a new account in ZITADEL when using an external account. Disable if users should not be able to edit account information when auto_creation is enabled.
Enable if a new account in ZITADEL should be created automatically when login with an external account.
Enable if a the ZITADEL account fields should be updated automatically on each login.
Possible values: [AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL]
Default value: AUTO_LINKING_OPTION_UNSPECIFIED
Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches.
Enable the use of Proof Key for Code Exchange (PKCE) for the OAuth2 flow.
Body
required
Client id generated by the identity provider
Client secret generated by the identity provider
The endpoint where ZITADEL send the user to authenticate
The endpoint where ZITADEL can get the token
The endpoint where ZITADEL can get the user information
The scopes requested by ZITADEL during the request on the identity provider
Identifying attribute of the user in the response of the user_endpoint
providerOptions
object
Enable if users should be able to manually link an existing ZITADEL user with an external account. Disable if users should only be allowed to link the proposed account in case of active auto_linking.
Enable if users should be able to manually create a new account in ZITADEL when using an external account. Disable if users should not be able to edit account information when auto_creation is enabled.
Enable if a new account in ZITADEL should be created automatically when login with an external account.
Enable if a the ZITADEL account fields should be updated automatically on each login.
Possible values: [AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL]
Default value: AUTO_LINKING_OPTION_UNSPECIFIED
Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches.
Enable the use of Proof Key for Code Exchange (PKCE) for the OAuth2 flow.
Responses​
- 200
- default
A successful response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-05T21:29:24.671Z",
    "changeDate": "2025-03-05T21:29:24.671Z",
    "resourceOwner": "69629023906488334"
  },
  "id": "string"
}
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-05T21:29:24.671Z",
    "changeDate": "2025-03-05T21:29:24.671Z",
    "resourceOwner": "69629023906488334"
  },
  "id": "string"
}
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-05T21:29:24.671Z",
    "changeDate": "2025-03-05T21:29:24.671Z",
    "resourceOwner": "69629023906488334"
  },
  "id": "string"
}
An unexpected error response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
- Array [ 
- ] 
details
object[]
{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}
- Schema
- Example (from schema)
Schema
- Array [ 
- ] 
details
object[]
{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}
- Schema
- Example (from schema)
Schema
- Array [ 
- ] 
details
object[]
{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}