Deprecated: Add OIDC Identity Provider (IDP)
POST/idps/oidc
Create a new identity provider configuration on the organization to enable your users to log in with social/enterprise login. The provider has to be OIDC-compliant. This configuration can only be used by the organization itself.
Request​
Header Parameters
The default is always the organization of the requesting user. If you like to get/set a result of another organization include the header. Make sure the user has permission to access the requested data.
- application/json
- application/grpc
- application/grpc-web+proto
Body
required
Possible values: non-empty and <= 200 characters
Possible values: [STYLING_TYPE_UNSPECIFIED, STYLING_TYPE_GOOGLE]
Default value: STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
Possible values: non-empty and <= 200 characters
client id generated by the identity provider
Possible values: non-empty and <= 200 characters
client secret generated by the identity provider
the OIDC issuer of the identity provider
the scopes requested by ZITADEL during the request on the identity provider
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
Body
required
Possible values: non-empty and <= 200 characters
Possible values: [STYLING_TYPE_UNSPECIFIED, STYLING_TYPE_GOOGLE]
Default value: STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
Possible values: non-empty and <= 200 characters
client id generated by the identity provider
Possible values: non-empty and <= 200 characters
client secret generated by the identity provider
the OIDC issuer of the identity provider
the scopes requested by ZITADEL during the request on the identity provider
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
Body
required
Possible values: non-empty and <= 200 characters
Possible values: [STYLING_TYPE_UNSPECIFIED, STYLING_TYPE_GOOGLE]
Default value: STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
Possible values: non-empty and <= 200 characters
client id generated by the identity provider
Possible values: non-empty and <= 200 characters
client secret generated by the identity provider
the OIDC issuer of the identity provider
the scopes requested by ZITADEL during the request on the identity provider
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
Responses​
- 200
- default
A successful response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-05T21:29:24.558Z",
    "changeDate": "2025-03-05T21:29:24.558Z",
    "resourceOwner": "69629023906488334"
  },
  "idpId": "69234230193872955"
}
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-05T21:29:24.559Z",
    "changeDate": "2025-03-05T21:29:24.559Z",
    "resourceOwner": "69629023906488334"
  },
  "idpId": "69234230193872955"
}
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-05T21:29:24.559Z",
    "changeDate": "2025-03-05T21:29:24.559Z",
    "resourceOwner": "69629023906488334"
  },
  "idpId": "69234230193872955"
}
An unexpected error response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
- Array [ 
- ] 
details
object[]
{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}
- Schema
- Example (from schema)
Schema
- Array [ 
- ] 
details
object[]
{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}
- Schema
- Example (from schema)
Schema
- Array [ 
- ] 
details
object[]
{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}