Add AzureAD Identity Provider
Add AzureAD Identity Provider
- application/json
- application/grpc
- application/grpc-web+proto
Request Body required
- name string
- clientId string
client id generated by the Azure AD
- clientSecret string
client secret generated by the Azure AD
tenant object
Defines what kind of accounts are allowed to authenticate (Personal, Organizational, All). If not provided the
commontenant will be used (All accounts)tenantType stringPossible values: [
AZURE_AD_TENANT_TYPE_COMMON,AZURE_AD_TENANT_TYPE_ORGANISATIONS,AZURE_AD_TENANT_TYPE_CONSUMERS]Default value:
AZURE_AD_TENANT_TYPE_COMMONtenantId string- emailVerified boolean
Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent)
- scopes string[]
the scopes requested by ZITADEL during the request to Azure AD
providerOptions object
isLinkingAllowed booleanEnable if users should be able to link an existing ZITADEL user with an external account.
isCreationAllowed booleanEnable if users should be able to create a new account in ZITADEL when using an external account.
isAutoCreation booleanEnable if a new account in ZITADEL should be created automatically when login with an external account.
isAutoUpdate booleanEnable if a the ZITADEL account fields should be updated automatically on each login.
Request Body required
- name string
- clientId string
client id generated by the Azure AD
- clientSecret string
client secret generated by the Azure AD
tenant object
Defines what kind of accounts are allowed to authenticate (Personal, Organizational, All). If not provided the
commontenant will be used (All accounts)tenantType stringPossible values: [
AZURE_AD_TENANT_TYPE_COMMON,AZURE_AD_TENANT_TYPE_ORGANISATIONS,AZURE_AD_TENANT_TYPE_CONSUMERS]Default value:
AZURE_AD_TENANT_TYPE_COMMONtenantId string- emailVerified boolean
Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent)
- scopes string[]
the scopes requested by ZITADEL during the request to Azure AD
providerOptions object
isLinkingAllowed booleanEnable if users should be able to link an existing ZITADEL user with an external account.
isCreationAllowed booleanEnable if users should be able to create a new account in ZITADEL when using an external account.
isAutoCreation booleanEnable if a new account in ZITADEL should be created automatically when login with an external account.
isAutoUpdate booleanEnable if a the ZITADEL account fields should be updated automatically on each login.
Request Body required
- name string
- clientId string
client id generated by the Azure AD
- clientSecret string
client secret generated by the Azure AD
tenant object
Defines what kind of accounts are allowed to authenticate (Personal, Organizational, All). If not provided the
commontenant will be used (All accounts)tenantType stringPossible values: [
AZURE_AD_TENANT_TYPE_COMMON,AZURE_AD_TENANT_TYPE_ORGANISATIONS,AZURE_AD_TENANT_TYPE_CONSUMERS]Default value:
AZURE_AD_TENANT_TYPE_COMMONtenantId string- emailVerified boolean
Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent)
- scopes string[]
the scopes requested by ZITADEL during the request to Azure AD
providerOptions object
isLinkingAllowed booleanEnable if users should be able to link an existing ZITADEL user with an external account.
isCreationAllowed booleanEnable if users should be able to create a new account in ZITADEL when using an external account.
isAutoCreation booleanEnable if a new account in ZITADEL should be created automatically when login with an external account.
isAutoUpdate booleanEnable if a the ZITADEL account fields should be updated automatically on each login.
- 200
- 403
- 404
- default
A successful response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
details object
sequence uint64on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-timeon read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
changeDate date-timeon read: the timestamp of the last event reduced by the projection
on manipulation: the
resourceOwner resource_owner is the organization an object belongs to- id string
{
"details": {
"sequence": "2",
"creationDate": "2023-05-12",
"changeDate": "2023-05-12",
"resourceOwner": "69629023906488334"
},
"id": "string"
}
- Schema
- Example (from schema)
Schema
details object
sequence uint64on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-timeon read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
changeDate date-timeon read: the timestamp of the last event reduced by the projection
on manipulation: the
resourceOwner resource_owner is the organization an object belongs to- id string
{
"details": {
"sequence": "2",
"creationDate": "2023-05-12",
"changeDate": "2023-05-12",
"resourceOwner": "69629023906488334"
},
"id": "string"
}
- Schema
- Example (from schema)
Schema
details object
sequence uint64on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-timeon read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
changeDate date-timeon read: the timestamp of the last event reduced by the projection
on manipulation: the
resourceOwner resource_owner is the organization an object belongs to- id string
{
"details": {
"sequence": "2",
"creationDate": "2023-05-12",
"changeDate": "2023-05-12",
"resourceOwner": "69629023906488334"
},
"id": "string"
}
Returned when the user does not have permission to access the resource.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
Returned when the resource does not exist.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
An unexpected error response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}