Deprecated: Get Identity Provider (IDP) by ID

deprecated

This endpoint has been deprecated and may be removed in future versions of the API.

Returns an identity provider (social/enterprise login) by its ID e.g Google, AzureAD, etc.

Path Parameters

id string required

Responses

200
400
403
404
default

IDP found

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

idp object
id string
details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
state string
Possible values: [IDP_STATE_UNSPECIFIED, IDP_STATE_ACTIVE, IDP_STATE_INACTIVE]
Default value: IDP_STATE_UNSPECIFIED
the state of the identity provider
name string
stylingType string
Possible values: [STYLING_TYPE_UNSPECIFIED, STYLING_TYPE_GOOGLE]
Default value: STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
owner string
Possible values: [IDP_OWNER_TYPE_UNSPECIFIED, IDP_OWNER_TYPE_SYSTEM, IDP_OWNER_TYPE_ORG]
Default value: IDP_OWNER_TYPE_UNSPECIFIED
the owner of the identity provider.

IDP_OWNER_TYPE_SYSTEM: system is managed by the ZITADEL administrators

IDP_OWNER_TYPE_ORG: org is managed by de organization administrators

oidcConfig object
clientId string
client id generated by the identity provider
issuer string
the OIDC issuer of the identity provider
scopes string[]
the scopes requested by ZITADEL during the request on the identity provider
displayNameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
usernameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
jwtConfig object
jwtEndpoint string
the endpoint where the JWT can be extracted
issuer string
the issuer of the JWT (for validation)
keysEndpoint string
the endpoint to the key (JWK) which is used to sign the JWT with
headerName string
the name of the header where the JWT is sent in, default is authorization
autoRegister boolean

{
  "idp": {
    "id": "69629023906488334",
    "details": {
      "sequence": "2",
      "creationDate": "2023-05-12",
      "changeDate": "2023-05-12",
      "resourceOwner": "69629023906488334"
    },
    "state": "IDP_STATE_UNSPECIFIED",
    "name": "google",
    "stylingType": "STYLING_TYPE_UNSPECIFIED",
    "owner": "IDP_OWNER_TYPE_UNSPECIFIED",
    "oidcConfig": {
      "clientId": "string",
      "issuer": "https://accounts.google.com",
      "scopes": [
        "openid",
        "profile",
        "email"
      ],
      "displayNameMapping": "OIDC_MAPPING_FIELD_UNSPECIFIED",
      "usernameMapping": "OIDC_MAPPING_FIELD_UNSPECIFIED"
    },
    "jwtConfig": {
      "jwtEndpoint": "https://accounts.google.com",
      "issuer": "https://accounts.google.com",
      "keysEndpoint": "https://accounts.google.com/keys",
      "headerName": "x-auth-token"
    },
    "autoRegister": true
  }
}

Schema
Example (from schema)

Schema

idp object
id string
details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
state string
Possible values: [IDP_STATE_UNSPECIFIED, IDP_STATE_ACTIVE, IDP_STATE_INACTIVE]
Default value: IDP_STATE_UNSPECIFIED
the state of the identity provider
name string
stylingType string
Possible values: [STYLING_TYPE_UNSPECIFIED, STYLING_TYPE_GOOGLE]
Default value: STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
owner string
Possible values: [IDP_OWNER_TYPE_UNSPECIFIED, IDP_OWNER_TYPE_SYSTEM, IDP_OWNER_TYPE_ORG]
Default value: IDP_OWNER_TYPE_UNSPECIFIED
the owner of the identity provider.

IDP_OWNER_TYPE_SYSTEM: system is managed by the ZITADEL administrators

IDP_OWNER_TYPE_ORG: org is managed by de organization administrators

oidcConfig object
clientId string
client id generated by the identity provider
issuer string
the OIDC issuer of the identity provider
scopes string[]
the scopes requested by ZITADEL during the request on the identity provider
displayNameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
usernameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
jwtConfig object
jwtEndpoint string
the endpoint where the JWT can be extracted
issuer string
the issuer of the JWT (for validation)
keysEndpoint string
the endpoint to the key (JWK) which is used to sign the JWT with
headerName string
the name of the header where the JWT is sent in, default is authorization
autoRegister boolean

{
  "idp": {
    "id": "69629023906488334",
    "details": {
      "sequence": "2",
      "creationDate": "2023-05-12",
      "changeDate": "2023-05-12",
      "resourceOwner": "69629023906488334"
    },
    "state": "IDP_STATE_UNSPECIFIED",
    "name": "google",
    "stylingType": "STYLING_TYPE_UNSPECIFIED",
    "owner": "IDP_OWNER_TYPE_UNSPECIFIED",
    "oidcConfig": {
      "clientId": "string",
      "issuer": "https://accounts.google.com",
      "scopes": [
        "openid",
        "profile",
        "email"
      ],
      "displayNameMapping": "OIDC_MAPPING_FIELD_UNSPECIFIED",
      "usernameMapping": "OIDC_MAPPING_FIELD_UNSPECIFIED"
    },
    "jwtConfig": {
      "jwtEndpoint": "https://accounts.google.com",
      "issuer": "https://accounts.google.com",
      "keysEndpoint": "https://accounts.google.com/keys",
      "headerName": "x-auth-token"
    },
    "autoRegister": true
  }
}

Schema
Example (from schema)

Schema

idp object
id string
details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
state string
Possible values: [IDP_STATE_UNSPECIFIED, IDP_STATE_ACTIVE, IDP_STATE_INACTIVE]
Default value: IDP_STATE_UNSPECIFIED
the state of the identity provider
name string
stylingType string
Possible values: [STYLING_TYPE_UNSPECIFIED, STYLING_TYPE_GOOGLE]
Default value: STYLING_TYPE_UNSPECIFIED
some identity providers specify the styling of the button to their login
owner string
Possible values: [IDP_OWNER_TYPE_UNSPECIFIED, IDP_OWNER_TYPE_SYSTEM, IDP_OWNER_TYPE_ORG]
Default value: IDP_OWNER_TYPE_UNSPECIFIED
the owner of the identity provider.

IDP_OWNER_TYPE_SYSTEM: system is managed by the ZITADEL administrators

IDP_OWNER_TYPE_ORG: org is managed by de organization administrators

oidcConfig object
clientId string
client id generated by the identity provider
issuer string
the OIDC issuer of the identity provider
scopes string[]
the scopes requested by ZITADEL during the request on the identity provider
displayNameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the display name of the user
usernameMapping string
Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]
Default value: OIDC_MAPPING_FIELD_UNSPECIFIED
definition which field is mapped to the email of the user
jwtConfig object
jwtEndpoint string
the endpoint where the JWT can be extracted
issuer string
the issuer of the JWT (for validation)
keysEndpoint string
the endpoint to the key (JWK) which is used to sign the JWT with
headerName string
the name of the header where the JWT is sent in, default is authorization
autoRegister boolean

{
  "idp": {
    "id": "69629023906488334",
    "details": {
      "sequence": "2",
      "creationDate": "2023-05-12",
      "changeDate": "2023-05-12",
      "resourceOwner": "69629023906488334"
    },
    "state": "IDP_STATE_UNSPECIFIED",
    "name": "google",
    "stylingType": "STYLING_TYPE_UNSPECIFIED",
    "owner": "IDP_OWNER_TYPE_UNSPECIFIED",
    "oidcConfig": {
      "clientId": "string",
      "issuer": "https://accounts.google.com",
      "scopes": [
        "openid",
        "profile",
        "email"
      ],
      "displayNameMapping": "OIDC_MAPPING_FIELD_UNSPECIFIED",
      "usernameMapping": "OIDC_MAPPING_FIELD_UNSPECIFIED"
    },
    "jwtConfig": {
      "jwtEndpoint": "https://accounts.google.com",
      "issuer": "https://accounts.google.com",
      "keysEndpoint": "https://accounts.google.com/keys",
      "headerName": "x-auth-token"
    },
    "autoRegister": true
  }
}

invalid argument

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Returned when the user does not have permission to access the resource.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Returned when the resource does not exist.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

An unexpected error response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

GET /idps/:id

Authorization

type: oauth2flow: authorizationCodescopes: openid,urn:zitadel:iam:org:project:id:zitadel:aud

Request

Base URL

https://$ZITADEL_DOMAIN/admin/v1

Bearer Token

id — path required

Accept

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/idps/:id' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/idps/:id' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/idps/:id' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/idps/:id' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/idps/:id' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/idps/:id' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/idps/:id' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'