Skip to main content

Deprecated: Search Identity Providers (IDP)

deprecated

This endpoint has been deprecated and may be removed in future versions of the API.

Returns a list of identity providers (social/enterprise login) configured on an instance level. e.g Google, AzureAD, etc.

Request Body required
  • query object

    Object unspecific list filters like offset, limit and asc/desc.

  • offset uint64
  • limit int64

    Maximum amount of events returned. The default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If the limit exceeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.

  • asc boolean

    default is descending

  • sortingColumn the field the result is sorted

    Possible values: [IDP_FIELD_NAME_UNSPECIFIED, IDP_FIELD_NAME_NAME]

    Default value: IDP_FIELD_NAME_UNSPECIFIED

  • queries object[]
  • Array [
  • idpIdQuery object
  • id string
  • idpNameQuery object
  • name string
  • method string

    Possible values: [TEXT_QUERY_METHOD_EQUALS, TEXT_QUERY_METHOD_EQUALS_IGNORE_CASE, TEXT_QUERY_METHOD_STARTS_WITH, TEXT_QUERY_METHOD_STARTS_WITH_IGNORE_CASE, TEXT_QUERY_METHOD_CONTAINS, TEXT_QUERY_METHOD_CONTAINS_IGNORE_CASE, TEXT_QUERY_METHOD_ENDS_WITH, TEXT_QUERY_METHOD_ENDS_WITH_IGNORE_CASE]

    Default value: TEXT_QUERY_METHOD_EQUALS

    defines which text equality method is used

  • ]
Responses

idps found

Schema
  • details object
  • totalResult uint64
  • processedSequence uint64
  • viewTimestamp date-time

    the last time the view got updated

  • sortingColumn string

    Possible values: [IDP_FIELD_NAME_UNSPECIFIED, IDP_FIELD_NAME_NAME]

    Default value: IDP_FIELD_NAME_UNSPECIFIED

  • result object[]
  • Array [
  • id string
  • details object
  • sequence uint64

    on read: the sequence of the last event reduced by the projection

    on manipulation: the timestamp of the event(s) added by the manipulation

  • creationDate date-time

    on read: the timestamp of the first event of the object

    on create: the timestamp of the event(s) added by the manipulation

  • changeDate date-time

    on read: the timestamp of the last event reduced by the projection

    on manipulation: the

  • resourceOwner resource_owner is the organization an object belongs to
  • state string

    Possible values: [IDP_STATE_UNSPECIFIED, IDP_STATE_ACTIVE, IDP_STATE_INACTIVE]

    Default value: IDP_STATE_UNSPECIFIED

    the state of the identity provider

  • name string
  • stylingType string

    Possible values: [STYLING_TYPE_UNSPECIFIED, STYLING_TYPE_GOOGLE]

    Default value: STYLING_TYPE_UNSPECIFIED

    some identity providers specify the styling of the button to their login

  • owner string

    Possible values: [IDP_OWNER_TYPE_UNSPECIFIED, IDP_OWNER_TYPE_SYSTEM, IDP_OWNER_TYPE_ORG]

    Default value: IDP_OWNER_TYPE_UNSPECIFIED

    the owner of the identity provider.

    • IDP_OWNER_TYPE_SYSTEM: system is managed by the ZITADEL administrators
    • IDP_OWNER_TYPE_ORG: org is managed by de organization administrators
  • oidcConfig object
  • clientId string

    client id generated by the identity provider

  • issuer string

    the OIDC issuer of the identity provider

  • scopes string[]

    the scopes requested by ZITADEL during the request on the identity provider

  • displayNameMapping string

    Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]

    Default value: OIDC_MAPPING_FIELD_UNSPECIFIED

    definition which field is mapped to the display name of the user

  • usernameMapping string

    Possible values: [OIDC_MAPPING_FIELD_UNSPECIFIED, OIDC_MAPPING_FIELD_PREFERRED_USERNAME, OIDC_MAPPING_FIELD_EMAIL]

    Default value: OIDC_MAPPING_FIELD_UNSPECIFIED

    definition which field is mapped to the email of the user

  • jwtConfig object
  • jwtEndpoint string

    the endpoint where the JWT can be extracted

  • issuer string

    the issuer of the JWT (for validation)

  • keysEndpoint string

    the endpoint to the key (JWK) which is used to sign the JWT with

  • headerName string

    the name of the header where the JWT is sent in, default is authorization

  • autoRegister boolean
  • ]
POST /idps/_search

Authorization

type: oauth2flow: authorizationCodescopes: openid,urn:zitadel:iam:org:project:id:zitadel:aud

Request

Base URL
https://$ZITADEL_DOMAIN/admin/v1
Bearer Token
Content-Type
Body required
{

  "query": {

    "offset": "0",

    "limit": 100,

    "asc": true

  },

  "sortingColumn": "IDP_FIELD_NAME_UNSPECIFIED",

  "queries": [

    {

      "idpIdQuery": {

        "id": "69629023906488334"

      },

      "idpNameQuery": {

        "name": "google",

        "method": "TEXT_QUERY_METHOD_EQUALS"

      }

    }

  ]

}
Accept
curl -L -X POST 'https://$ZITADEL_DOMAIN/admin/v1/idps/_search' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "query": {
    "offset": "0",
    "limit": 100,
    "asc": true
  },
  "sortingColumn": "IDP_FIELD_NAME_UNSPECIFIED",
  "queries": [
    {
      "idpIdQuery": {
        "id": "69629023906488334"
      },
      "idpNameQuery": {
        "name": "google",
        "method": "TEXT_QUERY_METHOD_EQUALS"
      }
    }
  ]
}'