External Authentication Flow
This flow is executed if the user logs in using an identity provider or using a jwt token.
The flow is represented by the following Ids in the API: FLOW_TYPE_EXTERNAL_AUTHENTICATION
and 1
Post Authentication​
A user has authenticated externally. ZITADEL retrieved and mapped the external information.
The trigger is represented by the following Ids in the API: TRIGGER_TYPE_POST_AUTHENTICATION
or 1
.
Parameters of Post Authentication Action​
ctx
The first parameter contains the following fieldsaccessToken
string
The access token returned by the identity provider. This can be an opaque token or a JWTclaimsJSON()
idTokenClaims
Returns all claims of the id tokengetClaim(key)
Any
Returns the requested id token claimidToken
string
The id token provided by the identity provider.v1
externalUser()
externalUserauthError
string
This is a verification errors string representation. If the verification succeeds, this is "none"authRequest
auth requesthttpRequest
http requestproviderInfo
Any
Returns the response of the provider. In case the provider is a Generic OAuth Provider, the information is accessible through:rawInfo
Any
org
getMetadata()
metadataResult
api
The second parameter contains the following fieldsv1
user
appendMetadata(string, Any)
The first parameter represents the key and the second a value which will be stored
setFirstName(string)
Sets the given namesetLastName(string)
Sets the family namesetNickName(string)
Sets the nicknamesetDisplayName(string)
Sets the display namesetPreferredLanguage(string)
Sets the preferred language. Please use the format defined in RFC 5646setPreferredUsername(string)
Sets the preferred usernamesetEmail(string)
Sets the email address of the usersetEmailVerified(boolean)
Sets the email address verified or unverifiedsetPhone(string)
Sets the phone number of the usersetPhoneVerified(boolean)
Sets the phone number verified or unverifiedmetadata
Array of metadata. This function is deprecated, please useapi.v1.user.appendMetadata
Pre Creation​
A user selected Register on the overview page after external authentication. ZITADEL did not create the user yet.
The trigger is represented by the following Ids in the API: TRIGGER_TYPE_PRE_CREATION
or 2
.
Parameters of Pre Creation​
ctx
The first parameter contains the following fieldsv1
user
humanauthRequest
auth requesthttpRequest
http requestorg
getMetadata()
metadataResult
api
The second parameter contains the following fieldsmetadata
Array of metadata. This function is deprecated, please useapi.v1.user.appendMetadata
setFirstName(string)
Sets the given namesetLastName(string)
Sets the family namesetNickName(string)
Sets the nick namesetDisplayName(string)
Sets the display namesetPreferredLanguage(string)
Sets the preferred language, the string has to be a valid language tag as defined in RFC 5646setGender(int)
Sets the gender.- 0: unspecified
- 1: female
- 2: male
- 3: diverse
setUsername(string)
Sets the usernamesetEmail(string)
Sets the emailsetEmailVerified(bool)
If true the email set is verified without user interactionsetPhone(string)
Sets the phone numbersetPhoneVerified(bool)
If true the phone number set is verified without user interactionv1
user
appendMetadata(string, Any)
The first parameter represents the key and the second a value which will be stored
Post Creation​
A user selected Register on the overview page after external authentication and ZITADEL successfully created the user.
The trigger is represented by the following Ids in the API: TRIGGER_TYPE_POST_CREATION
or 3
.
Parameters of Post Creation​
ctx
The first parameter contains the following fieldsv1
getUser()
userauthRequest
auth requesthttpRequest
http requestorg
getMetadata()
metadataResult
api
The second parameter contains the following fields