External Authentication Flow
This flow is executed if the user logs in using an identity provider.
The flow is represented by the following Ids in the API: FLOW_TYPE_EXTERNAL_AUTHENTICATION and 1
Post Authentication​
A user has authenticated externally. ZITADEL retrieved and mapped the external information.
The trigger is represented by the following Ids in the API: TRIGGER_TYPE_POST_AUTHENTICATION or 1.
Parameters of Post Authentication Action​
ctx
The first parameter contains the following fieldsaccessTokenstring
The access token returned by the identity provider. This can be an opaque token or a JWTrefreshTokenstring
The refresh token returned by the identity provider if there is one. This is most likely to be an opaque token.claimsJSON()idTokenClaims
Returns all claims of the id tokengetClaim(key)Any
Returns the requested id token claimidTokenstring
The id token provided by the identity provider.v1externalUser()externalUserauthErrorstring
This is a verification errors string representation. If the verification succeeds, this is "none"authRequestauth requesthttpRequesthttp requestproviderInfoAny
Returns the response of the provider. In case the provider is a Generic OAuth Provider, the information is accessible through:rawInfoAny
orggetMetadata()metadataResult
api
The second parameter contains the following fieldsv1userappendMetadata(string, Any)
The first parameter represents the key and the second a value which will be stored
setFirstName(string)
Sets the given namesetLastName(string)
Sets the family namesetNickName(string)
Sets the nicknamesetDisplayName(string)
Sets the display namesetPreferredLanguage(string)
Sets the preferred language. Please use the format defined in RFC 5646setPreferredUsername(string)
Sets the preferred usernamesetEmail(string)
Sets the email address of the usersetEmailVerified(boolean)
Sets the email address verified or unverifiedsetPhone(string)
Sets the phone number of the usersetPhoneVerified(boolean)
Sets the phone number verified or unverifiedmetadata
Array of metadata. This function is deprecated, please useapi.v1.user.appendMetadata
Pre Creation​
A user selected Register on the overview page after external authentication. ZITADEL did not create the user yet.
The trigger is represented by the following Ids in the API: TRIGGER_TYPE_PRE_CREATION or 2.
Parameters of Pre Creation​
ctx
The first parameter contains the following fieldsv1userhumanauthRequestauth requesthttpRequesthttp requestorggetMetadata()metadataResult
api
The second parameter contains the following fieldsmetadata
Array of metadata. This function is deprecated, please useapi.v1.user.appendMetadatasetFirstName(string)
Sets the given namesetLastName(string)
Sets the family namesetNickName(string)
Sets the nick namesetDisplayName(string)
Sets the display namesetPreferredLanguage(string)
Sets the preferred language, the string has to be a valid language tag as defined in RFC 5646setGender(int)
Sets the gender.
- 0: unspecified
- 1: female
- 2: male
- 3: diverse
setUsername(string)
Sets the usernamesetEmail(string)
Sets the emailsetEmailVerified(bool)
If true the email set is verified without user interactionsetPhone(string)
Sets the phone numbersetPhoneVerified(bool)
If true the phone number set is verified without user interactionv1userappendMetadata(string, Any)
The first parameter represents the key and the second a value which will be stored
Post Creation​
A user selected Register on the overview page after external authentication and ZITADEL successfully created the user.
The trigger is represented by the following Ids in the API: TRIGGER_TYPE_POST_CREATION or 3.
Parameters of Post Creation​
ctx
The first parameter contains the following fieldsv1getUser()userauthRequestauth requesthttpRequesthttp requestorggetMetadata()metadataResult
api
The second parameter contains the following fields