Skip to main content

Add OIDC Settings​

Create new OIDC settings. The OIDC Settings define the lifetimes of the different tokens in OIDC. These settings are used for all organizations and clients.

Request Body required
    accessTokenLifetime string
    idTokenLifetime string
    refreshTokenIdleExpiration string
    refreshTokenExpiration string
Responses

A successful response.

Schema
    details object
    sequence uint64

    on read: the sequence of the last event reduced by the projection

    on manipulation: the timestamp of the event(s) added by the manipulation

    creationDate date-time

    on read: the timestamp of the first event of the object

    on create: the timestamp of the event(s) added by the manipulation

    changeDate date-time

    on read: the timestamp of the last event reduced by the projection

    on manipulation: the

    resourceOwner resource_owner is the organization an object belongs to
POST /settings/oidc

Authorization

name: OAuth2type: oauth2scopes: openid,urn:zitadel:iam:org:project:id:zitadel:audflows: {
  "authorizationCode": {
    "authorizationUrl": "$CUSTOM-DOMAIN/oauth/v2/authorize",
    "tokenUrl": "$CUSTOM-DOMAIN/oauth/v2/token",
    "scopes": {
      "openid": "openid",
      "urn:zitadel:iam:org:project:id:zitadel:aud": "urn:zitadel:iam:org:project:id:zitadel:aud"
    }
  }
}

Request

Base URL
https://$CUSTOM-DOMAIN/admin/v1
Bearer Token
Content-Type
Body required
{

  "accessTokenLifetime": "string",

  "idTokenLifetime": "string",

  "refreshTokenIdleExpiration": "string",

  "refreshTokenExpiration": "string"

}
Accept
curl / cURL
curl -L -X POST 'https://$CUSTOM-DOMAIN/admin/v1/settings/oidc' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "accessTokenLifetime": "string",
  "idTokenLifetime": "string",
  "refreshTokenIdleExpiration": "string",
  "refreshTokenExpiration": "string"
}'