Skip to main content

Update Generic OAuth Identity Provider​

Update Generic OAuth Identity Provider

Path Parameters
    id string required
Request Body required
    name string
    clientId string

    Client id generated by the identity provider

    clientSecret client_secret will only be updated if provided

    Client secret will only be updated if provided

    authorizationEndpoint string

    The endpoint where ZITADEL send the user to authenticate

    tokenEndpoint string

    The endpoint where ZITADEL can get the token

    userEndpoint string

    The endpoint where ZITADEL can get the user information

    scopes string[]

    The scopes requested by ZITADEL during the request on the identity provider

    idAttribute identifying attribute of the user in the response of the user_endpoint

    Identifying attribute of the user in the response of the user_endpoint

    providerOptions object
    isLinkingAllowed boolean

    Enable if users should be able to link an existing ZITADEL user with an external account.

    isCreationAllowed boolean

    Enable if users should be able to create a new account in ZITADEL when using an external account.

    isAutoCreation boolean

    Enable if a new account in ZITADEL should be created automatically when login with an external account.

    isAutoUpdate boolean

    Enable if a the ZITADEL account fields should be updated automatically on each login.

Responses

A successful response.

Schema
    details object
    sequence uint64

    on read: the sequence of the last event reduced by the projection

    on manipulation: the timestamp of the event(s) added by the manipulation

    creationDate date-time

    on read: the timestamp of the first event of the object

    on create: the timestamp of the event(s) added by the manipulation

    changeDate date-time

    on read: the timestamp of the last event reduced by the projection

    on manipulation: the

    resourceOwner resource_owner is the organization an object belongs to
PUT /idps/oauth/:id

Authorization

name: OAuth2type: oauth2scopes: openid,urn:zitadel:iam:org:project:id:zitadel:audflows: {
  "authorizationCode": {
    "authorizationUrl": "$CUSTOM-DOMAIN/oauth/v2/authorize",
    "tokenUrl": "$CUSTOM-DOMAIN/oauth/v2/token",
    "scopes": {
      "openid": "openid",
      "urn:zitadel:iam:org:project:id:zitadel:aud": "urn:zitadel:iam:org:project:id:zitadel:aud"
    }
  }
}

Request

Base URL
https://$CUSTOM-DOMAIN/management/v1
Bearer Token
id — path required
Content-Type
Body required
{

  "name": "My Provider",

  "clientId": "client-id",

  "clientSecret": "client-secret",

  "authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",

  "tokenEndpoint": "https://oauth2.googleapis.com/token",

  "userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",

  "scopes": [

    "openid",

    "profile",

    "email"

  ],

  "idAttribute": "user_id",

  "providerOptions": {

    "isLinkingAllowed": true,

    "isCreationAllowed": true,

    "isAutoCreation": true,

    "isAutoUpdate": true

  }

}
Accept
curl / cURL
curl -L -X PUT 'https://$CUSTOM-DOMAIN/management/v1/idps/oauth/:id' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "name": "My Provider",
  "clientId": "client-id",
  "clientSecret": "client-secret",
  "authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
  "tokenEndpoint": "https://oauth2.googleapis.com/token",
  "userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
  "scopes": [
    "openid",
    "profile",
    "email"
  ],
  "idAttribute": "user_id",
  "providerOptions": {
    "isLinkingAllowed": true,
    "isCreationAllowed": true,
    "isAutoCreation": true,
    "isAutoUpdate": true
  }
}'