Skip to main content

Update Generic OAuth Identity Provider

Update Generic OAuth Identity Provider

Path Parameters
  • id string required
Request Body required
  • name string
  • clientId string

    Client id generated by the identity provider

  • clientSecret client_secret will only be updated if provided

    Client secret will only be updated if provided

  • authorizationEndpoint string

    The endpoint where ZITADEL send the user to authenticate

  • tokenEndpoint string

    The endpoint where ZITADEL can get the token

  • userEndpoint string

    The endpoint where ZITADEL can get the user information

  • scopes string[]

    The scopes requested by ZITADEL during the request on the identity provider

  • idAttribute identifying attribute of the user in the response of the user_endpoint

    Identifying attribute of the user in the response of the user_endpoint

  • providerOptions object
  • isLinkingAllowed boolean

    Enable if users should be able to link an existing ZITADEL user with an external account.

  • isCreationAllowed boolean

    Enable if users should be able to create a new account in ZITADEL when using an external account.

  • isAutoCreation boolean

    Enable if a new account in ZITADEL should be created automatically when login with an external account.

  • isAutoUpdate boolean

    Enable if a the ZITADEL account fields should be updated automatically on each login.

Responses

A successful response.

Schema
  • details object
  • sequence uint64

    on read: the sequence of the last event reduced by the projection

    on manipulation: the timestamp of the event(s) added by the manipulation

  • creationDate date-time

    on read: the timestamp of the first event of the object

    on create: the timestamp of the event(s) added by the manipulation

  • changeDate date-time

    on read: the timestamp of the last event reduced by the projection

    on manipulation: the

  • resourceOwner resource_owner is the organization an object belongs to
PUT /idps/oauth/:id

Authorization

type: oauth2flow: authorizationCodescopes: openid,urn:zitadel:iam:org:project:id:zitadel:aud

Request

Base URL
https://$ZITADEL_DOMAIN/admin/v1
Bearer Token
id — path required
Content-Type
Body required
{

  "name": "My Provider",

  "clientId": "client-id",

  "clientSecret": "client-secret",

  "authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",

  "tokenEndpoint": "https://oauth2.googleapis.com/token",

  "userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",

  "scopes": [

    "openid",

    "profile",

    "email"

  ],

  "idAttribute": "user_id",

  "providerOptions": {

    "isLinkingAllowed": true,

    "isCreationAllowed": true,

    "isAutoCreation": true,

    "isAutoUpdate": true

  }

}
Accept
curl -L -X PUT 'https://$ZITADEL_DOMAIN/admin/v1/idps/oauth/:id' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "name": "My Provider",
  "clientId": "client-id",
  "clientSecret": "client-secret",
  "authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
  "tokenEndpoint": "https://oauth2.googleapis.com/token",
  "userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
  "scopes": [
    "openid",
    "profile",
    "email"
  ],
  "idAttribute": "user_id",
  "providerOptions": {
    "isLinkingAllowed": true,
    "isCreationAllowed": true,
    "isAutoCreation": true,
    "isAutoUpdate": true
  }
}'