Skip to main content

zitadel/policy.proto

This document reflects the state from API 1.0 (available from 20.04.2021)

Messages

DomainPolicy

FieldTypeDescriptionValidation
detailszitadel.v1.ObjectDetails-
user_login_must_be_domainbool-
is_defaultbool-
validate_org_domainsbool-
smtp_sender_address_matches_instance_domainbool-

LabelPolicy

FieldTypeDescriptionValidation
detailszitadel.v1.ObjectDetails-
primary_colorstringhex value for primary color
is_defaultbooldefines if the organisation's admin changed the policy
hide_login_name_suffixboolhides the org suffix on the login form if the scope \"urn:zitadel:iam:org:domain:primary:{domainname}\" is set. Details about this scope in
warn_colorstringhex value for secondary color
background_colorstringhex value for background color
font_colorstringhex value for font color
primary_color_darkstringhex value for primary color dark theme
background_color_darkstringhex value for background color dark theme
warn_color_darkstringhex value for warn color dark theme
font_color_darkstringhex value for font color dark theme
disable_watermarkbool-
logo_urlstring-
icon_urlstring-
logo_url_darkstring-
icon_url_darkstring-
font_urlstring-

LockoutPolicy

FieldTypeDescriptionValidation
detailszitadel.v1.ObjectDetails-
max_password_attemptsuint64-
is_defaultbool-

LoginPolicy

FieldTypeDescriptionValidation
detailszitadel.v1.ObjectDetails-
allow_username_passwordbool-
allow_registerbool-
allow_external_idpbool-
force_mfabool-
passwordless_typePasswordlessType-
is_defaultbool-
hide_password_resetbool-
ignore_unknown_usernamesbool-
default_redirect_uristring-
password_check_lifetimegoogle.protobuf.Duration-
external_login_check_lifetimegoogle.protobuf.Duration-
mfa_init_skip_lifetimegoogle.protobuf.Duration-
second_factor_check_lifetimegoogle.protobuf.Duration-
multi_factor_check_lifetimegoogle.protobuf.Duration-
second_factorsrepeated SecondFactorType-
multi_factorsrepeated MultiFactorType-
idpsrepeated zitadel.idp.v1.IDPLoginPolicyLink-

OrgIAMPolicy

deprecated: please use DomainPolicy instead

FieldTypeDescriptionValidation
detailszitadel.v1.ObjectDetails-
user_login_must_be_domainbool-
is_defaultbool-

PasswordAgePolicy

FieldTypeDescriptionValidation
detailszitadel.v1.ObjectDetails-
max_age_daysuint64-
expire_warn_daysuint64-
is_defaultbool-

PasswordComplexityPolicy

FieldTypeDescriptionValidation
detailszitadel.v1.ObjectDetails-
min_lengthuint64-
has_uppercasebool-
has_lowercasebool-
has_numberbool-
has_symbolbool-
is_defaultbool-

PrivacyPolicy

FieldTypeDescriptionValidation
detailszitadel.v1.ObjectDetails-
tos_linkstring-
privacy_linkstring-
is_defaultbool-
help_linkstring-

Enums

MultiFactorType

NameNumberDescription
MULTI_FACTOR_TYPE_UNSPECIFIED0-
MULTI_FACTOR_TYPE_U2F_WITH_VERIFICATION1-

PasswordlessType

NameNumberDescription
PASSWORDLESS_TYPE_NOT_ALLOWED0-
PASSWORDLESS_TYPE_ALLOWED1PLANNED: PASSWORDLESS_TYPE_WITH_CERT

SecondFactorType

NameNumberDescription
SECOND_FACTOR_TYPE_UNSPECIFIED0-
SECOND_FACTOR_TYPE_OTP1-
SECOND_FACTOR_TYPE_U2F2-