Skip to main content

Behavior Customization

In this guide, you will create a ZITADEL action. After users register using an external identity provider, the action assigns them a role.

Prerequisites

Before you start, make sure you have everything set up correctly.

Copy some information for the action

  1. Select the Projects navigation item.
  2. Select a project that has a role configured.
  3. Copy the projects Resource Id on the screens top right.
  4. Scroll to the ROLES section and note some roles key.

Create the action

  1. Select the Actions navigation item.
  2. In the Actions section, select the + New button.
  3. Give the new action the name addGrant.
  4. Paste this snippet into the multiline textfield.
  5. Replace the snippets placeholders and select Save.
function addGrant(ctx, api) {
api.userGrants.push({
ProjectID: '<the projects resource ID you copied above>',
Roles: ['<the role key you copied above>']
});
}

Run the action when a user registers

Now, make the action hook into the external authentication flow.

  1. In the Flows section, select the + New button.
  2. Select the Flow Type External Authentication.
  3. Select the Trigger Type Post Creation.
  4. In the Actions dropdown, check addGrant.
  5. Select the Save button.

New users automatically are assiged a role now if they register by authenticating with an external identity provider.

What's next?