Skip to main content

Code examples

Actions are a powerful tool to extend ZITADEL and you might wonder what use cases actions can be used for.

This page provides a non-exhaustive list of possibilities which is provided by examples. If a use case is missing feel free to contribute an issue or pull request to the repository, thanks in advance πŸ€—.

Customize OIDC response​

Append claims returned on OIDC requests.

Triggers​

Set hardcoded claim​

Extend the claims by a hardcoded value.

Code example
https://github.com/zitadel/actions/blob/main/examples/add_claim.js

Set dynamic claim from user metadata​

Extend the claims by dynamically read metadata from a user and sets the picture-claim if idpPicture-metadata value is present.

Code example
https://github.com/zitadel/actions/blob/main/examples/add_picture_claim_from_idp_metadata.js

Set dynamic claim from organization metadata​

Extend the claims by dynamically read metadata from an organization and sets the present metadata.

Code example
https://github.com/zitadel/actions/blob/main/examples/org_metadata_claim.js

Custom role mapping in claims​

Some products require specific role mapping from ZITADEL, no worries we got you covered πŸ˜‰

Code example
https://github.com/zitadel/actions/blob/main/examples/custom_roles.js

Custom role mapping including org metadata in claims​

There's even a possibility to use the metadata of organizations the user is granted to

Code example
https://github.com/zitadel/actions/blob/main/examples/custom_roles_org_metadata.js

Customize SAML response​

Append attributes returned on SAML requests.

Triggers​

Custom role mapping in attributes​

Some products require specific role mapping from ZITADEL, no worries we got you covered πŸ˜‰

Code example
https://github.com/zitadel/actions/blob/main/examples/set_custom_attribute.js

Set dynamic attribute from organization metadata​

Extend the attributes by dynamically read metadata from an organization and sets the present metadata.

Code example
https://github.com/zitadel/actions/blob/main/examples/org_metadata_attribute.js

Manipulate user​

You can automate manual tasks like setting default grants during user creation.

Set email always verified​

Useful if you trust the provided information or don't want the users to verify their e-mail addresses.

Triggers​

Code example
https://github.com/zitadel/actions/blob/main/examples/verify_email.js

Add grants to users​

Allows you to add default user grants to a user after it was created or federated.

Triggers​

Code example
https://github.com/zitadel/actions/blob/main/examples/add_user_grant.js

Add metadata to users​

Adding metadata to users allows you to set default metadata on users.

Triggers​

Code example
https://github.com/zitadel/actions/blob/main/examples/add_metadata.js

Use provided fields of identity providers​

If you want to ensure that the data of a user are always update you can automatically update user fields during authentication and safe time of your customers and your team. 🀯

Trigger​

Fields provided by Okta as OIDC IdP​

If you use Okta as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
https://github.com/zitadel/actions/blob/main/examples/okta_identity_provider.js

Fields provided by Gitlab​

If you use Gitlab as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
https://github.com/zitadel/actions/blob/main/examples/gitlab_identity_provider.js

Fields provided by Github​

If you use Github as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
https://github.com/zitadel/actions/blob/main/examples/github_identity_provider.js

Claims provided by a generic OIDC identity provider​

If you use a generic OIDC identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
https://github.com/zitadel/actions/blob/main/examples/set_idp_picture_metadata.js

Attributes provided by Okta as SAML IDP​

If you use Okta as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
https://github.com/zitadel/actions/blob/main/examples/okta_saml_prefil_register_form.js

Attributes provided by Microsoft Entra as SAML IDP​

If you use Microsoft Entra as SAML identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
https://github.com/zitadel/actions/blob/main/examples/entra_id_saml_prefil_register_form.js

Attributes provided by a generic SAML identity provider​

If you use a SAML identity provider like mocksaml you can improve the onboarding experience of new users by prefilling some basic information during authentication.

Code example
https://github.com/zitadel/actions/blob/main/examples/post_auth_saml.js

Context aware execution​

Based on the context the execution path of an action can change. ZITADEL allows complex execution paths of course. 😎

Based on auth request information​

Execution paths might change based on the application initiating the authentication.

Triggers​

Code example
https://github.com/zitadel/actions/blob/main/examples/execute_action_on_specific_app.js

This example uses zitadel's log module

Check authentication error​

Your action can also check for errors during the login process.

Triggers​

Code example
https://github.com/zitadel/actions/blob/main/examples/post_auth_log.js

This example uses zitadel's log module

Throw an error​

Allows you to limit the user interaction. The error thrown will be shown to the user if the action is not allowed to fail.

Code example
https://github.com/zitadel/actions/blob/main/examples/throw_error.js