Code examples
Actions are a powerful tool to extend ZITADEL and you might wonder what use cases actions can be used for.
This page provides a non-exhaustive list of possibilities which is provided by examples. If a use case is missing feel free to contribute an issue or pull request to the repository, thanks in advance π€.
Customize OIDC responseβ
Append claims returned on OIDC requests.
Triggersβ
- Complement token
Set hardcoded claimβ
Extend the claims by a hardcoded value.
Code example
https://github.com/zitadel/actions/blob/main/examples/add_claim.js
Set dynamic claim from user metadataβ
Extend the claims by dynamically read metadata from a user and sets the picture-claim if idpPicture-metadata value is present.
Code example
https://github.com/zitadel/actions/blob/main/examples/add_picture_claim_from_idp_metadata.js
Set dynamic claim from organization metadataβ
Extend the claims by dynamically read metadata from an organization and sets the present metadata.
Code example
https://github.com/zitadel/actions/blob/main/examples/org_metadata_claim.js
Custom role mapping in claimsβ
Some products require specific role mapping from ZITADEL, no worries we got you covered π
Code example
https://github.com/zitadel/actions/blob/main/examples/custom_roles.js
Custom role mapping including org metadata in claimsβ
There's even a possibility to use the metadata of organizations the user is granted to
Code example
https://github.com/zitadel/actions/blob/main/examples/custom_roles_org_metadata.js
Customize SAML responseβ
Append attributes returned on SAML requests.
Triggersβ
- Complement SAMLResponse
Custom role mapping in attributesβ
Some products require specific role mapping from ZITADEL, no worries we got you covered π
Code example
https://github.com/zitadel/actions/blob/main/examples/set_custom_attribute.js
Set dynamic attribute from organization metadataβ
Extend the attributes by dynamically read metadata from an organization and sets the present metadata.
Code example
https://github.com/zitadel/actions/blob/main/examples/org_metadata_attribute.js
Manipulate userβ
You can automate manual tasks like setting default grants during user creation.
Set email always verifiedβ
Useful if you trust the provided information or don't want the users to verify their e-mail addresses.
Triggersβ
- Internal Authentication
- External Authentication
Code example
https://github.com/zitadel/actions/blob/main/examples/verify_email.js
Add grants to usersβ
Allows you to add default user grants to a user after it was created or federated.
Triggersβ
- Internal Authentication
- External Authentication
Code example
https://github.com/zitadel/actions/blob/main/examples/add_user_grant.js
Add metadata to usersβ
Adding metadata to users allows you to set default metadata on users.
Triggersβ
- Internal Authentication
- External Authentication
Code example
https://github.com/zitadel/actions/blob/main/examples/add_metadata.js
Use provided fields of identity providersβ
If you want to ensure that the data of a user are always update you can automatically update user fields during authentication and safe time of your customers and your team. π€―
Triggerβ
- External Authentication
Fields provided by Okta as OIDC IdPβ
If you use Okta as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/okta_identity_provider.js
Fields provided by Gitlabβ
If you use Gitlab as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/gitlab_identity_provider.js
Fields provided by Githubβ
If you use Github as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/github_identity_provider.js
Claims provided by a generic OIDC identity providerβ
If you use a generic OIDC identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/set_idp_picture_metadata.js
Attributes provided by Okta as SAML IDPβ
If you use Okta as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/okta_saml_prefil_register_form.js
Attributes provided by Microsoft Entra as SAML IDPβ
If you use Microsoft Entra as SAML identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/entra_id_saml_prefil_register_form.js
Attributes provided by a generic SAML identity providerβ
If you use a SAML identity provider like mocksaml you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/post_auth_saml.js
Context aware executionβ
Based on the context the execution path of an action can change. ZITADEL allows complex execution paths of course. π
Based on auth request informationβ
Execution paths might change based on the application initiating the authentication.
Triggersβ
- Internal Authentication
- External Authentication
Code example
https://github.com/zitadel/actions/blob/main/examples/execute_action_on_specific_app.js
This example uses zitadel's log module
Check authentication errorβ
Your action can also check for errors during the login process.
Triggersβ
- Internal Authentication
- External Authentication
Code example
https://github.com/zitadel/actions/blob/main/examples/post_auth_log.js
This example uses zitadel's log module
Throw an errorβ
Allows you to limit the user interaction. The error thrown will be shown to the user if the action is not allowed to fail.
Code example
https://github.com/zitadel/actions/blob/main/examples/throw_error.js