Retrieve the information returned by the identity provider

Retrieve the information returned by the identity provider for registration or updating an existing user with new information

Path Parameters

idpIntentId string required

ID of the idp intent, previously returned on the success response of the IDP callback

application/json

application/grpc

application/grpc-web+proto

Request Body required

idpIntentToken string

Possible values: non-empty and <= 200 characters

token of the idp intent, previously returned on the success response of the IDP callback

Request Body required

idpIntentToken string

Possible values: non-empty and <= 200 characters

token of the idp intent, previously returned on the success response of the IDP callback

Request Body required

idpIntentToken string

Possible values: non-empty and <= 200 characters

token of the idp intent, previously returned on the success response of the IDP callback

Responses

• 200
• 403
• 404
• default

---

OK

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

details object
sequence uint64
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
resourceOwner resource_owner is the organization or instance_id an object belongs to
idpInformation object

oauth object

OAuth/OIDC access (and id_token) returned by the identity provider

accessToken string

idToken string

ldap object

LDAP entity attributes returned by the identity provider

attributes object

saml object

SAMLResponse returned by the identity provider

assertion byte

idpId string

ID of the identity provider

userId string

ID of the user of the identity provider

userName string

username of the user of the identity provider

rawInformation object

complete information returned by the identity provider

userId string

ID of the user in ZITADEL if external user is linked

{
  "details": {
    "sequence": "2",
    "changeDate": "2024-05-10T13:32:02.647Z",
    "resourceOwner": "69629023906488334"
  },
  "idpInformation": {
    "oauth": {
      "accessToken": "string",
      "idToken": "string"
    },
    "ldap": {
      "attributes": {}
    },
    "saml": {
      "assertion": "string"
    },
    "idpId": "d654e6ba-70a3-48ef-a95d-37c8d8a7901a",
    "userId": "6516849804890468048461403518",
    "userName": "user@external.com",
    "rawInformation": {}
  },
  "userId": "163840776835432345"
}

Schema

Example (from schema)

---

Schema

details object
sequence uint64
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
resourceOwner resource_owner is the organization or instance_id an object belongs to
idpInformation object

oauth object

OAuth/OIDC access (and id_token) returned by the identity provider

accessToken string

idToken string

ldap object

LDAP entity attributes returned by the identity provider

attributes object

saml object

SAMLResponse returned by the identity provider

assertion byte

idpId string

ID of the identity provider

userId string

ID of the user of the identity provider

userName string

username of the user of the identity provider

rawInformation object

complete information returned by the identity provider

userId string

ID of the user in ZITADEL if external user is linked

{
  "details": {
    "sequence": "2",
    "changeDate": "2024-05-10T13:32:02.648Z",
    "resourceOwner": "69629023906488334"
  },
  "idpInformation": {
    "oauth": {
      "accessToken": "string",
      "idToken": "string"
    },
    "ldap": {
      "attributes": {}
    },
    "saml": {
      "assertion": "string"
    },
    "idpId": "d654e6ba-70a3-48ef-a95d-37c8d8a7901a",
    "userId": "6516849804890468048461403518",
    "userName": "user@external.com",
    "rawInformation": {}
  },
  "userId": "163840776835432345"
}

Schema

Example (from schema)

---

Schema

details object
sequence uint64
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
resourceOwner resource_owner is the organization or instance_id an object belongs to
idpInformation object

oauth object

OAuth/OIDC access (and id_token) returned by the identity provider

accessToken string

idToken string

ldap object

LDAP entity attributes returned by the identity provider

attributes object

saml object

SAMLResponse returned by the identity provider

assertion byte

idpId string

ID of the identity provider

userId string

ID of the user of the identity provider

userName string

username of the user of the identity provider

rawInformation object

complete information returned by the identity provider

userId string

ID of the user in ZITADEL if external user is linked

{
  "details": {
    "sequence": "2",
    "changeDate": "2024-05-10T13:32:02.648Z",
    "resourceOwner": "69629023906488334"
  },
  "idpInformation": {
    "oauth": {
      "accessToken": "string",
      "idToken": "string"
    },
    "ldap": {
      "attributes": {}
    },
    "saml": {
      "assertion": "string"
    },
    "idpId": "d654e6ba-70a3-48ef-a95d-37c8d8a7901a",
    "userId": "6516849804890468048461403518",
    "userName": "user@external.com",
    "rawInformation": {}
  },
  "userId": "163840776835432345"
}

Returned when the user does not have permission to access the resource.

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Returned when the resource does not exist.

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

An unexpected error response.

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

POST /v2beta/idp_intents/:idpIntentId

Authorization

name: OAuth2type: oauth2scopes: openid,urn:zitadel:iam:org:project:id:zitadel:audflows: {
  "authorizationCode": {
    "authorizationUrl": "$CUSTOM-DOMAIN/oauth/v2/authorize",
    "tokenUrl": "$CUSTOM-DOMAIN/oauth/v2/token",
    "scopes": {
      "openid": "openid",
      "urn:zitadel:iam:org:project:id:zitadel:aud": "urn:zitadel:iam:org:project:id:zitadel:aud"
    }
  }
}

Request

Base URL

https://$CUSTOM-DOMAIN

Bearer Token

idpIntentId — path required

Content-Type

application/jsonapplication/grpcapplication/grpc-web+proto

Body required

{
  "idpIntentToken": "SJKL3ioIDpo342ioqw98fjp3sdf32wahb="
}

Accept

application/jsonapplication/grpcapplication/grpc-web+proto

curl / cURL

curl -L -X POST 'https://$CUSTOM-DOMAIN/v2beta/idp_intents/:idpIntentId' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "idpIntentToken": "SJKL3ioIDpo342ioqw98fjp3sdf32wahb="
}'

python / requests

curl -L -X POST 'https://$CUSTOM-DOMAIN/v2beta/idp_intents/:idpIntentId' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "idpIntentToken": "SJKL3ioIDpo342ioqw98fjp3sdf32wahb="
}'

go / native

curl -L -X POST 'https://$CUSTOM-DOMAIN/v2beta/idp_intents/:idpIntentId' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "idpIntentToken": "SJKL3ioIDpo342ioqw98fjp3sdf32wahb="
}'

nodejs / axios

curl -L -X POST 'https://$CUSTOM-DOMAIN/v2beta/idp_intents/:idpIntentId' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "idpIntentToken": "SJKL3ioIDpo342ioqw98fjp3sdf32wahb="
}'

ruby / Net::HTTP

curl -L -X POST 'https://$CUSTOM-DOMAIN/v2beta/idp_intents/:idpIntentId' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "idpIntentToken": "SJKL3ioIDpo342ioqw98fjp3sdf32wahb="
}'

csharp / RestSharp

curl -L -X POST 'https://$CUSTOM-DOMAIN/v2beta/idp_intents/:idpIntentId' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "idpIntentToken": "SJKL3ioIDpo342ioqw98fjp3sdf32wahb="
}'

php / cURL

curl -L -X POST 'https://$CUSTOM-DOMAIN/v2beta/idp_intents/:idpIntentId' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "idpIntentToken": "SJKL3ioIDpo342ioqw98fjp3sdf32wahb="
}'

java / OkHttp

curl -L -X POST 'https://$CUSTOM-DOMAIN/v2beta/idp_intents/:idpIntentId' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "idpIntentToken": "SJKL3ioIDpo342ioqw98fjp3sdf32wahb="
}'

powershell / RestMethod

curl -L -X POST 'https://$CUSTOM-DOMAIN/v2beta/idp_intents/:idpIntentId' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "idpIntentToken": "SJKL3ioIDpo342ioqw98fjp3sdf32wahb="
}'