Code examples
Actions are a powerful tool to extend ZITADEL and you might wonder what use cases actions can be used for.
This page provides a non-exhaustive list of possibilities which is provided by examples. If a use case is missing feel free to contribute an issue or pull request to the repository, thanks in advance 🤗.
Customize OIDC response​
Append claims returned on OIDC requests.
Triggers​
- Complement token
Set hardcoded claim​
Extend the claims by a hardcoded value.
Code example
https://github.com/zitadel/actions/blob/main/examples/add_claim.js
Set dynamic claim from user metadata​
Extend the claims by dynamically read metadata from a user and sets the picture-claim if idpPicture-metadata value is present.
Code example
https://github.com/zitadel/actions/blob/main/examples/add_picture_claim_from_idp_metadata.js
Set dynamic claim from organization metadata​
Extend the claims by dynamically read metadata from an organization and sets the present metadata.
Code example
https://github.com/zitadel/actions/blob/main/examples/org_metadata_claim.js
Custom role mapping in claims​
Some products require specific role mapping from ZITADEL, no worries we got you covered 😉
Code example
https://github.com/zitadel/actions/blob/main/examples/custom_roles.js
Custom role mapping including org metadata in claims​
There's even a possibility to use the metadata of organizations the user is granted to
Code example
https://github.com/zitadel/actions/blob/main/examples/custom_roles_org_metadata.js
Customize SAML response​
Append attributes returned on SAML requests.
Triggers​
- Complement SAMLResponse
Custom role mapping in attributes​
Some products require specific role mapping from ZITADEL, no worries we got you covered 😉
Code example
https://github.com/zitadel/actions/blob/main/examples/set_custom_attribute.js
Set dynamic attribute from organization metadata​
Extend the attributes by dynamically read metadata from an organization and sets the present metadata.
Code example
https://github.com/zitadel/actions/blob/main/examples/org_metadata_attribute.js
Manipulate user​
You can automate manual tasks like setting default grants during user creation.
Set email always verified​
Useful if you trust the provided information or don't want the users to verify their e-mail addresses.
Triggers​
- Internal Authentication
- External Authentication
Code example
https://github.com/zitadel/actions/blob/main/examples/verify_email.js
Add grants to users​
Allows you to add default user grants to a user after it was created or federated.
Triggers​
- Internal Authentication
- External Authentication
Code example
https://github.com/zitadel/actions/blob/main/examples/add_user_grant.js
Add metadata to users​
Adding metadata to users allows you to set default metadata on users.
Triggers​
- Internal Authentication
- External Authentication
Code example
https://github.com/zitadel/actions/blob/main/examples/add_metadata.js
Use provided fields of identity providers​
If you want to ensure that the data of a user are always update you can automatically update user fields during authentication and safe time of your customers and your team. 🤯
Trigger​
- External Authentication
Fields provided by Okta as OIDC IdP​
If you use Okta as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/okta_identity_provider.js
Fields provided by Gitlab​
If you use Gitlab as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/gitlab_identity_provider.js
Fields provided by Github​
If you use Github as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/github_identity_provider.js
Claims provided by a generic OIDC identity provider​
If you use a generic OIDC identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/set_idp_picture_metadata.js
Attributes provided by Okta as SAML IDP​
If you use Okta as an identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/okta_saml_prefil_register_form.js
Attributes provided by Microsoft Entra as SAML IDP​
If you use Microsoft Entra as SAML identity provider you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/entra_id_saml_prefil_register_form.js
Attributes provided by a generic SAML identity provider​
If you use a SAML identity provider like mocksaml you can improve the onboarding experience of new users by prefilling some basic information during authentication.
Code example
https://github.com/zitadel/actions/blob/main/examples/post_auth_saml.js
Context aware execution​
Based on the context the execution path of an action can change. ZITADEL allows complex execution paths of course. 😎
Based on auth request information​
Execution paths might change based on the application initiating the authentication.
Triggers​
- Internal Authentication
- External Authentication
Code example
https://github.com/zitadel/actions/blob/main/examples/execute_action_on_specific_app.js
This example uses zitadel's log module
Check authentication error​
Your action can also check for errors during the login process.
Triggers​
- Internal Authentication
- External Authentication
Code example
https://github.com/zitadel/actions/blob/main/examples/post_auth_log.js
This example uses zitadel's log module
Throw an error​
Allows you to limit the user interaction. The error thrown will be shown to the user if the action is not allowed to fail.
Code example
https://github.com/zitadel/actions/blob/main/examples/throw_error.js