chore: add IdentityProvider API types for v1alpha1 #464
+367
−3
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add IdentityProvider, IdentityProviderList, and IdentityProviderStatus types to the identity.miloapis.com/v1alpha1 API group. These types enable read-only exposure of user identity provider links through aggregated API servers. The IdentityProvider resource includes: - Provider ID and name (e.g., GitHub, Google) - Associated IdP username - User UID for ownership tracking Generated deepcopy and OpenAPI definitions are included.
Contributor
OscarLlamas6
pushed a commit
to datum-cloud/auth-provider-zitadel
that referenced
this pull request
Dec 24, 2025
Implement a new read-only API endpoint at identity.miloapis.com/v1alpha1 that exposes identity provider links for authenticated users. This endpoint allows UI clients to display which external identity providers (GitHub, Google, etc.) are linked to a user's account along with their IdP usernames. Changes include: - Add ListIDPLinks method to Zitadel API interface - Implement ListIDPLinks in SDK client using UserServiceV2 - Create REST storage for identityproviders resource - Register identityproviders endpoint in API server - Update API server title to "Milo Identity API" The endpoint is read-only, self-scoping (users only see their own providers), and does not expose sensitive credentials. Depends on: datum-cloud/milo#464
Contributor
Author
|
Needed for datum-cloud/auth-provider-zitadel#59 |
scotwells
requested changes
Dec 24, 2025
Contributor
There was a problem hiding this comment.
We should add some documentation types to explain what they are and how they're supposed to be used.
At first glance this appears to be for a user's identities? If so the term IdentityProvider is a little confusing because it sounds like a type that represents the actual identity provider (e.g. Google, GitHub, etc) and not the user's identity within that provider. Maybe, UserIdentity would be more appropriate for a user scoped identity resource?
JoseSzycho
requested changes
Dec 24, 2025
Contributor
JoseSzycho
left a comment
JoseSzycho
left a comment
There was a problem hiding this comment.
We should update the iam-user-self-manage role and include the corresponding permissions.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add IdentityProvider, IdentityProviderList, and IdentityProviderStatus types to the identity.miloapis.com/v1alpha1 API group. These types enable read-only exposure of user identity provider links through aggregated API servers.
The IdentityProvider resource includes:
Generated deepcopy and OpenAPI definitions are included.