Actions42
- addHumanUser
- getUserByID
- listUsers
- setEmail
- resendEmailCode
- verifyEmail
- setPhone
- removePhone
- resendPhoneCode
- verifyPhone
- updateHumanUser
- deactivateUser
- reactivateUser
- lockUser
- unlockUser
- deleteUser
- registerPasskey
- verifyPasskeyRegistration
- createPasskeyRegistrationLink
- listPasskeys
- removePasskey
- registerU2F
- verifyU2FRegistration
- removeU2F
- registerTOTP
- verifyTOTPRegistration
- removeTOTP
- addOTPSMS
- removeOTPSMS
- addOTPEmail
- removeOTPEmail
- startIdentityProviderIntent
- retrieveIdentityProviderIntent
- addIDPLink
- listIDPLinks
- removeIDPLink
- passwordReset
- setPassword
- listAuthenticationMethodTypes
- createInviteCode
- resendInviteCode
- verifyInviteCode
Overview
This node provides an interface to interact with the Zitadel API, a platform for identity and access management. It supports multiple services such as UserService, OrganizationService, AuthService, ManagementService, AdminService, ZITADELActions, and UserSchemaService. The node allows performing various operations on these services.
Specifically, the lockUser operation under the "Default" resource enables locking a user account via the selected service. This is useful in scenarios where you want to temporarily disable a user's access, for example, after suspicious activity or policy violations.
Practical examples:
- Locking a user account in the UserService when an admin detects unauthorized access attempts.
- Locking a user through the ManagementService as part of automated security workflows.
Properties
| Name | Meaning |
|---|---|
| Service | Selects which Zitadel service to use. Options: UserService, OrganizationService, AuthService, ManagementService, AdminService, ZITADELActions, UserSchemaService. Default is UserService. |
| userId | (Required if Service = UserService) The identifier of the user to lock. |
| id | (Required if Service = ManagementService) The identifier of the user to lock. |
Note: The properties userId and id are mutually exclusive depending on the chosen service. For UserService, use userId; for ManagementService, use id.
Output
The node outputs a JSON object representing the response from the Zitadel API for the invoked operation. The exact structure depends on the service and operation but generally contains details about the locked user or confirmation of the lock action.
No binary data output is produced by this node.
Example output snippet (conceptual):
{
"userId": "12345",
"locked": true,
"lockReason": "Admin initiated lock"
}
Dependencies
- Requires an API authentication token (Personal Access Token) for Zitadel, provided via node credentials.
- Uses gRPC clients generated for Zitadel services.
- The node internally uses the
nice-grpclibrary to communicate with Zitadel's gRPC endpoints. - Endpoint URL is fixed to
https://zitadel.studentcouncil.dk.
Troubleshooting
- Missing or invalid API token: The node requires a valid Personal Access Token credential. Ensure the token is set up correctly in n8n credentials.
- Incorrect service-operation combination: Selecting an operation not supported by the chosen service will result in no action or empty output.
- Invalid user ID: Providing an incorrect or non-existent user ID (
userIdorid) will cause the API call to fail. Verify the user identifiers before running. - JSON parsing errors: Input parameters that expect JSON may throw errors if malformed. Make sure JSON inputs are well-formed.
- Network issues: Since communication is over gRPC to a fixed endpoint, network connectivity problems can cause failures.
Links and References
This summary is based solely on static analysis of the provided source code and property definitions.