[Question]: Why does the login UI need to be aware of each kind of external IdP?

[joshdcu]

Hi team, I understand this Typescript login UI is the new login UI and is intended to replace the current login UI within Zitadel Core.

I expect that the Typescript login UI has to follow a similar approach to the one recommended for developing a custom login UI. When the custom login UI integrates with an external IdP, it simply needs to start the provider flow and Zitadel handles the user authentication to the external IdP. In other words, the custom login UI does not need to be aware of the specifics of the external IdP (Google, GitHub, LDAP, SAML, etc.).

However, I see in the feature list, support for each external IdP is specifically mentioned with support for some external IdP's still under progress.

Why does the Typescript login UI need to be aware of and support each external IdP when this external IdP integration/authentication is abstracted away by Zitadel?

[peintnermax]

Hi @joshdcu,

You are right with being Zitadel Core to be handling the flow. We've recently changed this by extending the API of the IDP Intent to contain the mapped user information fields.
The limiting factor atm is only rendering the IDP Buttons https://github.com/zitadel/typescript/blob/main/apps/login/src/components/sign-in-with-idp.tsx
This can and will be extended to support unknown IDP configurations by falling back to the SignInWithGeneric component soon.

[joshdcu]

Thank you for the clarification, @peintnermax! I appreciate it 👍