Set a Domain Settings for an Organization

POST 
https://$CUSTOM-DOMAIN/admin/v1/orgs/:orgId/policies/domain

Create the domain settings configured on a specific organization. It will overwrite the settings specified on the instance. Domain settings specify how ZITADEL should handle domains, in regards to usernames, emails and validation.

Request

Path Parameters

orgId stringrequired

application/json

Body

required

userLoginMustBeDomain the username has to end with the domain of its organization (uniqueness is organization based) (boolean)

the username has to end with the domain of its organization

validateOrgDomains boolean

defines if organization domains should be validated org count as validated automatically

smtpSenderAddressMatchesInstanceDomain boolean

defines if the SMTP sender address domain should match an existing domain on the instance

application/grpc

Body

required

userLoginMustBeDomain the username has to end with the domain of its organization (uniqueness is organization based) (boolean)

the username has to end with the domain of its organization

validateOrgDomains boolean

defines if organization domains should be validated org count as validated automatically

smtpSenderAddressMatchesInstanceDomain boolean

defines if the SMTP sender address domain should match an existing domain on the instance

application/grpc-web+proto

Body

required

userLoginMustBeDomain the username has to end with the domain of its organization (uniqueness is organization based) (boolean)

the username has to end with the domain of its organization

validateOrgDomains boolean

defines if organization domains should be validated org count as validated automatically

smtpSenderAddressMatchesInstanceDomain boolean

defines if the SMTP sender address domain should match an existing domain on the instance

Responses

200

domain policy created

application/json

Schema

Schema

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

Example (from schema)

{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-25T15:37:48.497Z",
    "changeDate": "2025-03-25T15:37:48.497Z",
    "resourceOwner": "69629023906488334"
  }
}

application/grpc

Schema

Schema

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

Example (from schema)

{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-25T15:37:48.497Z",
    "changeDate": "2025-03-25T15:37:48.497Z",
    "resourceOwner": "69629023906488334"
  }
}

application/grpc-web+proto

Schema

Schema

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

Example (from schema)

{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-25T15:37:48.497Z",
    "changeDate": "2025-03-25T15:37:48.497Z",
    "resourceOwner": "69629023906488334"
  }
}

403

Returned when the user does not have permission to access the resource.

application/json

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc-web+proto

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

404

Returned when the resource does not exist.

application/json

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc-web+proto

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

default

An unexpected error response.

application/json

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc-web+proto

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

• curl
• python
• go
• nodejs
• ruby
• csharp
• php
• java
• powershell

• CURL

curl -L 'https://$CUSTOM-DOMAIN/admin/v1/orgs/:orgId/policies/domain' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
-d '{
  "userLoginMustBeDomain": true,
  "validateOrgDomains": true,
  "smtpSenderAddressMatchesInstanceDomain": true
}'

Request Collapse all

Base URL

https://$CUSTOM-DOMAIN/admin/v1

Auth

Bearer Token

Parameters

orgId — pathrequired

Body required

Content-Type

application/jsonapplication/grpcapplication/grpc-web+proto

{
  "userLoginMustBeDomain": true,
  "validateOrgDomains": true,
  "smtpSenderAddressMatchesInstanceDomain": true
}

ResponseClear

Click the Send API Request button above and see the response here!