GeneralBots/generalbots
2
1
Fork 0
Code Activity Actions 4

fix: Use management v1 API for Zitadel user search (PAT token compat)
Some checks failed
Botlib CI / build (push) Successful in 3s
Details
BotServer CI / build (push) Failing after 5m17s
Details
Bottest CI / build (push) Successful in 36s
Details
BotUI CI / build (push) Successful in 16s
Details

Browse source 
The v2 user search API rejects PAT tokens (returns Token.Invalid).
The management v1 API accepts PAT tokens correctly.
Also adds fallback for user ID field (id vs userId) in login response.
This commit is contained in:
Rodrigo Rodriguez 2026-04-23 22:40:38 +00:00 committed by Rodrigo Rodriguez (Pragmatismo)
parent 929de40eac
commit b1f537a433
2 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
botserver/src/directory/auth_routes.rs
View file

@ -174,7 +174,7 @@ pub async fn login(
admin_token
};
let search_url = format!("{}/v2/users", client.api_url());
let search_url = format!("{}/management/v1/users/_search", client.api_url());
let search_body = serde_json::json!({
"queries": [{
"emailQuery": {
@ -228,7 +228,7 @@ pub async fn login(
.get("result")
.and_then(|r| r.as_array())
.and_then(|arr| arr.first())
.and_then(|u| u.get("userId"))
.and_then(|u| u.get("id").or_else(|| u.get("userId")))
.and_then(|v| v.as_str())
.map(String::from);

7
botserver/src/directory/client.rs
View file

@ -257,14 +257,15 @@ impl ZitadelClient {
pub async fn list_users(&self, limit: u32, offset: u32) -> Result<Vec<serde_json::Value>> {
let token = self.get_access_token().await?;
let url = format!(
"{}/v2/users?limit={}&offset={}",
"{}/management/v1/users/_search?limit={}&offset={}",
self.config.api_url, limit, offset
);
let response = self
.http_client
.get(&url)
.post(&url)
.bearer_auth(&token)
.json(&serde_json::json!({}))
.send()
.await
.map_err(|e| anyhow!("Failed to list users: {}", e))?;
@ -290,7 +291,7 @@ impl ZitadelClient {
pub async fn search_users(&self, query: &str) -> Result<Vec<serde_json::Value>> {
let token = self.get_access_token().await?;
let url = format!("{}/v2/users/_search", self.config.api_url);
let url = format!("{}/management/v1/users/_search", self.config.api_url);
let body = serde_json::json!({
"queries": [{