Maximilian

can this be tested again?

@livio-a @hifabienne This is still an issue as it seems. I've disabled username/password on the org policy, also removed passwordless auth on the user (was not considered username/password), disabled passwordless...

> * user (only password set, no idp) is presented password check screen although org login policy does not allow password logins Discussion with @hifabienne Given there's a local user...

I just had a very similar discussion. Here some thoughts that fit nicely with the requirements for this issue. What is lacking is a simple overview of all applications that...

> Hi, I've opened a new discussion to decide how do you want the UI to be for this feature: #5584 > > Waiting for your feedback to continue with...

This feature would also make sense for Zitadel Cloud, especially the customer portal. Logins are not that frequent and that would provide a backup method. In terms of UX, I...

@hifabienne I've created another Epic for the customer portal. Do you want to remove the related sub-issues from this Epic?

Use case from a conversation: Delete user per SCIM is important when offering a "per-seat" pricing of a SaaS application. When a customer deletes/offboards an account the user should also...

We've opened now a summary issue to track ZITADEL's progress to a PCI DSS compliant IdP: https://github.com/zitadel/zitadel/issues/8716 Feel free to add any points we might be missing.

The standards also state a **customized approach requirement**: A previously used password cannot be used to gain access to an account for at least 12 months