Zitadel

Zitadel Management API

The Zitadel Management API provides administrative operations for managing users, organizations, projects, applications, roles, policies, and identity providers within a Zitadel instance. Accessible via REST at /management/v1/ and via gRPC. Supports comprehensive CRUD operations for all identity management resources.

Documentation GitHub OpenAPI

Documentation

https://zitadel.com/docs/reference/api/management

Specifications

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/openapi/zitadel-management-openapi.yml

SDKs

GitHubRepository

https://github.com/zitadel/zitadel

Examples

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/examples/zitadel-management-list-users-example.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/examples/zitadel-management-create-human-user-example.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/examples/zitadel-management-create-organization-example.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/examples/zitadel-management-create-project-example.json

Schemas & Data

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-schema/zitadel-management-user-schema.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-schema/zitadel-management-human-user-schema.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-schema/zitadel-management-machine-user-schema.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-schema/zitadel-management-organization-schema.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-schema/zitadel-management-project-schema.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-schema/zitadel-management-application-schema.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-schema/zitadel-management-object-details-schema.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-structure/zitadel-management-user-structure.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-structure/zitadel-management-human-user-structure.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-structure/zitadel-management-machine-user-structure.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-structure/zitadel-management-organization-structure.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-structure/zitadel-management-project-structure.json

https://raw.githubusercontent.com/api-evangelist/zitadel/refs/heads/main/json-structure/zitadel-management-application-structure.json

OpenAPI Specification

openapi: 3.1.0
info:
  title: Zitadel Management API
  description: >-
    The Zitadel Management API provides comprehensive identity infrastructure management
    including users, organizations, projects, applications, roles, policies, and identity
    providers. Accessible via REST at /management/v1/ with gRPC transcoding support.
    Zitadel is an open source identity platform supporting OAuth 2.0, OIDC, SAML, SCIM,
    FIDO2, and passkeys.
  version: 1.0.0
  contact:
    name: Zitadel
    url: https://zitadel.com
  license:
    name: GNU AGPLv3
    url: https://github.com/zitadel/zitadel/blob/main/LICENSE
  termsOfService: https://zitadel.com/legal/terms-of-service
externalDocs:
  description: Zitadel API Reference
  url: https://zitadel.com/docs/apis/introduction
servers:
  - url: https://{instance}.zitadel.cloud
    description: Zitadel Cloud instance
    variables:
      instance:
        default: your-instance
        description: Your Zitadel cloud instance name
  - url: https://{custom-domain}
    description: Self-hosted Zitadel instance
    variables:
      custom-domain:
        default: localhost:8080
        description: Your self-hosted Zitadel domain
security:
  - bearerAuth: []
tags:
  - name: Users
    description: Manage human and machine users
  - name: Organizations
    description: Manage organizations and organizational domains
  - name: Projects
    description: Manage projects and project grants
  - name: Applications
    description: Manage OIDC, SAML, and API applications
  - name: Roles
    description: Manage project roles and role grants
  - name: Identity Providers
    description: Manage external identity provider configurations
  - name: Policies
    description: Manage login, password, and notification policies
paths:
  /management/v1/users/_search:
    post:
      operationId: listUsers
      summary: Zitadel List Users
      description: Search for users within the organization using filter criteria.
      tags:
        - Users
      requestBody:
        required: false
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ListUsersRequest'
      responses:
        '200':
          description: List of users matching the search criteria
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListUsersResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
  /management/v1/users/human/_create:
    post:
      operationId: createHumanUser
      summary: Zitadel Create Human User
      description: Create a new human user in the organization with profile, email, and optional password.
      tags:
        - Users
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateHumanUserRequest'
      responses:
        '200':
          description: Human user created successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CreateUserResponse'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /management/v1/users/machine/_create:
    post:
      operationId: createMachineUser
      summary: Zitadel Create Machine User
      description: Create a new machine (service account) user for programmatic access.
      tags:
        - Users
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateMachineUserRequest'
      responses:
        '200':
          description: Machine user created successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CreateUserResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /management/v1/users/{userId}:
    get:
      operationId: getUserById
      summary: Zitadel Get User by ID
      description: Retrieve a user's profile and metadata by their unique identifier.
      tags:
        - Users
      parameters:
        - $ref: '#/components/parameters/UserId'
      responses:
        '200':
          description: User details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserResponse'
        '404':
          $ref: '#/components/responses/NotFound'
    delete:
      operationId: removeUser
      summary: Zitadel Remove User
      description: Permanently delete a user from the organization.
      tags:
        - Users
      parameters:
        - $ref: '#/components/parameters/UserId'
      responses:
        '200':
          description: User removed successfully
        '404':
          $ref: '#/components/responses/NotFound'
  /management/v1/users/{userId}/deactivate:
    post:
      operationId: deactivateUser
      summary: Zitadel Deactivate User
      description: Deactivate a user account, preventing login while preserving data.
      tags:
        - Users
      parameters:
        - $ref: '#/components/parameters/UserId'
      responses:
        '200':
          description: User deactivated successfully
        '404':
          $ref: '#/components/responses/NotFound'
  /management/v1/users/{userId}/reactivate:
    post:
      operationId: reactivateUser
      summary: Zitadel Reactivate User
      description: Reactivate a previously deactivated user account.
      tags:
        - Users
      parameters:
        - $ref: '#/components/parameters/UserId'
      responses:
        '200':
          description: User reactivated successfully
        '404':
          $ref: '#/components/responses/NotFound'
  /management/v1/users/{userId}/lock:
    post:
      operationId: lockUser
      summary: Zitadel Lock User
      description: Lock a user account due to suspicious activity or policy violation.
      tags:
        - Users
      parameters:
        - $ref: '#/components/parameters/UserId'
      responses:
        '200':
          description: User locked successfully
  /management/v1/users/{userId}/unlock:
    post:
      operationId: unlockUser
      summary: Zitadel Unlock User
      description: Unlock a previously locked user account.
      tags:
        - Users
      parameters:
        - $ref: '#/components/parameters/UserId'
      responses:
        '200':
          description: User unlocked successfully
  /management/v1/users/{userId}/email:
    put:
      operationId: updateUserEmail
      summary: Zitadel Update User Email
      description: Update the email address for a user account.
      tags:
        - Users
      parameters:
        - $ref: '#/components/parameters/UserId'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                email:
                  type: string
                  format: email
                isEmailVerified:
                  type: boolean
      responses:
        '200':
          description: Email updated successfully
  /management/v1/users/{userId}/memberships/_search:
    post:
      operationId: listUserMemberships
      summary: Zitadel List User Memberships
      description: Retrieve all organization and project memberships for a user.
      tags:
        - Users
      parameters:
        - $ref: '#/components/parameters/UserId'
      responses:
        '200':
          description: List of user memberships
          content:
            application/json:
              schema:
                type: object
                properties:
                  result:
                    type: array
                    items:
                      $ref: '#/components/schemas/Membership'
  /management/v1/orgs/_search:
    post:
      operationId: listOrganizations
      summary: Zitadel List Organizations
      description: Search for organizations accessible to the caller.
      tags:
        - Organizations
      requestBody:
        required: false
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ListOrgsRequest'
      responses:
        '200':
          description: List of organizations
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListOrgsResponse'
  /management/v1/orgs:
    post:
      operationId: createOrganization
      summary: Zitadel Create Organization
      description: Create a new organization within the Zitadel instance.
      tags:
        - Organizations
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - name
              properties:
                name:
                  type: string
                  description: Name of the organization
      responses:
        '200':
          description: Organization created successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OrgResponse'
  /management/v1/orgs/me:
    get:
      operationId: getMyOrg
      summary: Zitadel Get My Organization
      description: Retrieve the organization associated with the caller's context.
      tags:
        - Organizations
      responses:
        '200':
          description: Organization details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OrgResponse'
  /management/v1/orgs/me/members/_search:
    post:
      operationId: listOrgMembers
      summary: Zitadel List Organization Members
      description: List all members of the organization with their roles.
      tags:
        - Organizations
      responses:
        '200':
          description: List of organization members
  /management/v1/orgs/me/members:
    post:
      operationId: addOrgMember
      summary: Zitadel Add Organization Member
      description: Add a user as a member of the organization with specified roles.
      tags:
        - Organizations
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                userId:
                  type: string
                roles:
                  type: array
                  items:
                    type: string
      responses:
        '200':
          description: Member added successfully
  /management/v1/projects:
    post:
      operationId: createProject
      summary: Zitadel Create Project
      description: Create a new project within the organization for grouping applications and roles.
      tags:
        - Projects
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateProjectRequest'
      responses:
        '200':
          description: Project created successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ProjectResponse'
  /management/v1/projects/_search:
    post:
      operationId: listProjects
      summary: Zitadel List Projects
      description: Search for projects within the organization.
      tags:
        - Projects
      responses:
        '200':
          description: List of projects
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListProjectsResponse'
  /management/v1/projects/{projectId}:
    get:
      operationId: getProjectById
      summary: Zitadel Get Project by ID
      description: Retrieve a project by its unique identifier.
      tags:
        - Projects
      parameters:
        - $ref: '#/components/parameters/ProjectId'
      responses:
        '200':
          description: Project details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ProjectResponse'
    put:
      operationId: updateProject
      summary: Zitadel Update Project
      description: Update project configuration and settings.
      tags:
        - Projects
      parameters:
        - $ref: '#/components/parameters/ProjectId'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateProjectRequest'
      responses:
        '200':
          description: Project updated successfully
    delete:
      operationId: removeProject
      summary: Zitadel Remove Project
      description: Permanently delete a project and all its applications and roles.
      tags:
        - Projects
      parameters:
        - $ref: '#/components/parameters/ProjectId'
      responses:
        '200':
          description: Project removed successfully
  /management/v1/projects/{projectId}/apps/oidc:
    post:
      operationId: createOidcApp
      summary: Zitadel Create OIDC Application
      description: Create a new OIDC application within a project.
      tags:
        - Applications
      parameters:
        - $ref: '#/components/parameters/ProjectId'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateOidcAppRequest'
      responses:
        '200':
          description: OIDC application created successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AppResponse'
  /management/v1/projects/{projectId}/apps/api:
    post:
      operationId: createApiApp
      summary: Zitadel Create API Application
      description: Create a new API application (machine-to-machine) within a project.
      tags:
        - Applications
      parameters:
        - $ref: '#/components/parameters/ProjectId'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateApiAppRequest'
      responses:
        '200':
          description: API application created successfully
  /management/v1/projects/{projectId}/apps/_search:
    post:
      operationId: listApps
      summary: Zitadel List Applications
      description: List all applications within a project.
      tags:
        - Applications
      parameters:
        - $ref: '#/components/parameters/ProjectId'
      responses:
        '200':
          description: List of applications
  /management/v1/projects/{projectId}/apps/{appId}:
    get:
      operationId: getAppById
      summary: Zitadel Get Application by ID
      description: Retrieve a specific application configuration.
      tags:
        - Applications
      parameters:
        - $ref: '#/components/parameters/ProjectId'
        - $ref: '#/components/parameters/AppId'
      responses:
        '200':
          description: Application details
    delete:
      operationId: removeApp
      summary: Zitadel Remove Application
      description: Delete an application from a project.
      tags:
        - Applications
      parameters:
        - $ref: '#/components/parameters/ProjectId'
        - $ref: '#/components/parameters/AppId'
      responses:
        '200':
          description: Application removed successfully
  /management/v1/projects/{projectId}/roles:
    post:
      operationId: createProjectRole
      summary: Zitadel Create Project Role
      description: Create a new role within a project for access control.
      tags:
        - Roles
      parameters:
        - $ref: '#/components/parameters/ProjectId'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - roleKey
                - displayName
              properties:
                roleKey:
                  type: string
                displayName:
                  type: string
                group:
                  type: string
      responses:
        '200':
          description: Role created successfully
  /management/v1/projects/{projectId}/roles/_search:
    post:
      operationId: listProjectRoles
      summary: Zitadel List Project Roles
      description: List all roles defined in a project.
      tags:
        - Roles
      parameters:
        - $ref: '#/components/parameters/ProjectId'
      responses:
        '200':
          description: List of project roles
  /management/v1/idps/_search:
    post:
      operationId: listIdps
      summary: Zitadel List Identity Providers
      description: List all configured external identity providers for the organization.
      tags:
        - Identity Providers
      responses:
        '200':
          description: List of identity providers
  /management/v1/policies/login:
    get:
      operationId: getLoginPolicy
      summary: Zitadel Get Login Policy
      description: Retrieve the login policy configuration for the organization.
      tags:
        - Policies
      responses:
        '200':
          description: Login policy details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LoginPolicy'
    put:
      operationId: updateLoginPolicy
      summary: Zitadel Update Login Policy
      description: Update the login policy to configure allowed authentication methods.
      tags:
        - Policies
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LoginPolicy'
      responses:
        '200':
          description: Login policy updated successfully
  /management/v1/policies/passwords/lockout:
    get:
      operationId: getPasswordLockoutPolicy
      summary: Zitadel Get Password Lockout Policy
      description: Retrieve the password lockout policy for the organization.
      tags:
        - Policies
      responses:
        '200':
          description: Password lockout policy details
components:
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
  parameters:
    UserId:
      name: userId
      in: path
      required: true
      description: Unique identifier of the user
      schema:
        type: string
    ProjectId:
      name: projectId
      in: path
      required: true
      description: Unique identifier of the project
      schema:
        type: string
    AppId:
      name: appId
      in: path
      required: true
      description: Unique identifier of the application
      schema:
        type: string
  responses:
    BadRequest:
      description: Bad request - invalid input parameters
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    Unauthorized:
      description: Unauthorized - missing or invalid authentication token
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    Forbidden:
      description: Forbidden - insufficient permissions
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    NotFound:
      description: Resource not found
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  schemas:
    Error:
      type: object
      properties:
        code:
          type: integer
        message:
          type: string
        details:
          type: array
          items:
            type: object
    User:
      type: object
      properties:
        id:
          type: string
          description: Unique identifier of the user
        state:
          type: string
          enum:
            - UNSPECIFIED
            - ACTIVE
            - INACTIVE
            - LOCKED
            - DELETED
            - INITIAL
        userName:
          type: string
        loginNames:
          type: array
          items:
            type: string
        preferredLoginName:
          type: string
        human:
          $ref: '#/components/schemas/HumanUser'
        machine:
          $ref: '#/components/schemas/MachineUser'
    HumanUser:
      type: object
      properties:
        profile:
          $ref: '#/components/schemas/HumanProfile'
        email:
          $ref: '#/components/schemas/HumanEmail'
        phone:
          $ref: '#/components/schemas/HumanPhone'
        passwordChangeRequired:
          type: boolean
        passwordChanged:
          type: string
          format: date-time
    HumanProfile:
      type: object
      properties:
        firstName:
          type: string
        lastName:
          type: string
        nickName:
          type: string
        displayName:
          type: string
        preferredLanguage:
          type: string
        gender:
          type: string
          enum:
            - UNSPECIFIED
            - FEMALE
            - MALE
            - DIVERSE
        avatarUrl:
          type: string
    HumanEmail:
      type: object
      properties:
        email:
          type: string
          format: email
        isEmailVerified:
          type: boolean
    HumanPhone:
      type: object
      properties:
        phone:
          type: string
        isPhoneVerified:
          type: boolean
    MachineUser:
      type: object
      properties:
        name:
          type: string
        description:
          type: string
        accessTokenType:
          type: string
    CreateHumanUserRequest:
      type: object
      required:
        - userName
      properties:
        userName:
          type: string
        profile:
          $ref: '#/components/schemas/HumanProfile'
        email:
          $ref: '#/components/schemas/HumanEmail'
        phone:
          $ref: '#/components/schemas/HumanPhone'
        password:
          type: string
        passwordChangeRequired:
          type: boolean
    CreateMachineUserRequest:
      type: object
      required:
        - userName
        - name
      properties:
        userName:
          type: string
        name:
          type: string
        description:
          type: string
        accessTokenType:
          type: string
    CreateUserResponse:
      type: object
      properties:
        userId:
          type: string
        details:
          $ref: '#/components/schemas/ObjectDetails'
    ListUsersRequest:
      type: object
      properties:
        query:
          $ref: '#/components/schemas/ListQuery'
        queries:
          type: array
          items:
            type: object
            properties:
              userNameQuery:
                type: object
                properties:
                  userName:
                    type: string
                  method:
                    type: string
              emailQuery:
                type: object
                properties:
                  emailAddress:
                    type: string
    ListUsersResponse:
      type: object
      properties:
        details:
          $ref: '#/components/schemas/ListDetails'
        result:
          type: array
          items:
            $ref: '#/components/schemas/User'
    UserResponse:
      type: object
      properties:
        user:
          $ref: '#/components/schemas/User'
    Organization:
      type: object
      properties:
        id:
          type: string
        details:
          $ref: '#/components/schemas/ObjectDetails'
        state:
          type: string
          enum:
            - ACTIVE
            - INACTIVE
        name:
          type: string
        primaryDomain:
          type: string
    OrgResponse:
      type: object
      properties:
        org:
          $ref: '#/components/schemas/Organization'
    ListOrgsRequest:
      type: object
      properties:
        query:
          $ref: '#/components/schemas/ListQuery'
        queries:
          type: array
          items:
            type: object
    ListOrgsResponse:
      type: object
      properties:
        details:
          $ref: '#/components/schemas/ListDetails'
        result:
          type: array
          items:
            $ref: '#/components/schemas/Organization'
    Project:
      type: object
      properties:
        id:
          type: string
        details:
          $ref: '#/components/schemas/ObjectDetails'
        name:
          type: string
        state:
          type: string
          enum:
            - ACTIVE
            - INACTIVE
        projectRoleAssertion:
          type: boolean
        projectRoleCheck:
          type: boolean
        hasProjectCheck:
          type: boolean
        privateLabelingSetting:
          type: string
    CreateProjectRequest:
      type: object
      required:
        - name
      properties:
        name:
          type: string
        projectRoleAssertion:
          type: boolean
        projectRoleCheck:
          type: boolean
        hasProjectCheck:
          type: boolean
    ProjectResponse:
      type: object
      properties:
        project:
          $ref: '#/components/schemas/Project'
    ListProjectsResponse:
      type: object
      properties:
        details:
          $ref: '#/components/schemas/ListDetails'
        result:
          type: array
          items:
            $ref: '#/components/schemas/Project'
    Application:
      type: object
      properties:
        id:
          type: string
        details:
          $ref: '#/components/schemas/ObjectDetails'
        name:
          type: string
        state:
          type: string
    CreateOidcAppRequest:
      type: object
      required:
        - name
        - redirectUris
        - responseTypes
        - grantTypes
      properties:
        name:
          type: string
        redirectUris:
          type: array
          items:
            type: string
        responseTypes:
          type: array
          items:
            type: string
        grantTypes:
          type: array
          items:
            type: string
        appType:
          type: string
        authMethodType:
          type: string
        postLogoutRedirectUris:
          type: array
          items:
            type: string
        devMode:
          type: boolean
        accessTokenType:
          type: string
        idTokenRoleAssertion:
          type: boolean
        idTokenUserinfoAssertion:
          type: boolean
    CreateApiAppRequest:
      type: object
      required:
        - name
      properties:
        name:
          type: string
        authMethodType:
          type: string
    AppResponse:
      type: object
      properties:
        appId:
          type: string
        details:
          $ref: '#/components/schemas/ObjectDetails'
        clientId:
          type: string
        clientSecret:
          type: string
    Membership:
      type: object
      properties:
        userId:
          type: string
        displayName:
          type: string
        roles:
          type: array
          items:
            type: string
        creationDate:
          type: string
          format: date-time
    LoginPolicy:
      type: object
      properties:
        allowUsernamePassword:
          type: boolean
        allowRegister:
          type: boolean
        allowExternalIdp:
          type: boolean
        forceMfa:
          type: boolean
        passwordlessType:
          type: string
        hidePasswordReset:
          type: boolean
        ignoreUnknownUsernames:
          type: boolean
        defaultRedirectUri:
          type: string
        passwordCheckLifetime:
          type: string
        externalLoginCheckLifetime:
          type: string
        mfaInitSkipLifetime:
          type: string
        secondFactorCheckLifetime:
          type: string
        multiFactorCheckLifetime:
          type: string
    ObjectDetails:
      type: object
      properties:
        sequence:
          type: string
        creationDate:
          type: string
          format: date-time
        changeDate:
          type: string
          format: date-time
        resourceOwner:
          type: string
    ListDetails:
      type: object
      properties:
        totalResult:
          type: string
        processedSequence:
          type: string
        timestamp:
          type: string
          format: date-time
    ListQuery:
      type: object
      properties:
        offset:
          type: string
        limit:
          type: integer
        asc:
          type: boolean