Skip to main content

ZITADEL Account Lockout Policy

Last updated on June 25, 2025

This policy is an annex to the Terms of Service and outlines your responsibilities, as well as our procedures, for handling situations where you are unable to access your ZITADEL Cloud services or data.

It applies specifically to cases where ZITADEL must restore your access to services that are otherwise operational, and does not cover service outages or unavailability.

Why do we have this policy?​

Users may lose access to ZITADEL services due to lost credentials or misconfiguration.

In some cases, it may not be possible to recover access through self-service options—for example, losing access to 2FA credentials or being unable to reverse a misconfiguration. These situations may require support from our team to help you regain access to your data.

To assist with such requests, we will require specific information and may request additional details throughout the process.

ZITADEL reserves the right to decline any access recovery request without providing a reason if the required information cannot be verified or provided.

Scope of This Policy​

This policy applies to the following situations:

  • Loss of access to your ZITADEL Cloud Admin Account (customer portal)
  • Inability to access Instance Manager accounts for a specific instance
  • Need to undo configuration changes that caused a lockout (e.g., a misconfigured Action)

Out of Scope​

The following types of access recovery requests are not covered by this policy:

  • Situations where you can request access from another Admin or Instance Manager
  • Requests made by end-users who should instead contact their Admin or Manager
  • Issues related to self-hosted ZITADEL instances
  • Free accounts/Instances

Process​

Before submitting a request to restore access to your account, please ensure that you are unable to regain access through your existing Manager or Admin, or by contacting another Manager/Admin within your organization.

ZITADEL Cloud account (Customer Portal)​

Please visit the support page in the customer portal:

  • State clearly in the subject line that this is related to an account lockout for a ZITADEL Cloud account
  • The sender's email address must match the verified email address of the account owner
  • State the reason why you're not able to recover the account yourself

Please allow us time to validate your request.
Our support team will follow up with additional verification steps if needed.

Instance Manager access recovery​

If you need to recover a Manager account to an instance, please make sure you can't recover the account via another user or service user with Manager permissions.

Please visit the support page in the customer portal:

  • State clearly in the subject line that this is related to an account lockout for the affected instance
  • The sender's email address must match the verified email address of the affected instance manager
  • State the reason why you're not able to recover the account yourself

Please allow us time to validate your request.
Our support team will follow up with additional verification steps if needed.

Last updated on by Elio Bischof