habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

blueprints: allow setting of token key in blueprint context (#4995)

Browse Source 
closes #4717

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L
2023-03-18 00:10:12 +01:00
committed by Jens Langhammer
parent 1d5f399b61
commit 4d8d405e70
6 changed files with 52 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
website/developer-docs/api/api.md
View File

@ -18,7 +18,7 @@ When authenticating with a flow, you'll get an authenticated Session cookie, tha
### API Token
Superusers can create tokens to authenticate as any user with a static key, which can optionally be expiring and auto-rotate.
Users can create tokens to authenticate as any user with a static key, which can optionally be expiring and auto-rotate.
### JWT Token

27
website/developer-docs/blueprints/v1/models.md Normal file
View File

@ -0,0 +1,27 @@
# Models
Some models behave differently and allow for access to different API fields when created via blueprint.
### `authentik_core.token`
:::info
Requires authentik 2023.4
:::
Via the standard API, a token's key cannot be changed, it can only be rotated. This is to ensure a high entropy in it's key, and to prevent insecure data from being used. However, when provisioning tokens via a blueprint, it may be required to set a token to an existing value.
With blueprints, the field `key` can be set, to set the token's key to any value.
For example:
```yaml
# [...]
- model: authentik_core.token
state: present
identifiers:
identifier: my-token
attrs:
key: this-should-be-a-long-value
user: !KeyOf my-user
intent: api
```