website/integrations-all: add default values change warning (#12777)
* website/integrations-all: add default values change warning * website/integrations-all: update message * Update website/integrations/services/gitea/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/integrations/services/gitea/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/integrations/services/pgadmin/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/integrations/services/hashicorp-cloud/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/integrations/services/hashicorp-vault/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/integrations/services/oracle-cloud/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/integrations/services/hashicorp-vault/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/integrations/services/pgadmin/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/integrations/services/proxmox-ve/index.md Signed-off-by: 4d62 <git@sdko.org> * Update website/integrations/services/zammad/index.md Signed-off-by: 4d62 <git@sdko.org> * Update website/integrations/services/writefreely/index.md Signed-off-by: 4d62 <git@sdko.org> --------- Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: 4d62 <git@sdko.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
This commit is contained in:
4d62
@ -23,6 +23,10 @@ The following placeholders are used in this guide:
|
||||
- `actual.company` is the FQDN of the Actual Budget installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
[Create](https://docs.goauthentik.io/docs/add-secure-apps/applications/manage_apps#add-new-applications) an OAuth2/OpenID provider and an application in authentik. Use the following parameters for the OAuth2/OpenID provider:
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `guacamole.company` is the FQDN of the Guacamole installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
- **Client Type**: `Confidential`
|
||||
|
||||
@ -21,7 +21,7 @@ The following placeholders are used in this guide:
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
Only settings that have been modified from default have been listed.
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Configuration
|
||||
|
||||
@ -21,6 +21,10 @@ The following placeholders are used in this guide:
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
- `SSL Certificate` is the name of the SSL certificate used to sign outgoing responses.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Configuration
|
||||
|
||||
1. Log in to authentik as an admin, and go to the Admin interface.
|
||||
|
||||
@ -28,6 +28,10 @@ The following placeholders are used in this guide:
|
||||
- `awx.company` is the FQDN of the AWX/RHAAP installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik and note the slug, as this will be used later. Create a SAML provider with the following parameters:
|
||||
|
||||
- ACS URL: `https://awx.company/sso/complete/saml/`
|
||||
|
||||
@ -25,6 +25,10 @@ The following placeholders are used in this guide:
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `METADATAURL` is the url for the SAML metadata from authentik
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1
|
||||
|
||||
In authentik, under _Providers_, create a _SAML Provider_ with these settings:
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `budibase.company` is the FQDN of the Budibase installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik. Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
- Client Type: `Confidential`
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `chronograf.company` is the FQDN of your Chronograf installation.
|
||||
- `authentik.company` is the FQDN of your authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. From the authentik Admin interface navigate to **Applications** -> **Applications** on the left sidebar.
|
||||
@ -33,8 +37,8 @@ The following placeholders are used in this guide:
|
||||
|
||||
Add the following environment variables to your Chronograf setup. If you are using a configuration file for Chronograf, these settings can also be included there. You may modify the values for `GENERIC_SCOPES` and `GENERIC_API_KEY` to suit your specific requirements.
|
||||
|
||||
:::info
|
||||
Refer to the [Chronograf configuration options documentation](https://docs.influxdata.com/chronograf/v1/administration/config-options/) for more information.
|
||||
:::info
|
||||
Refer to the [Chronograf configuration options documentation](https://docs.influxdata.com/chronograf/v1/administration/config-options/) for more information.
|
||||
:::
|
||||
|
||||
```
|
||||
|
||||
@ -22,6 +22,10 @@ The following placeholders are used in this guide:
|
||||
|
||||
To proceed, you need to register for a free Cloudflare Access account and have both a Cloudflare account and a publicly accessible authentik instance with a trusted SSL certificate.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. From the Admin interface, navigate to **Applications** -> **Applications**.
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `dokuwiki.company` is the FQDN of the DokiWiki installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## DokuWiki configuration
|
||||
|
||||
In DokuWiki, navigate to the _Extension Manager_ section in the _Administration_ interface and install
|
||||
|
||||
@ -23,6 +23,10 @@ The following placeholders are used in this guide:
|
||||
- `engomo.mapping` is the name of the Scope Mapping.
|
||||
- `ak.cert` is the self-signed certificate that will be used for the service provider.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
In authentik, create a new scope mapping. To do so, log in and navigate to the Admin interface, then go to **Customization --> Property Mapping** and click **Create**.
|
||||
|
||||
@ -25,6 +25,10 @@ The following placeholders are used in this guide:
|
||||
- `authentik.<your_company>` is the FQDN of the authentik installation.
|
||||
- `_SLUG_` is the slug you choose upon application create in authentik.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. Log into authentik as an admin, and navigate to **Applications** --> **Applications**.
|
||||
|
||||
@ -21,6 +21,10 @@ The following placeholders are used in this guide:
|
||||
- `authentik` is the unique ID used to generate logins for this provider.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
- Client type: `Confidential`
|
||||
|
||||
@ -23,6 +23,10 @@ The following placeholders are used in this guide:
|
||||
- `fgt.mapping` is the name of the SAML Property Mapping.
|
||||
- `ak.cert` = The authentik self-signed certificate you use for the service provider.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
> [!IMPORTANT]
|
||||
> If you have changed the port of the admin login from 443 to anything else you have to append it behind `fgt.company`. So f.e. `fgt.company:10443`.
|
||||
|
||||
|
||||
@ -36,6 +36,10 @@ The following placeholders are used in this guide:
|
||||
- `fgt.user.group` = This will be the name of the user group in your Fortigate that you will use in your SSLVPN portal mapping and Firewall rules
|
||||
- `ak.user.group` = This is the user group name that you will use in authentik if you plan on limiting access to the sslvpn via groups.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## FortiGate configuration
|
||||
|
||||
### Preparation
|
||||
|
||||
@ -22,6 +22,10 @@ The following placeholders are used in this guide:
|
||||
- `fgm.company` is the FQDN of the FortiManager installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application and Provider in authentik, note the slug, as this will be used later. Create a SAML provider with the following parameters:
|
||||
|
||||
Provider:
|
||||
|
||||
@ -25,6 +25,10 @@ The following placeholders are used in this guide:
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
- `provider` is the name for the social login provider in Frappe.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. Log in to authentik as an admin, and go to the Admin interface.
|
||||
|
||||
@ -21,6 +21,10 @@ The following placeholders are used in this guide:
|
||||
- `port` is the port on which the FreshRSS install is running (usually 443)
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. Create an **OAuth2/OpenID Provider** under **Applications** > **Providers** using the following settings:
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `gatus.company` is the FQDN of the Gatus installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
Create an OIDC provider with the following settings:
|
||||
|
||||
@ -21,8 +21,12 @@ This is based on authentik 2022.10.1 and Gitea 1.17.3 installed using the offici
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `gitea.company` is the FQDN of Gitea.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
- `gitea.company` is the FQDN of the Gitea installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1
|
||||
|
||||
|
||||
@ -22,7 +22,7 @@ GitHub Enterprise Cloud EMU (Enterprise Managed Users) are not compatible with a
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `github.com/enterprises/foo` is your GitHub organization, where `foo` is the name of your enterprise
|
||||
- `authentik.company` is the FQDN of the authentik Install
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
Create an application in authentik and note the slug, as this will be used later. Create a SAML provider with the following parameters:
|
||||
|
||||
@ -35,6 +35,10 @@ Under _Advanced protocol settings_, set a certificate for _Signing Certificate_.
|
||||
|
||||
Once the provider is created, it is advised to download the signing certificate as you will need it later.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## GitHub Configuration
|
||||
|
||||
Navigate to your enterprise settings by clicking your GitHub user portrait in the top right of GitHub.com, select `Your enterprises` and click `Settings` for the enterprise you wish to configure.
|
||||
|
||||
@ -24,7 +24,7 @@ sidebar_label: GitHub Enterprise Cloud EMU
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `github.com/enterprises/foo` is your GitHub organization, where `foo` is the name of your enterprise
|
||||
- `authentik.company` is the FQDN of the authentik Install
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
- `GitHub Users` is an authentik group used for holding GitHub users.
|
||||
- `GitHub Admins` is an authentik group used for indicating GitHub administrators.
|
||||
|
||||
@ -32,6 +32,10 @@ Note that in order to use the EMU Enterprise, you _must_ set up both SAML and SC
|
||||
|
||||
First, create the two groups, in authentik, go to _Groups_, click _Create_ and put in `GitHub Users`, or your chosen user group name. Repeat this step with your Admin group as well.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## SAML Provider
|
||||
|
||||
Create a SAML provider with the following parameters:
|
||||
|
||||
@ -18,7 +18,7 @@ sidebar_label: GitHub Enterprise Server
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `https://github.company` is your GitHub Enterprise Server installation
|
||||
- `authentik.company` is the FQDN of the authentik Install
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
- `GitHub Users` is an authentik group used for holding GitHub users.
|
||||
- `GitHub Admins` is an authentik group used for indicating GitHub administrators.
|
||||
|
||||
@ -37,6 +37,10 @@ Once the provider is created, it is advised to download the signing certificate
|
||||
|
||||
Create a matching application for your SAML provider.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## SAML Configuration
|
||||
|
||||
If you are planning to use SCIM, (available from GHES 3.14.0) you should create a first admin user on your instance and go to your personal access tokens at `https://github.company/settings/tokens/new`, click _Generate new token_ and click _Generate new token (classic)_. Your token should have a descriptive name and ideally, no expiration date. For permission scopes, you need to select _admin:enterprise_. Click _Generate token_ and store the resulting token in a safe location.
|
||||
|
||||
@ -18,7 +18,7 @@ sidebar_label: GitHub Organization
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `github.com/orgs/foo` is your GitHub organization, where `foo` is the name of your org
|
||||
- `authentik.company` is the FQDN of the authentik Install
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
Create an application in authentik and note the slug, as this will be used later. Create a SAML provider with the following parameters:
|
||||
|
||||
@ -31,6 +31,10 @@ Under _Advanced protocol settings_, set a certificate for _Signing Certificate_.
|
||||
|
||||
Once the provider is created, it is advised to download the signing certificate as you will need it later.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## GitHub Configuration
|
||||
|
||||
Navigate to your organization settings by going to your organization page at https://github.com/foo, then click Settings.
|
||||
|
||||
@ -30,8 +30,8 @@ There are 2 ways to configure single sign on (SSO) for GitLab:
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `gitlab.company` is the FQDN of the GitLab Install
|
||||
- `authentik.company` is the FQDN of the authentik Install
|
||||
- `gitlab.company` is the FQDN of the GitLab installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
Create an application in authentik and note the slug, as this will be used later. Create a SAML provider with the following parameters:
|
||||
|
||||
@ -42,6 +42,10 @@ Create an application in authentik and note the slug, as this will be used later
|
||||
|
||||
Under _Advanced protocol settings_, set a certificate for _Signing Certificate_.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
#### GitLab Configuration
|
||||
|
||||
Paste the following block in your `/etc/gitlab/gitlab.rb` file, after replacing the placeholder values from above.
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `glitchtip.company` is the FQDN of the Glitchtip installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
@ -22,6 +22,10 @@ The following placeholders are used in this guide:
|
||||
- `gp.company` is the FQDN of the GlobalProtect portal.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
:::caution
|
||||
A trusted web certificate is required to be bound to the GlobalProtect Portal. This can be signed by a trusted internal Root Certificate Authority (CA); however, a self signed certificate, a certificate outside of its validity, or a non-standard confirming certificate (such as a lifespan not trusted by modern browsers) will error out on SAML authentication.
|
||||
:::
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
- `example.com` is the default E-mail address configured in Google workspace.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Configuration
|
||||
|
||||
Create an application in authentik and note the slug, as this will be used later. Set the _Launch URL_ to `https://mail.google.com/a/example.com`.
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `grafana.company` is the FQDN of the Grafana installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
- Client Type: `Confidential`
|
||||
|
||||
@ -22,6 +22,10 @@ The following placeholders are used in this guide:
|
||||
- `gravitee.company` is the FQDN of the Gravitee installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. Create an **OAuth2/OpenID Provider** under **Applications** > **Providers** using the following settings:
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `harbor.company` is the FQDN of the Harbor installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
- Client Type: `Confidential`
|
||||
|
||||
@ -17,7 +17,11 @@ sidebar_label: HashiCorp Cloud Platform
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1 - HashiCorp Cloud
|
||||
|
||||
|
||||
@ -21,8 +21,12 @@ This is based on authentik 2022.2.1 and Vault 1.9.3. Instructions may differ bet
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `vault.company` is the FQDN of Vault.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
- `vault.company` is the FQDN of the Vault installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1
|
||||
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `hedgedoc.company` is the FQDN of the HedgeDoc installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
- Client Type: `Confidential`
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `hoarder.company` is the FQDN of the Hoarder installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
### Provider settings
|
||||
|
||||
@ -30,6 +30,10 @@ The following placeholders are used in this guide:
|
||||
- `hass.company` is the FQDN of the Home Assistant installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. Create a **Proxy Provider** under **Applications** > **Providers** using the following settings:
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `https://immich.company` is the URL used to access the Immich instance.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. Create a new OAuth2/OpenID Provider under **Applications** > **Providers** using the following settings:
|
||||
|
||||
@ -35,6 +35,10 @@ The following placeholders are used in this guide:
|
||||
- `dc=company,dc=com` the Base DN of the LDAP outpost.
|
||||
- `ldap_bind_user` the username of the desired LDAP Bind User
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## LDAP Configuration
|
||||
|
||||
### authentik Configuration
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `jenkins.company` is the FQDN of the Service installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
- **Client Type**: `Confidential`
|
||||
|
||||
@ -32,6 +32,10 @@ Create a SAML provider with the following parameters:
|
||||
|
||||
Under _Advanced protocol settings_, set a certificate for _Signing Certificate_.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## Kimai Configuration
|
||||
|
||||
Paste the following block in your `local.yaml` file, after replacing the placeholder values from above. The file is usually located in `/opt/kimai/config/packages/local.yaml`.
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `komga.company` is the FQDN of the Komga installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. From the **authentik Admin interface**, navigate to **Applications** -> **Applications**.
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `linkwarden.company` is the FQDN of the Linkwarden installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## Linkwarden configuration
|
||||
|
||||
To configure Linkwarden to use authentik, add the following values to your `.env` file:
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `mastodon.company` is the FQDN of the mastodon installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Configuration
|
||||
|
||||
### Step 1 - OAuth2/OpenID Provider
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `matrix.company` is the FQDN of the Matrix installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik. Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
- Client Type: `Confidential`
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `meshcentral.company` is the FQDN of the MeshCentral installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `minio.company` is the FQDN of the MinIO installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Mapping to MinIO policies
|
||||
|
||||
The primary way to manage access in MinIO is via [policies](https://min.io/docs/minio/linux/administration/identity-access-management/policy-based-access-control.html#minio-policy). We need to configure authentik to return a list of which MinIO policies should be applied to a user.
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `mobilizon.company` is the FQDN of the mobilizon installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Configuration
|
||||
|
||||
### Step 1 - OAuth2/OpenID Provider
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `netbird.company` is the FQDN of the NetBird installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
### Provider & application configuration
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `netbox.company` is the FQDN of the NetBox installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik and note the slug you choose, as this will be used later. In the Admin Interface, go to _Applications_ -> _Providers_. Create a _OAuth2/OpenID provider_ with the following parameters:
|
||||
|
||||
- Client Type: `Confidential`
|
||||
|
||||
@ -43,6 +43,10 @@ The following placeholders are used in this guide:
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
- `authentik.local` is the internal FQDN of the authentik install (only relevant when running authentik and Nextcloud behind a reverse proxy)
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Lets start by thinking what user attributes need to be available in Nextcloud:
|
||||
|
||||
- name
|
||||
@ -231,6 +235,10 @@ The following placeholders are used in this guide:
|
||||
- `nextcloud.company` is the FQDN of the Nextcloud installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik and note the slug you choose, as this will be used later. In the Admin Interface, go to _Applications_ -> _Providers_. Create a _SAML provider_ with the following parameters:
|
||||
|
||||
- ACS URL: `https://nextcloud.company/apps/user_saml/saml/acs`
|
||||
|
||||
@ -26,6 +26,10 @@ The following placeholders are used in this guide:
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `nodred.company` is the FQDN of Node-RED.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1
|
||||
|
||||
In authentik, create an _OAuth2/OpenID Provider_ (under _Applications/Providers_) with these settings:
|
||||
|
||||
@ -24,6 +24,10 @@ The following placeholders are used in this guide:
|
||||
- `observium.company` is the FQDN of the Observium installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
This guide assumes you already have a working Observium instance. It is recommended to install it with the install script, following the [instructions](https://docs.observium.org/) on Observium's website.
|
||||
|
||||
Apache2 comes bundled with Observium, but there is also a third party module, [mod_auth_openidc](https://github.com/OpenIDC/mod_auth_openidc), which is needed for this configuration to work.
|
||||
|
||||
@ -32,6 +32,10 @@ Click the _Enable Single Sign-on Authentication_ checkbox to enable SSO.
|
||||
|
||||
Scroll down to _ONLYOFFICE SP Metadata_, and copy the _SP Entity ID (link to metadata XML)_ URL. Open this URL in a new tab, and download the XML file.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Setup
|
||||
|
||||
Create an application in authentik, and create a SAML Provider by using _SAML Provider from Metadata_. Give the provider a name, and upload the XML file you've downloaded in the previous step.
|
||||
|
||||
@ -25,6 +25,10 @@ The following placeholders are used in this guide:
|
||||
- `opnsense` is the name of the authentik Service account we'll create.
|
||||
- `DC=ldap,DC=goauthentik,DC=io` is the Base DN of the LDAP Provider (default)
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1
|
||||
|
||||
In authentik, go and 'Create Service account' (under _Directory/Users_) for OPNsense to use as the LDAP Binder, leaving 'Create group' ticked as we'll need that group for the provider.
|
||||
|
||||
@ -17,7 +17,11 @@ sidebar_label: Oracle Cloud
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1 - authentik
|
||||
|
||||
|
||||
@ -22,6 +22,10 @@ The following placeholders are used in this guide:
|
||||
- `organizr.company` is the FQDN of the Service installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create a new user account _(or reuse an existing)_ for organizr to use for LDAP bind under _Directory_ -> _Users_ -> _Create_, in this example called `ldapservice`.
|
||||
|
||||
Note the DN of this user will be `cn=ldapservice,ou=users,dc=ldap,dc=goauthentik,dc=io`
|
||||
|
||||
@ -21,6 +21,10 @@ The following placeholders are used in this guide:
|
||||
- `outline.company` is the FQDN of the Outline installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
@ -25,6 +25,10 @@ The following placeholders are used in this guide:
|
||||
|
||||
- `paperless.company` is the FQDN of the Paperless-ng installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Also set up your proxy server to use forward auth with paperless.company: https://goauthentik.io/docs/providers/proxy/forward_auth
|
||||
|
||||
## Paperless
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `paperless.company` is the FQDN of the Paperless-ngx installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Configuration
|
||||
|
||||
### Step 1 - OAuth2/OpenID Provider
|
||||
|
||||
@ -25,6 +25,10 @@ The following placeholders are used in this guide:
|
||||
- `pfsense-user` is the name of the authentik Service account we'll create.
|
||||
- `DC=ldap,DC=goauthentik,DC=io` is the Base DN of the LDAP Provider (default)
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1 - Service account
|
||||
|
||||
In authentik, create a service account (under _Directory/Users_) for pfSense to use as the LDAP Binder and take note of the password generated.
|
||||
|
||||
@ -21,8 +21,12 @@ This is based on authentik 2024.12.2 and pgAdmin4 8.14
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `pgadmin.company` is the FQDN of pgAdmin.
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `pgadmin.company` is the FQDN of the pgAdmin installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
# authentik configuration
|
||||
|
||||
|
||||
@ -24,6 +24,10 @@ The following placeholders are used in this guide:
|
||||
- `operator-permission-group` in place of your company naming convention
|
||||
- `guest-permission-group` in place of your company naming convention
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
:::note
|
||||
This is based on authentik 2023.3.1 and phpIPAM 1.5.2
|
||||
Only settings that have been modified from default have been listed.
|
||||
|
||||
@ -21,8 +21,12 @@ This is based on authentik 2021.7.3 and Portainer 2.6.x-CE. Portainer 2.6 suppor
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `portainer.company` is the FQDN of Portainer.
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `portainer.company` is the FQDN of Portainer installation.
|
||||
- `authentik.company` is the FQDN of authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `pdns-admin.company` is the FQDN of the PowerDNS-Admin installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create a SAML provider with the following parameters:
|
||||
|
||||
- ACS URL: `https://pdns-admin.company/saml/authorized`
|
||||
|
||||
@ -21,6 +21,10 @@ The following placeholders are used in this guide:
|
||||
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Configuration
|
||||
|
||||
### Step 1 - Service account
|
||||
|
||||
@ -21,9 +21,13 @@ Requires Proxmox VE 7.0 or newer.
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `proxmox.company` is the FQDN of the Proxmox VE server.
|
||||
- `proxmox.company` is the FQDN of the Proxmox VE server installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. In the Admin interface, navigate to **Applications -> Providers** to create an OAuth2/OpenID provider with these settings:
|
||||
|
||||
@ -28,6 +28,10 @@ The following placeholders are used in this guide:
|
||||
- `qnap.serviceAccountToken` is the service account token generated
|
||||
by authentik.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an LDAP Provider if you don't already have one setup.
|
||||
This guide assumes you will be running with TLS. See the [ldap provider docs](https://docs.goauthentik.io/docs/add-secure-apps/providers/ldap) for setting up SSL on the authentik side.
|
||||
|
||||
|
||||
@ -21,6 +21,10 @@ The following placeholders are used in this guide:
|
||||
- `rancher.company` is the FQDN of the Rancher installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Under _Customization_ -> _Property Mappings_, create a _SAML Property Mapping_. Give it a name like "SAML Rancher User ID". Set the SAML name to `rancherUidUsername` and the expression to the following
|
||||
|
||||
```python
|
||||
|
||||
@ -21,8 +21,12 @@ This is based on authentik 2022.3.1 and Rocket.chat 4.5.1 using the [Docker-Comp
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `rocket.company` is the FQDN of Rocket.chat.
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `rocket.company` is the FQDN of Rocket.chat installation.
|
||||
- `authentik.company` is the FQDN of authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1
|
||||
|
||||
|
||||
@ -23,6 +23,10 @@ The following placeholders are used in this guide:
|
||||
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create a new oauth2 Scope Mapping which does not return the 'group' values and associate this mapping
|
||||
in the provider settings instead of the default oauth mapping.
|
||||
|
||||
|
||||
@ -22,6 +22,10 @@ This guide uses the following placeholders:
|
||||
- `rustdesk.company` is the FQDN of the RustDesk Server Pro installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. In the authentik Admin interface, navigate to **Applications** -> **Applications**.
|
||||
|
||||
@ -22,6 +22,10 @@ The following placeholders are used in this guide:
|
||||
- `semaphore.company` is the FQDN of the Semaphore installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
Start the wizard for adding a new application.
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
- `devcompany` is the organization name on Semgrep Cloud platform.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. Log in to your authentik instance as an administrator.
|
||||
|
||||
@ -21,6 +21,10 @@ The following placeholders are used in this guide:
|
||||
- `sentry.company` is the FQDN of the Sentry installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik. Create a SAML Provider with the following values
|
||||
|
||||
- ACS URL: `https://sentry.company/saml/acs/<sentry organisation name>/`
|
||||
|
||||
@ -24,6 +24,10 @@ The following placeholder will be used throughout this document.
|
||||
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## Integration for Dashboard Administrator login
|
||||
|
||||
### Configure Skyhigh Security
|
||||
|
||||
@ -18,6 +18,10 @@ The following placeholder will be used:
|
||||
- You can use <kbd>slack.<em>company</em>></kbd> or <kbd><em>my-workspace</em>.slack.com</kbd> as the FQDN of your Slack instance.
|
||||
- You can use <kbd>authentik.company</kbd> as the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
For additional information about integrating with Slack, refer to their [documentation](https://slack.com/help/articles/205168057-Custom-SAML-single-sign-on).
|
||||
|
||||
## authentik configuration
|
||||
|
||||
@ -31,6 +31,10 @@ The following placeholders are used in this guide:
|
||||
- `snipeit-user` is the name of the authentik service account we will create.
|
||||
- `DC=ldap,DC=authentik,DC=io` is the Base DN of the LDAP Provider (default)
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Configuration
|
||||
|
||||
### Step 1 - Service account
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `sonarqube.company` is the FQDN of the sonarqube installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## Terraform provider
|
||||
|
||||
Create an application in authentik. Create a SAML Provider with the following values
|
||||
|
||||
@ -24,6 +24,10 @@ The following placeholders are used in this guide:
|
||||
- `sonarr.company` is the FQDN of the Sonarr installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create a Proxy Provider with the following values
|
||||
|
||||
- Internal host
|
||||
|
||||
@ -34,6 +34,10 @@ The following placeholders are used in this guide:
|
||||
- `sssd.serviceAccountToken` is the service account token generated
|
||||
by authentik.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an LDAP Provider if you don't already have one setup.
|
||||
This guide assumes you will be running with TLS and that you've
|
||||
correctly setup certificates both in authentik and on the host
|
||||
|
||||
@ -24,6 +24,10 @@ The following placeholders are used in this guide:
|
||||
- `synology.company` is the FQDN of the Synology DSM server.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
### Step 1
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `tautulli.company` is the FQDN of the Tautulli installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Setup
|
||||
|
||||
Because Tautulli requires valid HTTP Basic credentials, you must save your HTTP Basic Credentials in authentik. The recommended way to do this is to create a Group. Name the group "Tautulli Users", for example. For this group, add the following attributes:
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `terrakube-dex.company` is the FQDN of the [Dex](https://dexidp.io/) container of the Terrakube installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
1. From the Admin interface, navigate to **Applications** -> **Applications**.
|
||||
|
||||
@ -26,6 +26,10 @@ The following placeholders are used in this guide:
|
||||
- `dc=company,dc=com` the Base DN of the LDAP outpost. If you followed the LDAP provider guide this is: `dc=goauthentik,dc=io`
|
||||
- `ldap_bind_user` the username of the desired LDAP Bind User. If you followed the LDAP provider guide this is: `ldapservice`
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## LDAP Configuration
|
||||
|
||||
### authentik Configuration
|
||||
|
||||
@ -24,6 +24,10 @@ The following placeholders are used in this guide:
|
||||
- `truecommand.company` is the FQDN of the snipe-it installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik and use the slug for later as `truenas-truecommand`.
|
||||
|
||||
Create a SAML provider with the following parameters:
|
||||
|
||||
@ -24,6 +24,10 @@ The following placeholders are used in this guide:
|
||||
- `landscape.company` is the FQDN of the Landscape server.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Landscape uses the OpenID-Connect Protocol for single-sign on.
|
||||
|
||||
## authentik Setup
|
||||
|
||||
@ -22,6 +22,10 @@ The following placeholders are used in this guide:
|
||||
- `uptime-kuma.company` is the FQDN of the Uptime Kuma installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik. Create a Proxy provider with the following parameters:
|
||||
|
||||
- Internal host
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `veeam.company` is the FQDN of the Veeam Enterprise Manager installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
You will need an existing group or multiple in authentik to assign roles in Veeam Enterprise Manager to.
|
||||
|
||||
## In Veeam Enterprise Manager
|
||||
|
||||
@ -25,6 +25,10 @@ The following placeholders are used in this guide:
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `authentik Login` is the name shown on Vikunja set in config.yml, and used for the Redirect URI. If the name set in config.yml has capitalization or spaces like in this example, they will be set to lowercase and no spaces in the callback URL, like `authentiklogin`.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1
|
||||
|
||||
In authentik, under _Providers_, create an _OAuth2/OpenID Provider_ with these settings:
|
||||
|
||||
@ -22,6 +22,10 @@ The following placeholders will be used in the examples below:
|
||||
- `vcenter.company` is the FQDN of the vCenter server.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
Create an application and an OAuth2/OpenID provider, using the authentik Wizard.
|
||||
|
||||
@ -19,7 +19,11 @@ The following placeholders are used in this guide:
|
||||
|
||||
- `weblate.company` is the FQDN of the Weblate installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
- `weblate-slug` is the slug of the Weblate application
|
||||
- `weblate-slug` is the slug of the Weblate application.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik and note the slug, as this will be used later. Create a SAML provider with the following parameters:
|
||||
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `wekan.company` is the FQDN of the wekan installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik. Create an OAuth2/OpenID provider with the following parameters:
|
||||
|
||||
- Client Type: `Confidential`
|
||||
|
||||
@ -20,6 +20,10 @@ The following placeholders are used in this guide:
|
||||
- `wud.company` is the FQDN of the WUD installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## WUD configuration
|
||||
|
||||
To configure WUD to use authentik, add the following values to your `.env` file:
|
||||
|
||||
@ -21,8 +21,12 @@ This is based on authentik 2022.11 and Wiki.js 2.5. Instructions may differ betw
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `wiki.company` is the FQDN of Wiki.js.
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `wiki.company` is the FQDN of Wiki.js installation.
|
||||
- `authentik.company` is the FQDN of authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1
|
||||
|
||||
|
||||
@ -21,8 +21,12 @@ There are many different plugins for WordPress that allow you to setup SSO using
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `wp.company` is the FQDN of WordPress.
|
||||
- `authentik.company` is the FQDN of authentik.
|
||||
- `wp.company` is the FQDN of WordPress installation.
|
||||
- `authentik.company` is the FQDN of authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
### Step 1 - authentik
|
||||
|
||||
|
||||
@ -21,9 +21,13 @@ Currently it is not possible to connect writefreely to authentik without making
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `writefreely.company` is the FQDN of the writefreely installation.
|
||||
- `writefreely.company` is the FQDN of the Writefreely installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Configuration
|
||||
|
||||
### Step 1 - OAuth2/OpenID Provider
|
||||
|
||||
@ -25,6 +25,10 @@ The following placeholders are used in this guide:
|
||||
- `xenorchestra.company` is the FQDN of the Xen Orchestra instance.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik configuration
|
||||
|
||||
### 1. Provider
|
||||
|
||||
@ -22,6 +22,10 @@ The following placeholders are used in this guide:
|
||||
- `zabbix.company` is the FQDN of the Zabbix installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik and note the slug, as this will be used later. Create a SAML provider with the following parameters:
|
||||
|
||||
- ACS URL: `https://zabbix.company/zabbix/index_sso.php?acs`
|
||||
|
||||
@ -18,9 +18,13 @@ sidebar_label: Zammad
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `zammad.company` is the FQDN of the zammad installation.
|
||||
- `zammad.company` is the FQDN of the Zammad installation.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
## authentik Configuration
|
||||
|
||||
### Step 1 - Property Mappings
|
||||
|
||||
@ -18,8 +18,12 @@ sidebar_label: Zulip
|
||||
|
||||
The following placeholders are used in this guide:
|
||||
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
- `zulip.company` is the FQDN of the Zulip instance.
|
||||
- `authentik.company` is the FQDN of the authentik installation.
|
||||
|
||||
:::note
|
||||
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
|
||||
:::
|
||||
|
||||
Create an application in authentik and note the slug, as this will be used later. Create a SAML provider with the following parameters:
|
||||
|
||||
|
||||
Reference in New Issue
Block a user