habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

website/docs: Update Docusaurus config. Prep for version picker. (#14401)

Browse Source 
* website/docs: Clean up config. Add types.

* website/docs: Format MDX.

* website: Fix build warnings. Lint badges frontmatter.
This commit is contained in:
Teffen Ellis
2025-05-06 16:04:39 +02:00
committed by GitHub
parent 488a58e1c5
commit bfdb827ff9
65 changed files with 1504 additions and 1338 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
website/.prettierignore
View File

@ -6,6 +6,3 @@ coverage
node_modules
help
static
# TODO: Enable after monorepo formatting is cleaned up.
**/*.md
**/*.mdx

3
website/docs/add-secure-apps/flows-stages/stages/authenticator_email/index.md
View File

@ -1,9 +1,8 @@
---
title: Email Authenticator Setup stage
authentik_version: "2025.2"
---
<span class="badge badge--version">authentik 2025.2+</span>
This stage configures an email-based authenticator that sends a one-time code to a user's email address for authentication.
When a user goes through a flow that includes this stage, they are prompted for their email address (if not already set). The user then receives an email with a one-time code, which they enter into the authentik Login panel.

2
website/docs/add-secure-apps/flows-stages/stages/authenticator_webauthn/index.mdx
View File

@ -2,8 +2,6 @@
title: WebAuthn / Passkeys Authenticator setup stage
---
<span class="badge badge--version">authentik 2021.3.1+</span>
This stage configures a WebAuthn-based Authenticator. This can either be a browser, biometrics or a Security stick like a YubiKey.
### Options

2
website/docs/add-secure-apps/flows-stages/stages/email/index.mdx
View File

@ -29,8 +29,8 @@ You can also use custom email templates, to use your own design or layout.
Starting with authentik 2024.2, it is possible to create `.txt` files with the same name as the `.html` template. If a matching `.txt` file exists, the email sent will be a multipart email with both the text and HTML template.
:::
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="docker-compose"

3
website/docs/add-secure-apps/providers/proxy/server_caddy.mdx
View File

@ -2,8 +2,9 @@
title: Caddy
---
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
import Placeholders from "./__placeholders.md";
import CaddyStandalone from "./_caddy_standalone.md";

5
website/docs/add-secure-apps/providers/proxy/server_envoy.mdx
View File

@ -2,13 +2,12 @@
title: Envoy
---
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
import Placeholders from "./__placeholders.md";
import EnvoyIstio from "./_envoy_istio.md";
# Envoy
The configuration template shown below apply to both single-application and domain-level forward auth.
:::info

2
website/docs/add-secure-apps/providers/proxy/server_nginx.mdx
View File

@ -1,5 +1,5 @@
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
# nginx

2
website/docs/add-secure-apps/providers/proxy/server_traefik.mdx
View File

@ -1,5 +1,5 @@
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
# Traefik

2
website/docs/customize/blueprints/v1/example.md
View File

@ -4,6 +4,7 @@ title: Example
This is one of the default packaged blueprints to create the default authentication flow.
<!-- prettier-ignore-start -->
```yaml
version: 1
metadata:
@ -64,3 +65,4 @@ entries:
target: !KeyOf flow
model: authentik_flows.flowstagebinding
```
<!-- prettier-ignore-end -->

17
website/docs/customize/blueprints/v1/tags.mdx
View File

@ -48,6 +48,8 @@ Returns the value of the given environment variable. Can be used as a scalar wit
Examples:
{/* prettier-ignore-start */}
```yaml
configure_flow: !Find [authentik_flows.flow, [slug, default-password-change]]
```
@ -60,6 +62,8 @@ configure_flow:
]
```
{/* prettier-ignore-end */}
Looks up any model and resolves to the the matches' primary key.
First argument is the model to be queried, remaining arguments are expected to be pairs of key=value pairs to query for.
@ -67,10 +71,15 @@ First argument is the model to be queried, remaining arguments are expected to b
Example:
{/* prettier-ignore-start */}
```yaml
configure_flow: !Context foo
```
{/* prettier-ignore-end */}
Find values from the context. Can optionally be called with a default like `!Context [foo, default-value]`.
#### `!Format`
@ -209,6 +218,8 @@ For example, given a sequence like this - `["a", "b", "c"]`, this tag will resol
Minimal examples:
{/* prettier-ignore-start */}
```yaml
configuration_stages: !Enumerate [
!Context map_of_totp_stage_names_and_types,
@ -224,6 +235,8 @@ configuration_stages: !Enumerate [
]
```
{/* prettier-ignore-end */}
The above example will resolve to something like this:
```yaml
@ -265,6 +278,8 @@ Full example:
Note that an `!Enumeration` tag's iterable can never be an `!Item` or `!Value` tag with a depth of `0`. Minimum depth allowed is `1`. This is because a depth of `0` refers to the `!Enumeration` tag the `!Item` or `!Value` tag is in, and an `!Enumeration` tag cannot iterate over itself.
:::
{/* prettier-ignore-start */}
```yaml
example: !Enumerate [
!Context sequence, # ["foo", "bar"]
@ -288,6 +303,8 @@ example: !Enumerate [
]
```
{/* prettier-ignore-end */}
The above example will resolve to something like this:
```yaml

2
website/docs/customize/interfaces/_global/customcss.mdx
View File

@ -2,8 +2,8 @@
To further modify the look of authentik, a custom CSS file can be created. Creating such a file is outside the scope of this document.
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="docker-compose"

2
website/docs/developer-docs/docs/style-guide.mdx
View File

@ -255,8 +255,8 @@ This section covers the usage of React components within our documentation. File
Use **Tabs** to display different configurations (e.g., setting up authentication with OIDC vs. SAML) to help users navigate between options. Default to the easier or more common option. Insert the following lines wherever you want the code block to appear:
```jsx
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="oidc"

4
website/docs/developer-docs/setup/full-dev-environment.mdx
View File

@ -9,9 +9,9 @@ tags:
- docker
---
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import ExecutionEnvironment from "@docusaurus/ExecutionEnvironment";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
## Requirements

11
website/docs/index.mdx
View File

@ -24,39 +24,34 @@ The authentik product provides the following consoles:
In authentik, you can use Light or Dark mode for the Admin interface, User interface, and the Flow interface.
import "react-before-after-slider-component/dist/build.css";
import ReactBeforeSliderComponent from "react-before-after-slider-component";
import useBaseUrl from "@docusaurus/useBaseUrl";
import ReactBeforeSliderComponent from "react-before-after-slider-component";
import "react-before-after-slider-component/dist/build.css";
<ReactBeforeSliderComponent
firstImage={{
id: 1,
imageUrl: useBaseUrl("img/screen_flow_dark.jpg"),
}}
secondImage={{
id: 2,
imageUrl: useBaseUrl("img/screen_flow_light.jpg"),
}}
/>
<ReactBeforeSliderComponent
firstImage={{
id: 1,
imageUrl: useBaseUrl("img/screen_apps_dark.jpg"),
}}
secondImage={{
id: 2,
imageUrl: useBaseUrl("img/screen_apps_light.jpg"),
}}
/>
<ReactBeforeSliderComponent
firstImage={{
id: 1,
imageUrl: useBaseUrl("img/screen_admin_dark.jpg"),
}}
secondImage={{
id: 2,
imageUrl: useBaseUrl("img/screen_admin_light.jpg"),
}}
/>

2
website/docs/install-config/air-gapped.mdx
View File

@ -17,8 +17,8 @@ To disable these outbound connections, adjust the settings as follows:
To view a list of all configuration options, refer to the [Configuration](./configuration/configuration.mdx) documentation.
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="docker-compose"

2
website/docs/install-config/beta.mdx
View File

@ -8,8 +8,8 @@ You can test upcoming authentik versions, including major new features that are
Downgrading from the Beta is not supported. It is recommended to take a backup before upgrading, or test Beta versions on a separate install. Upgrading from Beta versions to the next release is usually possible, however also not supported.
:::
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="docker-compose"

2
website/docs/install-config/configuration/configuration.mdx
View File

@ -17,8 +17,8 @@ All of these variables can be set to values, but you can also use a URI-like for
## Set your environment variables
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs groupId="platform">
<TabItem value="docker-compose" label="Docker Compose" default>

2
website/docs/install-config/install/docker-compose.mdx
View File

@ -27,8 +27,8 @@ This installation method is for test setups and small-scale production setups.
To download the latest `docker-compose.yml` open your terminal and navigate to the directory of your choice.
Run the following command:
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
{/* prettier-ignore */}
<Tabs groupId="OS">

2
website/docs/install-config/upgrade.mdx
View File

@ -20,8 +20,8 @@ authentik does not support downgrading. Make sure to back up your database in ca
## Upgrade authentik
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs groupId="platform">
<TabItem value="docker-compose" label="Docker Compose" default>

6
website/docs/releases/2024/v2024.10.md
View File

@ -5,8 +5,8 @@ slug: "/releases/2024.10"
## Highlights
- **Chrome Device Trust** <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>: Verify that your users are logging in from managed devices and validate the devices' compliance with company policies.
- **FIPS/FAL3 for FedRAMP "very high" compliance** <span class="badge badge--primary">Enterprise+</span>: with support for SAML encryption and now JWE (JSON Web Encryption) support, authentik can now be configured for FIPS compliance at Federation Assurance Level (FAL) 3.
- **Chrome Device Trust** :ak-enterprise :ak-preview : Verify that your users are logging in from managed devices and validate the devices' compliance with company policies.
- **FIPS/FAL3 for FedRAMP "very high" compliance** :ak-enterprise : with support for SAML encryption and now JWE (JSON Web Encryption) support, authentik can now be configured for FIPS compliance at Federation Assurance Level (FAL) 3.
- **Captcha on Identification stage**: Run a CAPTCHA process in the background while the user is entering their identification.
- **Kerberos source**: authentik can now integrate with existing Kerberos environments by allowing users to log in with their Kerberos credentials, SPNEGO, or syncing users into authentik.
@ -16,7 +16,7 @@ We have no breaking changes this release!
## New features
- **Chrome Device Trust** <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>
- **Chrome Device Trust** :ak-enterprise :ak-preview
This is a new stage for Enterprise clients that verifies the user through the Chrome Verified Access API. This stage only works with Google Chrome. You'll need to bring your own [Verified Access API instance](https://developers.google.com/chrome/verified-access/overview) via Google Cloud.

8
website/docs/releases/2024/v2024.12.md
View File

@ -6,8 +6,8 @@ slug: "/releases/2024.12"
## Highlights
- **Redirect stage** Conditionally redirect users to other flows and URLs.
- **Application entitlements** <span class="badge badge--info">Preview</span> Additional granular permission configuration on an application-level basis.
- **CloudFormation** <span class="badge badge--info">Preview</span> One-click deploy on AWS.
- **Application entitlements** :ak-preview Additional granular permission configuration on an application-level basis.
- **CloudFormation** :ak-preview One-click deploy on AWS.
- **Policies in the application wizard** Configure access restriction while creating an application.
## Breaking changes
@ -32,7 +32,7 @@ slug: "/releases/2024.12"
This new stage allows redirecting a user to another flow or external URL. This allows for dynamically choosing which flow runs depending on user attributes or other factors, or redirection to another URL.
- **Application entitlements** <span class="badge badge--info">Preview</span>
- **Application entitlements** :ak-preview
Centrally configure permissions by granting entitlements to groups and users on an application-level basis.
@ -40,7 +40,7 @@ slug: "/releases/2024.12"
In the application creation wizard, administrators can now configure policies bindings along with the other application settings.
- **CloudFormation** <span class="badge badge--info">Preview</span>
- **CloudFormation** :ak-preview
Deploy authentik in your own AWS environment with one click using our new [AWS CloudFormation template](../../install-config/install/aws.md).

8
website/docs/releases/2024/v2024.2.md
View File

@ -5,9 +5,9 @@ slug: /releases/2024.2
## Highlights
- **Remote Access Control** <span class="badge badge--primary">Enterprise</span> Access machines over RDP, SSH, and VNC from authentik
- **Remote Access Control** :ak-enterprise Access machines over RDP, SSH, and VNC from authentik
- **Audit logging** <span class="badge badge--primary">Enterprise</span> See what fields were changed when objects are updated
- **Audit logging** :ak-enterprise See what fields were changed when objects are updated
- **Session location and network binding** Increase security by preventing session theft
@ -102,11 +102,11 @@ slug: /releases/2024.2
## New features
- **New provider: Remote Access Control** <span class="badge badge--primary">Enterprise</span>
- **New provider: Remote Access Control** :ak-enterprise
The Remote Access Control provider allows you to remotely connect to remote machines over RDP, SSH and VNC through authentik. As such, you can use the same policy engine and customization options that are possible with other providers using the same user and admin interface.
- **Audit logging** <span class="badge badge--primary">Enterprise</span>
- **Audit logging** :ak-enterprise
authentik instances that have a valid enterprise license installed will log any changes made to models, including which fields were changed with previous and new values of the fields. The values are censored if they are sensitive (for example a password hash), however a hash of the changed value will still be logged.

8
website/docs/releases/2024/v2024.4.md
View File

@ -5,9 +5,9 @@ slug: /releases/2024.4
## Highlights
- **OAuth/SAML as authentication factor** <span class="badge badge--primary">Enterprise</span> Use an external provider as part of an MFA authentication flow, including custom implementations
- **OAuth/SAML as authentication factor** :ak-enterprise Use an external provider as part of an MFA authentication flow, including custom implementations
- **SCIM Source** <span class="badge badge--info">Preview</span> Provision users and groups in authentik using an SCIM API
- **SCIM Source** :ak-preview Provision users and groups in authentik using an SCIM API
- **Configurable WebAuthn device restrictions** Configure which types of WebAuthn devices can be used to enroll and validate for different authorization levels.
@ -27,13 +27,13 @@ slug: /releases/2024.4
## New features
- **Source stage** <span class="badge badge--primary">Enterprise</span>
- **Source stage** :ak-enterprise
The source stage allows for an inclusion of a source as part of a flow. This can be used to link a user to a source as part of their authentication/enrollment, or it can be used as an external multi-factor to provide device health attestation for example.
For details refer to [Source stage](../../add-secure-apps/flows-stages/stages/source/index.md)
- **SCIM Source** <span class="badge badge--info">Preview</span>
- **SCIM Source** :ak-preview
Provision users and groups in authentik using an SCIM API.

6
website/docs/releases/2024/v2024.6.md
View File

@ -6,7 +6,7 @@ slug: /releases/2024.6
## Highlights
- **PostgreSQL read replicas**: Optimize database query routing by using read replicas to balance the load
- **New Enterprise providers**: <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span> Google Workspace and Microsoft Entra ID providers allow for user synchronization with authentik
- **New Enterprise providers**: :ak-enterprise :ak-preview Google Workspace and Microsoft Entra ID providers allow for user synchronization with authentik
- **Improved CAPTCHA stage**: Allows configurable dynamic use of CAPTCHAs
## Breaking changes
@ -29,13 +29,13 @@ The `context["geoip"]` and `context["asn"]` objects available in expression poli
## New features
- **Google Workspace Provider** <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>
- **Google Workspace Provider** :ak-enterprise :ak-preview
With the Google Workspace provider, authentik serves as the single source of truth for all users and groups, when using Google products like Gmail.
For details refer to the [Google Workspace Provider documentation](../../add-secure-apps/providers/gws/index.md)
- **Microsoft Entra ID Provider** <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>
- **Microsoft Entra ID Provider** :ak-enterprise :ak-preview
With the Microsoft Entra ID provider, authentik serves as the single source of truth for all users and groups. Configuring Entra ID as a provider allows for auto-discovery of user and group accounts, on-going synchronization of user data such as email address, name, and status, and integrated data mapping of field names and values.

6
website/docs/releases/2025/v2025.2.md
View File

@ -5,7 +5,7 @@ slug: "/releases/2025.2"
## Highlights
- **SSF Provider <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>** Add support for Shared Signals Framework.
- **SSF Provider :ak-enterprise :ak-preview** Add support for Shared Signals Framework.
- **RAC moved open source** Remote access is now available to everyone!
- **GeoIP distance and impossible travel checks** Add the ability to check for the distance a user has moved compared to a previous login, and if the user could have travelled the distance.
- **Email OTP Stage** Allow users to use their email accounts as a one-time-password during authentication.
@ -13,7 +13,7 @@ slug: "/releases/2025.2"
## Breaking changes
- **Fixed behaviour in Source stage <span class="badge badge--primary">Enterprise</span>**
- **Fixed behaviour in Source stage :ak-enterprise**
In previous versions, the Source stage would incorrectly continue with the initial flow after returning from the source, which didn't match the documented behaviour.
@ -29,7 +29,7 @@ slug: "/releases/2025.2"
## New features
- **SSF Provider** <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>
- **SSF Provider** :ak-enterprise :ak-preview
[Shared Signals Framework](../../add-secure-apps/providers/ssf/index.md) allows applications to register a stream with authentik within which they can received events from authentik such as when a session was revoked or a credential was add/changed/deleted and execute actions based on these events.

2
website/docs/releases/2025/v2025.4.md
View File

@ -11,7 +11,7 @@ slug: "/releases/2025.4"
- **RBAC: Initial Permissions** :ak-preview Provides more flexible access control by assigning permissions to the user/role creating a new object in authentik. Use **Initial Permissions** as a pragmatic way to implement the principle of least privilege.
- **Password History Policy** <span class="badge badge--primary">Enterprise</span> A new policy (the Password Uniqueness policy) can be implemented to prevent users from reusing previous passwords; admins are able to configure how many previous password hashes the system will store and evaluate. This new policy makes it easier to enforce password reuse requirements, such as for FedRAMP compliance.
- **Password History Policy** :ak-enterprise A new policy (the Password Uniqueness policy) can be implemented to prevent users from reusing previous passwords; admins are able to configure how many previous password hashes the system will store and evaluate. This new policy makes it easier to enforce password reuse requirements, such as for FedRAMP compliance.
- **Provider Sync Dry Run** :ak-preview Add the option for dry-run syncs for SCIM, Google Workspace, and Microsoft Entra providers to preview the results of a sync without affecting live accounts.

2
website/docs/sys-mgmt/ops/geoip.mdx
View File

@ -14,8 +14,8 @@ By default, the GeoIP database is loaded from `/geoip/GeoLite2-City.mmdb`. If mo
If you want to disable GeoIP, you can set the path to a non-existent path and authentik will skip the GeoIP.
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="docker-compose"

2
website/docs/sys-mgmt/service-accounts.md
View File

@ -3,8 +3,6 @@ title: Service Accounts
sidebar_label: Service Accounts
---
# Service Accounts
Service accounts are specialized user accounts designed for machine-to-machine authentication and automation purposes rather than interactive human use. They're ideal for integrating authentik with external systems, APIs, and services.
## Types of Service Accounts

2
website/docs/troubleshooting/forward_auth/general.mdx
View File

@ -2,8 +2,8 @@
title: General troubleshooting steps
---
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
## Set the log level to TRACE

2
website/docs/troubleshooting/logs.mdx
View File

@ -10,8 +10,8 @@ The server and worker containers support multiple log levels: `debug`, `info`, `
To modify the log level, follow the steps for your platform
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
groupId="platform"

2
website/docs/users-sources/sources/protocols/scim/index.md
View File

@ -32,6 +32,7 @@ See the [overview](../../property-mappings/index.md) for information on how prop
Each top level SCIM attribute is available as a variable in the expression. For example given an SCIM request with the payload of
<!-- prettier-ignore-start -->
```json
{
"schemas": [
@ -57,6 +58,7 @@ Each top level SCIM attribute is available as a variable in the expression. For
}
}
```
<!-- prettier-ignore-end -->
The following variables are available in the expression:

12
website/docusaurus.config.cjs Normal file
View File

@ -0,0 +1,12 @@
/**
* @file CommonJS Docusaurus config adapter.
*
* This exists to allow an ESM Docusaurus configuration to be imported in a CommonJS.
*
* @import Config from "./docusaurus.config.esm.mjs"
*/
/**
* @see {@linkcode Config} for the Docusaurus configuration type.
*/
module.exports = import("./docusaurus.config.esm.mjs").then(($) => $.default);

164
website/docusaurus.config.esm.mjs Normal file
View File

@ -0,0 +1,164 @@
/**
* @file Docusaurus config.
*
* @import * as Preset from "@docusaurus/preset-classic";
* @import * as OpenApiPlugin from "docusaurus-plugin-openapi-docs";
* @import { BuildUrlValues } from "remark-github";
*/
import { createDocusaurusConfig } from "@goauthentik/docusaurus-config";
import { createRequire } from "node:module";
import remarkDirective from "remark-directive";
import remarkGithub, { defaultBuildUrl } from "remark-github";
import remarkEnterpriseDirective from "./remark/enterprise-directive.mjs";
import remarkPreviewDirective from "./remark/preview-directive.mjs";
import remarkSupportDirective from "./remark/support-directive.mjs";
import remarkVersionDirective from "./remark/version-directive.mjs";
const require = createRequire(import.meta.url);
/**
* Documentation site configuration for Docusaurus.
*/
const config = createDocusaurusConfig({
url: "https://docs.goauthentik.io",
future: {
experimental_faster: true,
},
themes: ["@docusaurus/theme-mermaid", "docusaurus-theme-openapi-docs"],
themeConfig: {
image: "img/social.png",
navbar: {
logo: {
alt: "authentik logo",
src: "img/icon_left_brand.svg",
href: "https://goauthentik.io/",
target: "_self",
},
items: [
{
to: "https://goauthentik.io/features",
label: "Features",
position: "left",
target: "_self",
},
{
to: "integrations/",
label: "Integrations",
position: "left",
},
{
to: "docs/",
label: "Documentation",
position: "left",
},
{
to: "https://goauthentik.io/pricing/",
label: "Pricing",
position: "left",
target: "_self",
},
{
to: "https://goauthentik.io/blog",
label: "Blog",
position: "left",
target: "_self",
},
{
"href": "https://github.com/goauthentik/authentik",
"data-icon": "github",
"aria-label": "GitHub",
"position": "right",
},
{
"href": "https://goauthentik.io/discord",
"data-icon": "discord",
"aria-label": "Discord",
"position": "right",
},
],
},
footer: {
links: [],
copyright: `Copyright © ${new Date().getFullYear()} Authentik Security Inc. Built with Docusaurus.`,
},
algolia: {
appId: "36ROD0O0FV",
apiKey: "727db511300ca9aec5425645bbbddfb5",
indexName: "goauthentik",
},
},
presets: [
[
"@docusaurus/preset-classic",
/** @type {Preset.Options} */ ({
docs: {
id: "docs",
sidebarPath: "./sidebars/docs.mjs",
showLastUpdateTime: false,
editUrl: "https://github.com/goauthentik/authentik/edit/main/website/",
docItemComponent: "@theme/ApiItem",
beforeDefaultRemarkPlugins: [
remarkDirective,
remarkVersionDirective,
remarkEnterpriseDirective,
remarkPreviewDirective,
remarkSupportDirective,
],
remarkPlugins: [
[
remarkGithub,
{
repository: "goauthentik/authentik",
/**
* @param {BuildUrlValues} values
*/
buildUrl: (values) => {
// Only replace issues and PR links
return values.type === "issue" || values.type === "mention"
? defaultBuildUrl(values)
: false;
},
},
],
],
},
theme: {
customCss: require.resolve("@goauthentik/docusaurus-config/css/index.css"),
},
}),
],
],
plugins: [
[
"@docusaurus/plugin-content-docs",
{
id: "docsIntegrations",
path: "integrations",
routeBasePath: "integrations",
sidebarPath: "./sidebars/integrations.mjs",
editUrl: "https://github.com/goauthentik/authentik/edit/main/website/",
},
],
[
"docusaurus-plugin-openapi-docs",
{
id: "api",
docsPluginId: "docs",
config: /** @type {OpenApiPlugin.Options} */ ({
authentik: {
specPath: "static/schema.yml",
outputDir: "docs/developer-docs/api/reference/",
hideSendButton: true,
sidebarOptions: {
groupPathsBy: "tag",
},
},
}),
},
],
],
});
export default config;

184
website/docusaurus.config.ts
View File

@ -1,184 +0,0 @@
import type * as Preset from "@docusaurus/preset-classic";
import type { Config } from "@docusaurus/types";
import type * as OpenApiPlugin from "docusaurus-plugin-openapi-docs";
import { themes as prismThemes } from "prism-react-renderer";
import remarkDirective from "remark-directive";
import remarkGithub, { BuildUrlValues } from "remark-github";
import { defaultBuildUrl } from "remark-github";
import remarkPreviewDirective from "./remark/preview-directive.js";
import remarkSupportDirective from "./remark/support-directive.js";
import remarkVersionDirective from "./remark/version-directive.js";
const createConfig = (): Config => {
return {
title: "authentik",
tagline: "Bring all of your authentication into a unified platform.",
url: "https://docs.goauthentik.io",
baseUrl: "/",
onBrokenLinks: "throw",
onBrokenAnchors: "throw",
favicon: "img/icon.png",
organizationName: "Authentik Security Inc.",
projectName: "authentik",
themeConfig: {
image: "img/social.png",
navbar: {
logo: {
alt: "authentik logo",
src: "img/icon_left_brand.svg",
href: "https://goauthentik.io/",
target: "_self",
},
items: [
{
to: "https://goauthentik.io/features",
label: "Features",
position: "left",
target: "_self",
},
{
to: "integrations/",
label: "Integrations",
position: "left",
},
{
to: "docs/",
label: "Documentation",
position: "left",
},
{
to: "https://goauthentik.io/pricing/",
label: "Pricing",
position: "left",
target: "_self",
},
{
to: "https://goauthentik.io/blog",
label: "Blog",
position: "left",
target: "_self",
},
{
"href": "https://github.com/goauthentik/authentik",
"data-icon": "github",
"aria-label": "GitHub",
"position": "right",
},
{
"href": "https://goauthentik.io/discord",
"data-icon": "discord",
"aria-label": "Discord",
"position": "right",
},
],
},
footer: {
links: [],
copyright: `Copyright © ${new Date().getFullYear()} Authentik Security Inc. Built with Docusaurus.`,
},
tableOfContents: {
minHeadingLevel: 2,
maxHeadingLevel: 3,
},
colorMode: {
respectPrefersColorScheme: true,
},
algolia: {
appId: "36ROD0O0FV",
apiKey: "727db511300ca9aec5425645bbbddfb5",
indexName: "goauthentik",
},
prism: {
theme: prismThemes.oneLight,
darkTheme: prismThemes.oneDark,
additionalLanguages: [
// ---
"apacheconf",
"diff",
"http",
"json",
"nginx",
"python",
"bash",
],
},
},
presets: [
[
"@docusaurus/preset-classic",
{
docs: {
id: "docs",
sidebarPath: "./sidebars.js",
showLastUpdateTime: false,
editUrl: "https://github.com/goauthentik/authentik/edit/main/website/",
docItemComponent: "@theme/ApiItem",
beforeDefaultRemarkPlugins: [
remarkDirective,
remarkVersionDirective,
remarkPreviewDirective,
remarkSupportDirective,
],
remarkPlugins: [
[
remarkGithub,
{
repository: "goauthentik/authentik",
// Only replace issues and PR links
buildUrl: (values: BuildUrlValues) => {
return values.type === "issue" || values.type === "mention"
? defaultBuildUrl(values)
: false;
},
},
],
],
},
theme: {
customCss: require.resolve("@goauthentik/docusaurus-config/css/index.css"),
},
} satisfies Preset.Options,
],
],
plugins: [
[
"@docusaurus/plugin-content-docs",
{
id: "docsIntegrations",
path: "integrations",
routeBasePath: "integrations",
sidebarPath: "./sidebarsIntegrations.js",
editUrl: "https://github.com/goauthentik/authentik/edit/main/website/",
},
],
[
"docusaurus-plugin-openapi-docs",
{
id: "api",
docsPluginId: "docs",
config: {
authentik: {
specPath: "static/schema.yml",
outputDir: "docs/developer-docs/api/reference/",
hideSendButton: true,
sidebarOptions: {
groupPathsBy: "tag",
},
} satisfies OpenApiPlugin.Options,
},
},
],
],
markdown: {
mermaid: true,
},
future: {
experimental_faster: true,
},
themes: ["@docusaurus/theme-mermaid", "docusaurus-theme-openapi-docs"],
};
};
module.exports = createConfig;

2
website/integrations/services/actual-budget/index.mdx
View File

@ -4,8 +4,8 @@ sidebar_label: Actual Budget
support_level: community
---
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
## What is Actual Budget

2
website/integrations/services/apache-guacamole/index.mdx
View File

@ -4,8 +4,8 @@ sidebar_label: Apache Guacamole™
support_level: authentik
---
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
## What is Apache Guacamole™

2
website/integrations/services/aws/index.mdx
View File

@ -21,8 +21,8 @@ The following placeholders are used in this guide:
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
:::
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs>
<TabItem value="iam" label="Classic IAM" default>

5
website/integrations/services/beszel/index.mdx
View File

@ -1,12 +1,9 @@
---
title: Integrate with Beszel
sidebar_label: Beszel
support_level: community
---
# Integrate With Beszel
<span class="badge badge--secondary">Support level: Community</span>
## What is Beszel
> Beszel is a lightweight server monitoring platform that provides Docker statistics, historical data, and configurable alerts.

7
website/integrations/services/bookstack/index.mdx
View File

@ -1,14 +1,11 @@
---
title: Integrate with BookStack
sidebar_label: BookStack
support_level: community
---
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
# Integrate with BookStack
<span class="badge badge--secondary">Support level: Community</span>
import Tabs from "@theme/Tabs";
## What is BookStack

4
website/integrations/services/chronograf/index.mdx
View File

@ -3,10 +3,6 @@ title: Integrate with Chronograf
sidebar_label: Chronograf
---
# Integrate with Chronograf
<span class="badge badge--secondary">Support level: Community</span>
## What is Chronograf
> Chronograf lets you quickly visualize the data stored in InfluxDB, enabling you to build robust queries and alerts. It is simple to use and comes with templates and libraries for rapidly creating dashboards with real-time data visualizations.

5
website/integrations/services/espocrm/index.md
View File

@ -1,12 +1,9 @@
---
title: Integrate with EspoCRM
sidebar_label: EspoCRM
support_level: community
---
# Integrate with EspoCRM
<span class="badge badge--secondary">Support level: Community</span>
## What is EspoCRM?
> EspoCRM is a CRM (customer relationship management) web application that allows users to store, visualize, and analyze their company's business-related relationships such as opportunities, people, businesses, and projects.

5
website/integrations/services/freshrss/index.mdx
View File

@ -1,12 +1,9 @@
---
title: Integrate with FreshRSS
sidebar_label: FreshRSS
support_level: community
---
# Integrate with FreshRSS
<span class="badge badge--secondary">Support level: Community</span>
## What is FreshRSS
> FreshRSS is a self-hosted RSS feed aggregator.

5
website/integrations/services/gatus/index.mdx
View File

@ -1,12 +1,9 @@
---
title: Integrate with Gatus
sidebar_label: Gatus
support_level: community
---
# Integrate with Gatus
<span class="badge badge--secondary">Support level: Community</span>
## What is Gatus?
> Gatus is a developer-oriented health dashboard that gives you the ability to monitor your services using HTTP, ICMP, TCP, and even DNS queries as well as evaluate the result of said queries by using a list of conditions on values like the status code, the response time, the certificate expiration, the body and many others. The icing on top is that each of these health checks can be paired with alerting via Slack, Teams, PagerDuty, Discord, Twilio and many more.

2
website/integrations/services/gitlab/index.mdx
View File

@ -29,8 +29,8 @@ This documentation lists only the settings that you need to change from their de
There are two ways to configure single sign-on for GitLab. You can configure it via SAML authentication or via OpenID Connect.
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="saml"

2
website/integrations/services/grafana/index.mdx
View File

@ -101,8 +101,8 @@ resource "authentik_group" "grafana_viewers" {
## Grafana configuration
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="docker"

2
website/integrations/services/index.mdx
View File

@ -3,8 +3,8 @@ title: Integrate with Applications
sidebar_label: Applications
---
import DocCardList from "@theme/DocCardList";
import SupportBadge from "@site/src/components/SupportBadge";
import DocCardList from "@theme/DocCardList";
# Applications

4
website/integrations/services/kimai/index.md
View File

@ -49,6 +49,8 @@ Paste the following block in your `local.yaml` file, after replacing the placeho
To get the value for `x509cert`, go to _System_ > _Certificates_, and download the public Signing Certificate. To avoid further problems, concat it into "string format" using e.g.: https://www.samltool.com/format_x509cert.php
<!-- prettier-ignore-start -->
```yaml
# Optionally add this for docker debug-logging
# monolog:
@ -127,4 +129,6 @@ kimai:
url: "https://kimai.company"
```
<!-- prettier-ignore-end -->
Afterwards, either [rebuild the cache](https://www.kimai.org/documentation/cache.html) or restart the docker container.

2
website/integrations/services/nextcloud/index.mdx
View File

@ -30,8 +30,8 @@ This documentation lists only the settings that you need to change from their de
It is possible to configure Nextcloud to use either OpenID Connect or SAML for authentication. Below are the steps to configure both methods.
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="oidc"

2
website/integrations/services/paperless-ngx/index.mdx
View File

@ -41,8 +41,8 @@ To support the integration of Paperless-ngx with authentik, you need to create a
## Paperless Configuration
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="docker"

5
website/integrations/services/plesk/index.md
View File

@ -1,12 +1,9 @@
---
title: Integrate with Plesk
sidebar_label: Plesk
support_level: community
---
# Integrate with Plesk
<span class="badge badge--secondary">Support level: Community</span>
## What is Plesk
> Plesk is a web hosting platform with a control panel that helps manage servers, applications, and websites through a comprehensive graphical user interface. It provides tools for web professionals, IT administrators, and hosting companies to simplify the process of hosting and managing websites.

5
website/integrations/services/pocketbase/index.md
View File

@ -1,12 +1,9 @@
---
title: Integrate with PocketBase
sidebar_label: PocketBase
support_level: community
---
# Integrate With PocketBase
<span class="badge badge--secondary">Support level: Community</span>
## What is PocketBase
> PocketBase is a lightweight backend solution that provides a built-in database, authentication, and file storage.

2
website/integrations/services/wekan/index.mdx
View File

@ -42,8 +42,8 @@ To support the integration of Wekan with authentik, you need to create an applic
## Wekan configuration
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="docker"

47
website/remark/enterprise-directive.mjs Normal file
View File

@ -0,0 +1,47 @@
/**
* @file Remark plugin to transform `ak-enterprise` directives into badges.
*
* @import { Root } from "mdast";
*/
import { h } from "hastscript";
import { SKIP, visit } from "unist-util-visit";
/**
* MDAST plugin to transform `ak-enterprise` directives into badges.
*/
function remarkEnterpriseDirective() {
/**
* @param {Root} tree The MDAST tree to transform.
*/
return function (tree) {
visit(tree, "textDirective", function (node) {
if (node.name !== "ak-enterprise") return SKIP;
const data = node.data || (node.data = {});
const hast = h("span", {
...node.attributes,
"className": "badge badge--primary",
"title": `This feature is available in the enterprise version of authentik.`,
"aria-description": "Enterprise badge",
"role": "img",
});
data.hName = hast.tagName;
data.hProperties = hast.properties;
data.hChildren = [
{
type: "text",
value: "Enterprise",
},
];
node.children = [];
return SKIP;
});
};
}
export default remarkEnterpriseDirective;

13
website/remark/preview-directive.ts → website/remark/preview-directive.mjs
View File

@ -1,14 +1,19 @@
/**
* @file Remark plugin to transform `ak-preview` directives into preview badges.
*
* @import { Root } from "mdast";
*/
import { h } from "hastscript";
import { Root } from "mdast";
import "mdast-util-directive";
import "mdast-util-to-hast";
import { SKIP, visit } from "unist-util-visit";
/**
* MDAST plugin to transform `ak-preview` directives into preview badges.
*/
function remarkPreviewDirective() {
return function (tree: Root) {
/**
* @param {Root} tree The MDAST tree to transform.
*/
return function (tree) {
visit(tree, "textDirective", function (node) {
if (node.name !== "ak-preview") return SKIP;

27
website/remark/support-directive.ts → website/remark/support-directive.mjs
View File

@ -1,29 +1,35 @@
/**
* @file Remark plugin to transform `ak-support` directives into support level badges.
*
* @import { Root } from "mdast";
*/
import { h } from "hastscript";
import { Root } from "mdast";
import "mdast-util-directive";
import "mdast-util-to-hast";
import { coerce } from "semver";
import { SKIP, visit } from "unist-util-visit";
/**
* Support levels for authentik.
* @typedef {"authentik" | "community" | "vendor" | "deprecated"} SupportLevel
*/
export type SupportLevel = "authentik" | "community" | "vendor" | "deprecated";
/**
* Mapping of support levels to badge classes.
*
* @satisfies {Record<SupportLevel, string>}
*/
export const SupportLevelToLabel = {
export const SupportLevelToLabel = /** @type {const} */ ({
authentik: "authentik",
community: "Community",
vendor: "Vendor",
deprecated: "Deprecated",
} as const satisfies Record<SupportLevel, string>;
});
/**
* Type-predicate to determine if a string is a known support level.
*
* @param {string} input The string to check.
* @return {input is SupportLevel} True if the string is a known support level.
*/
export function isSupportLevel(input: string): input is SupportLevel {
export function isSupportLevel(input) {
return Object.hasOwn(SupportLevelToLabel, input);
}
@ -31,7 +37,10 @@ export function isSupportLevel(input: string): input is SupportLevel {
* MDAST plugin to transform `ak-support` directives into preview badges.
*/
function remarkSupportDirective() {
return function (tree: Root) {
/**
* @param {Root} tree The MDAST tree to transform.
*/
return function (tree) {
visit(tree, "textDirective", function (node) {
if (node.name !== "ak-support") return SKIP;

13
website/remark/version-directive.ts → website/remark/version-directive.mjs
View File

@ -1,7 +1,9 @@
/**
* @file Remark plugin to transform `ak-version` directives into version badges.
*
* @import { Root } from "mdast";
*/
import { h } from "hastscript";
import { Root } from "mdast";
import "mdast-util-directive";
import "mdast-util-to-hast";
import { coerce } from "semver";
import { SKIP, visit } from "unist-util-visit";
@ -21,7 +23,10 @@ import { SKIP, visit } from "unist-util-visit";
* ```
*/
function remarkVersionDirective() {
return function (tree: Root) {
/**
* @param {Root} tree The MDAST tree to transform.
*/
return function (tree) {
visit(tree, "textDirective", function (node) {
if (node.name !== "ak-version") return SKIP;

796
website/sidebars.js
View File

@ -1,796 +0,0 @@
import apiReference from "./docs/developer-docs/api/reference/sidebar";
import { generateVersionDropdown } from "./src/utils.js";
const releases = [
"releases/2025/v2025.4",
"releases/2025/v2025.2",
"releases/2024/v2024.12",
{
type: "category",
label: "Previous versions",
items: [
"releases/2024/v2024.10",
"releases/2024/v2024.8",
"releases/2024/v2024.6",
"releases/2024/v2024.4",
"releases/2024/v2024.2",
"releases/2023/v2023.10",
"releases/2023/v2023.8",
"releases/2023/v2023.6",
"releases/2023/v2023.5",
"releases/2023/v2023.4",
"releases/2023/v2023.3",
"releases/2023/v2023.2",
"releases/2023/v2023.1",
"releases/2022/v2022.12",
"releases/2022/v2022.11",
"releases/2022/v2022.10",
"releases/2022/v2022.9",
"releases/2022/v2022.8",
"releases/2022/v2022.7",
"releases/2022/v2022.6",
"releases/2022/v2022.5",
"releases/2022/v2022.4",
"releases/2022/v2022.2",
"releases/2022/v2022.1",
"releases/2021/v2021.12",
"releases/2021/v2021.10",
"releases/2021/v2021.9",
"releases/2021/v2021.8",
"releases/2021/v2021.7",
"releases/2021/v2021.6",
"releases/2021/v2021.5",
"releases/2021/v2021.4",
"releases/2021/v2021.3",
"releases/2021/v2021.2",
"releases/2021/v2021.1",
"releases/old/v0.14",
"releases/old/v0.13",
"releases/old/v0.12",
"releases/old/v0.11",
"releases/old/v0.10",
"releases/old/v0.9",
],
},
];
export default {
docs: [
{
type: "html",
value: generateVersionDropdown(releases),
},
{
type: "doc",
id: "index",
},
{
type: "category",
label: "Core Concepts",
collapsed: true,
items: ["core/terminology", "core/architecture"],
},
{
type: "category",
label: "Enterprise",
collapsed: true,
link: {
type: "doc",
id: "enterprise/index",
},
items: [
"enterprise/get-started",
"enterprise/manage-enterprise",
"enterprise/entsupport",
],
},
{
type: "category",
label: "Installation and Configuration ",
collapsed: true,
link: {
type: "doc",
id: "install-config/index",
},
items: [
{
type: "category",
label: "Installation",
collapsed: true,
items: [
"install-config/install/docker-compose",
"install-config/install/kubernetes",
"install-config/install/aws",
],
},
{
type: "category",
label: "Configuration",
link: {
type: "doc",
id: "install-config/configuration/configuration",
},
items: [],
},
"install-config/upgrade",
"install-config/beta",
"install-config/reverse-proxy",
"install-config/automated-install",
"install-config/air-gapped",
],
},
{
type: "category",
label: "Add and Secure Applications",
collapsed: true,
items: [
{
type: "category",
label: "Applications",
link: {
type: "doc",
id: "add-secure-apps/applications/index",
},
items: ["add-secure-apps/applications/manage_apps"],
},
{
type: "category",
label: "Providers",
link: {
type: "doc",
id: "add-secure-apps/providers/index",
},
items: [
{
type: "category",
label: "Property Mappings",
link: {
type: "doc",
id: "add-secure-apps/providers/property-mappings/index",
},
items: ["add-secure-apps/providers/property-mappings/expression"],
},
{
type: "category",
label: "Google Workspace Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/gws/index",
},
items: [
"add-secure-apps/providers/gws/setup-gws",
"add-secure-apps/providers/gws/add-gws-provider",
],
},
{
type: "category",
label: "LDAP Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/ldap/index",
},
items: ["add-secure-apps/providers/ldap/generic_setup"],
},
{
type: "category",
label: "Microsoft Entra ID Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/entra/index",
},
items: [
"add-secure-apps/providers/entra/setup-entra",
"add-secure-apps/providers/entra/add-entra-provider",
],
},
{
type: "category",
label: "OAuth2 Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/oauth2/index",
},
items: [
"add-secure-apps/providers/oauth2/create-oauth2-provider",
"add-secure-apps/providers/oauth2/client_credentials",
"add-secure-apps/providers/oauth2/device_code",
"add-secure-apps/providers/oauth2/github-compatibility",
"add-secure-apps/providers/oauth2/webfinger_support",
],
},
{
type: "category",
label: "Proxy Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/proxy/index",
},
items: [
"add-secure-apps/providers/proxy/custom_headers",
"add-secure-apps/providers/proxy/header_authentication",
{
type: "category",
label: "Forward authentication",
link: {
type: "doc",
id: "add-secure-apps/providers/proxy/forward_auth",
},
items: [
"add-secure-apps/providers/proxy/server_nginx",
"add-secure-apps/providers/proxy/server_traefik",
"add-secure-apps/providers/proxy/server_envoy",
"add-secure-apps/providers/proxy/server_caddy",
],
},
],
},
{
type: "category",
label: "RAC (Remote Access Control) Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/rac/index",
},
items: ["add-secure-apps/providers/rac/how-to-rac"],
},
"add-secure-apps/providers/radius/index",
"add-secure-apps/providers/saml/index",
"add-secure-apps/providers/scim/index",
{
type: "category",
label: "SSF Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/ssf/index",
},
items: ["add-secure-apps/providers/ssf/create-ssf-provider"],
},
],
},
{
type: "category",
label: "Flows and Stages",
collapsed: true,
items: [
{
type: "category",
label: "Flows",
link: {
type: "doc",
id: "add-secure-apps/flows-stages/flow/index",
},
items: [
"add-secure-apps/flows-stages/flow/inspector",
"add-secure-apps/flows-stages/flow/context/index",
{
type: "category",
label: "Defaults and Examples",
items: [
"add-secure-apps/flows-stages/flow/examples/flows",
"add-secure-apps/flows-stages/flow/examples/default_flows",
"add-secure-apps/flows-stages/flow/examples/snippets",
],
},
{
type: "category",
label: "Executors",
items: [
"add-secure-apps/flows-stages/flow/executors/if-flow",
"add-secure-apps/flows-stages/flow/executors/sfe",
"add-secure-apps/flows-stages/flow/executors/user-settings",
"add-secure-apps/flows-stages/flow/executors/headless",
],
},
],
},
{
type: "category",
label: "Stages",
link: {
type: "doc",
id: "add-secure-apps/flows-stages/stages/index",
},
items: [
"add-secure-apps/flows-stages/stages/authenticator_duo/index",
"add-secure-apps/flows-stages/stages/authenticator_endpoint_gdtc/index",
"add-secure-apps/flows-stages/stages/authenticator_email/index",
"add-secure-apps/flows-stages/stages/authenticator_sms/index",
"add-secure-apps/flows-stages/stages/authenticator_static/index",
"add-secure-apps/flows-stages/stages/authenticator_totp/index",
"add-secure-apps/flows-stages/stages/authenticator_webauthn/index",
"add-secure-apps/flows-stages/stages/authenticator_validate/index",
"add-secure-apps/flows-stages/stages/captcha/index",
"add-secure-apps/flows-stages/stages/deny",
"add-secure-apps/flows-stages/stages/email/index",
"add-secure-apps/flows-stages/stages/identification/index",
"add-secure-apps/flows-stages/stages/invitation/index",
"add-secure-apps/flows-stages/stages/password/index",
"add-secure-apps/flows-stages/stages/prompt/index",
"add-secure-apps/flows-stages/stages/redirect/index",
"add-secure-apps/flows-stages/stages/source/index",
"add-secure-apps/flows-stages/stages/user_delete",
"add-secure-apps/flows-stages/stages/user_login/index",
"add-secure-apps/flows-stages/stages/user_logout",
"add-secure-apps/flows-stages/stages/user_write",
],
},
{
type: "category",
label: "Bindings",
link: {
type: "doc",
id: "add-secure-apps/flows-stages/bindings/index",
},
items: ["add-secure-apps/flows-stages/bindings/work_with_bindings"],
},
],
},
{
type: "category",
label: "Outposts",
link: {
type: "doc",
id: "add-secure-apps/outposts/index",
},
items: [
"add-secure-apps/outposts/embedded/embedded",
{
type: "category",
label: "Integrations",
items: [
"add-secure-apps/outposts/integrations/docker",
"add-secure-apps/outposts/integrations/kubernetes",
],
},
{
type: "category",
label: "Running and upgrading",
items: [
"add-secure-apps/outposts/manual-deploy-docker-compose",
"add-secure-apps/outposts/manual-deploy-kubernetes",
"add-secure-apps/outposts/upgrading",
],
},
"add-secure-apps/outposts/manual-deploy-docker-compose",
"add-secure-apps/outposts/manual-deploy-kubernetes",
],
},
],
},
{
type: "category",
label: "Customize your instance",
collapsed: true,
link: {
type: "doc",
id: "customize/index",
},
items: [
{
type: "category",
label: "Policies",
collapsed: true,
link: {
type: "doc",
id: "customize/policies/index",
},
items: [
"customize/policies/working_with_policies",
{
type: "category",
label: "Expression Policies",
link: {
type: "doc",
id: "customize/policies/expression",
},
items: [
"customize/policies/expression/unique_email",
"customize/policies/expression/whitelist_email",
"customize/policies/expression/managing_flow_context_keys",
],
},
"customize/policies/unique_password",
],
},
{
type: "category",
label: "Interfaces",
items: [
{
type: "category",
label: "Flow",
items: ["customize/interfaces/flow/customization"],
},
{
type: "category",
label: "User",
items: ["customize/interfaces/user/customization"],
},
{
type: "category",
label: "Admin",
items: ["customize/interfaces/admin/customization"],
},
],
},
{
type: "category",
label: "Blueprints",
link: {
type: "doc",
id: "customize/blueprints/index",
},
items: [
"customize/blueprints/export",
"customize/blueprints/v1/structure",
"customize/blueprints/v1/tags",
"customize/blueprints/v1/example",
{
type: "category",
label: "Models",
link: {
type: "doc",
id: "customize/blueprints/v1/models",
},
items: ["customize/blueprints/v1/meta"],
},
],
},
"customize/branding",
],
},
{
type: "category",
label: "Manage Users and Sources",
collapsed: true,
items: [
{
type: "category",
label: "Users",
link: {
type: "doc",
id: "users-sources/user/index",
},
items: [
"users-sources/user/user_basic_operations",
"users-sources/user/user_ref",
"users-sources/user/invitations",
],
},
{
type: "category",
label: "Groups",
link: {
type: "doc",
id: "users-sources/groups/index",
},
items: ["users-sources/groups/manage_groups", "users-sources/groups/group_ref"],
},
{
type: "category",
label: "Roles",
link: {
type: "doc",
id: "users-sources/roles/index",
},
items: ["users-sources/roles/manage_roles"],
},
{
type: "category",
label: "Access Control",
link: {
type: "doc",
id: "users-sources/access-control/index",
},
items: [
"users-sources/access-control/permissions",
"users-sources/access-control/manage_permissions",
"users-sources/access-control/initial_permissions",
],
},
{
type: "category",
label: "Federated and Social Sources",
collapsed: true,
link: {
type: "doc",
id: "users-sources/sources/index",
},
items: [
{
type: "category",
label: "Protocols",
collapsed: true,
items: [
{
type: "category",
label: "Kerberos",
link: {
type: "doc",
id: "users-sources/sources/protocols/kerberos/index",
},
items: ["users-sources/sources/protocols/kerberos/browser"],
},
"users-sources/sources/protocols/ldap/index",
"users-sources/sources/protocols/oauth/index",
"users-sources/sources/protocols/saml/index",
"users-sources/sources/protocols/scim/index",
],
},
{
type: "category",
label: "Source Property Mappings",
link: {
type: "doc",
id: "users-sources/sources/property-mappings/index",
},
items: ["users-sources/sources/property-mappings/expressions"],
},
{
type: "category",
label: "Directory synchronization",
items: [
"users-sources/sources/directory-sync/active-directory/index",
"users-sources/sources/directory-sync/freeipa/index",
],
},
{
type: "category",
label: "Identity Providers",
link: {
type: "doc",
id: "users-sources/sources/social-logins/index",
},
items: [
"users-sources/sources/social-logins/apple/index",
"users-sources/sources/social-logins/azure-ad/index",
"users-sources/sources/social-logins/discord/index",
"users-sources/sources/social-logins/facebook/index",
"users-sources/sources/social-logins/github/index",
{
type: "category",
label: "Google",
link: {
type: "doc",
id: "users-sources/sources/social-logins/google/index",
},
items: [
"users-sources/sources/social-logins/google/cloud/index",
"users-sources/sources/social-logins/google/workspace/index",
],
},
"users-sources/sources/social-logins/mailcow/index",
"users-sources/sources/social-logins/twitch/index",
"users-sources/sources/social-logins/plex/index",
"users-sources/sources/social-logins/twitter/index",
],
},
],
},
],
},
{
type: "category",
label: "System Management",
collapsed: true,
items: [
"sys-mgmt/brands",
{
type: "category",
label: "Operations",
collapsed: true,
items: [
"sys-mgmt/ops/monitoring",
"sys-mgmt/ops/storage-s3",
"sys-mgmt/ops/geoip",
"sys-mgmt/ops/backup-restore",
],
},
{
type: "category",
label: "Events",
collapsed: true,
link: {
type: "doc",
id: "sys-mgmt/events/index",
},
items: ["sys-mgmt/events/notifications", "sys-mgmt/events/transports"],
},
"sys-mgmt/certificates",
"sys-mgmt/settings",
"sys-mgmt/service-accounts",
],
},
{
type: "category",
label: "Developer Documentation",
collapsed: true,
link: {
type: "doc",
id: "developer-docs/index",
},
items: [
{
type: "category",
label: "Development environment",
items: [
"developer-docs/setup/full-dev-environment",
"developer-docs/setup/frontend-dev-environment",
"developer-docs/setup/website-dev-environment",
"developer-docs/setup/debugging",
],
},
{
type: "category",
label: "API",
link: {
type: "doc",
id: "developer-docs/api/api",
},
items: [
"developer-docs/api/flow-executor",
"developer-docs/api/making-schema-changes",
"developer-docs/api/websocket",
{
type: "category",
label: "Reference",
items: apiReference,
},
"developer-docs/api/clients",
],
},
{
type: "category",
label: "Writing documentation",
link: {
type: "doc",
id: "developer-docs/docs/writing-documentation",
},
items: [
"developer-docs/docs/style-guide",
{
type: "category",
label: "Templates",
link: {
type: "doc",
id: "developer-docs/docs/templates/index",
},
items: [
"developer-docs/docs/templates/procedural",
"developer-docs/docs/templates/conceptual",
"developer-docs/docs/templates/reference",
"developer-docs/docs/templates/combo",
],
},
],
},
{
type: "doc",
id: "developer-docs/releases/index",
},
"developer-docs/translation",
],
},
{
type: "category",
label: "Security",
collapsed: true,
link: {
type: "generated-index",
title: "Security",
slug: "security",
},
items: [
"security/policy",
"security/security-hardening",
{
type: "category",
label: "Audits and Certificates",
items: [
"security/audits-and-certs/2023-06-cure53",
"security/audits-and-certs/2024-11-cobalt",
],
},
{
type: "category",
label: "CVEs",
items: [
{
type: "category",
label: "2025",
items: ["security/cves/CVE-2025-29928"],
},
{
type: "category",
label: "2024",
items: [
"security/cves/CVE-2024-52307",
"security/cves/CVE-2024-52289",
"security/cves/CVE-2024-52287",
"security/cves/CVE-2024-47077",
"security/cves/CVE-2024-47070",
"security/cves/CVE-2024-42490",
"security/cves/CVE-2024-38371",
"security/cves/CVE-2024-37905",
"security/cves/CVE-2024-23647",
"security/cves/CVE-2024-21637",
],
},
{
type: "category",
label: "2023",
items: [
"security/cves/CVE-2023-48228",
"security/cves/GHSA-rjvp-29xq-f62w",
"security/cves/CVE-2023-39522",
"security/cves/CVE-2023-36456",
"security/cves/CVE-2023-26481",
],
},
{
type: "category",
label: "2022",
items: [
"security/cves/CVE-2022-46172",
"security/cves/CVE-2022-46145",
"security/cves/CVE-2022-23555",
],
},
],
},
],
},
{
type: "category",
label: "Troubleshooting",
link: {
type: "generated-index",
title: "Troubleshooting",
slug: "troubleshooting",
description: "Troubleshooting various issues",
},
items: [
{
type: "category",
label: "Forward auth",
items: ["troubleshooting/forward_auth/general"],
link: {
type: "generated-index",
title: "Forward auth troubleshooting",
slug: "troubleshooting/forward_auth",
description:
"Steps to help debug forward auth setups with various reverse proxies.",
},
},
{
type: "category",
label: "PostgreSQL",
items: [
"troubleshooting/postgres/upgrade_kubernetes",
"troubleshooting/postgres/upgrade_docker",
],
},
"troubleshooting/access",
"troubleshooting/login",
"troubleshooting/logs",
"troubleshooting/image_upload",
"troubleshooting/missing_permission",
"troubleshooting/missing_admin_group",
"troubleshooting/csrf",
"troubleshooting/emails",
"troubleshooting/ldap_source",
],
},
{
type: "category",
label: "Release Notes",
link: {
type: "generated-index",
title: "Releases",
slug: "releases",
description: "Release Notes for recent authentik versions",
},
items: releases,
},
],
};

810
website/sidebars/docs.mjs Normal file
View File

@ -0,0 +1,810 @@
/**
* @file Sidebar configuration for documentation entries.
*
* @import { SidebarItemConfig } from "@docusaurus/plugin-content-docs-types"
*/
import apiReference from "../docs/developer-docs/api/reference/sidebar";
import { generateVersionDropdown } from "../src/utils.js";
/**
* @type {SidebarItemConfig[]}
*/
const releases = [
"releases/2025/v2025.4",
"releases/2025/v2025.2",
"releases/2024/v2024.12",
{
type: "category",
label: "Previous versions",
items: [
"releases/2024/v2024.10",
"releases/2024/v2024.8",
"releases/2024/v2024.6",
"releases/2024/v2024.4",
"releases/2024/v2024.2",
"releases/2023/v2023.10",
"releases/2023/v2023.8",
"releases/2023/v2023.6",
"releases/2023/v2023.5",
"releases/2023/v2023.4",
"releases/2023/v2023.3",
"releases/2023/v2023.2",
"releases/2023/v2023.1",
"releases/2022/v2022.12",
"releases/2022/v2022.11",
"releases/2022/v2022.10",
"releases/2022/v2022.9",
"releases/2022/v2022.8",
"releases/2022/v2022.7",
"releases/2022/v2022.6",
"releases/2022/v2022.5",
"releases/2022/v2022.4",
"releases/2022/v2022.2",
"releases/2022/v2022.1",
"releases/2021/v2021.12",
"releases/2021/v2021.10",
"releases/2021/v2021.9",
"releases/2021/v2021.8",
"releases/2021/v2021.7",
"releases/2021/v2021.6",
"releases/2021/v2021.5",
"releases/2021/v2021.4",
"releases/2021/v2021.3",
"releases/2021/v2021.2",
"releases/2021/v2021.1",
"releases/old/v0.14",
"releases/old/v0.13",
"releases/old/v0.12",
"releases/old/v0.11",
"releases/old/v0.10",
"releases/old/v0.9",
],
},
];
/**
* @type {SidebarItemConfig[]}
*/
const items = [
{
type: "html",
value: generateVersionDropdown(releases),
},
{
type: "doc",
id: "index",
},
{
type: "category",
label: "Core Concepts",
collapsed: true,
items: ["core/terminology", "core/architecture"],
},
{
type: "category",
label: "Enterprise",
collapsed: true,
link: {
type: "doc",
id: "enterprise/index",
},
items: ["enterprise/get-started", "enterprise/manage-enterprise", "enterprise/entsupport"],
},
{
type: "category",
label: "Installation and Configuration ",
collapsed: true,
link: {
type: "doc",
id: "install-config/index",
},
items: [
{
type: "category",
label: "Installation",
collapsed: true,
items: [
"install-config/install/docker-compose",
"install-config/install/kubernetes",
"install-config/install/aws",
],
},
{
type: "category",
label: "Configuration",
link: {
type: "doc",
id: "install-config/configuration/configuration",
},
items: [],
},
"install-config/upgrade",
"install-config/beta",
"install-config/reverse-proxy",
"install-config/automated-install",
"install-config/air-gapped",
],
},
{
type: "category",
label: "Add and Secure Applications",
collapsed: true,
items: [
{
type: "category",
label: "Applications",
link: {
type: "doc",
id: "add-secure-apps/applications/index",
},
items: ["add-secure-apps/applications/manage_apps"],
},
{
type: "category",
label: "Providers",
link: {
type: "doc",
id: "add-secure-apps/providers/index",
},
items: [
{
type: "category",
label: "Property Mappings",
link: {
type: "doc",
id: "add-secure-apps/providers/property-mappings/index",
},
items: ["add-secure-apps/providers/property-mappings/expression"],
},
{
type: "category",
label: "Google Workspace Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/gws/index",
},
items: [
"add-secure-apps/providers/gws/setup-gws",
"add-secure-apps/providers/gws/add-gws-provider",
],
},
{
type: "category",
label: "LDAP Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/ldap/index",
},
items: ["add-secure-apps/providers/ldap/generic_setup"],
},
{
type: "category",
label: "Microsoft Entra ID Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/entra/index",
},
items: [
"add-secure-apps/providers/entra/setup-entra",
"add-secure-apps/providers/entra/add-entra-provider",
],
},
{
type: "category",
label: "OAuth2 Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/oauth2/index",
},
items: [
"add-secure-apps/providers/oauth2/create-oauth2-provider",
"add-secure-apps/providers/oauth2/client_credentials",
"add-secure-apps/providers/oauth2/device_code",
"add-secure-apps/providers/oauth2/github-compatibility",
"add-secure-apps/providers/oauth2/webfinger_support",
],
},
{
type: "category",
label: "Proxy Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/proxy/index",
},
items: [
"add-secure-apps/providers/proxy/custom_headers",
"add-secure-apps/providers/proxy/header_authentication",
{
type: "category",
label: "Forward authentication",
link: {
type: "doc",
id: "add-secure-apps/providers/proxy/forward_auth",
},
items: [
"add-secure-apps/providers/proxy/server_nginx",
"add-secure-apps/providers/proxy/server_traefik",
"add-secure-apps/providers/proxy/server_envoy",
"add-secure-apps/providers/proxy/server_caddy",
],
},
],
},
{
type: "category",
label: "RAC (Remote Access Control) Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/rac/index",
},
items: ["add-secure-apps/providers/rac/how-to-rac"],
},
"add-secure-apps/providers/radius/index",
"add-secure-apps/providers/saml/index",
"add-secure-apps/providers/scim/index",
{
type: "category",
label: "SSF Provider",
link: {
type: "doc",
id: "add-secure-apps/providers/ssf/index",
},
items: ["add-secure-apps/providers/ssf/create-ssf-provider"],
},
],
},
{
type: "category",
label: "Flows and Stages",
collapsed: true,
items: [
{
type: "category",
label: "Flows",
link: {
type: "doc",
id: "add-secure-apps/flows-stages/flow/index",
},
items: [
"add-secure-apps/flows-stages/flow/inspector",
"add-secure-apps/flows-stages/flow/context/index",
{
type: "category",
label: "Defaults and Examples",
items: [
"add-secure-apps/flows-stages/flow/examples/flows",
"add-secure-apps/flows-stages/flow/examples/default_flows",
"add-secure-apps/flows-stages/flow/examples/snippets",
],
},
{
type: "category",
label: "Executors",
items: [
"add-secure-apps/flows-stages/flow/executors/if-flow",
"add-secure-apps/flows-stages/flow/executors/sfe",
"add-secure-apps/flows-stages/flow/executors/user-settings",
"add-secure-apps/flows-stages/flow/executors/headless",
],
},
],
},
{
type: "category",
label: "Stages",
link: {
type: "doc",
id: "add-secure-apps/flows-stages/stages/index",
},
items: [
"add-secure-apps/flows-stages/stages/authenticator_duo/index",
"add-secure-apps/flows-stages/stages/authenticator_endpoint_gdtc/index",
"add-secure-apps/flows-stages/stages/authenticator_email/index",
"add-secure-apps/flows-stages/stages/authenticator_sms/index",
"add-secure-apps/flows-stages/stages/authenticator_static/index",
"add-secure-apps/flows-stages/stages/authenticator_totp/index",
"add-secure-apps/flows-stages/stages/authenticator_webauthn/index",
"add-secure-apps/flows-stages/stages/authenticator_validate/index",
"add-secure-apps/flows-stages/stages/captcha/index",
"add-secure-apps/flows-stages/stages/deny",
"add-secure-apps/flows-stages/stages/email/index",
"add-secure-apps/flows-stages/stages/identification/index",
"add-secure-apps/flows-stages/stages/invitation/index",
"add-secure-apps/flows-stages/stages/password/index",
"add-secure-apps/flows-stages/stages/prompt/index",
"add-secure-apps/flows-stages/stages/redirect/index",
"add-secure-apps/flows-stages/stages/source/index",
"add-secure-apps/flows-stages/stages/user_delete",
"add-secure-apps/flows-stages/stages/user_login/index",
"add-secure-apps/flows-stages/stages/user_logout",
"add-secure-apps/flows-stages/stages/user_write",
],
},
{
type: "category",
label: "Bindings",
link: {
type: "doc",
id: "add-secure-apps/flows-stages/bindings/index",
},
items: ["add-secure-apps/flows-stages/bindings/work_with_bindings"],
},
],
},
{
type: "category",
label: "Outposts",
link: {
type: "doc",
id: "add-secure-apps/outposts/index",
},
items: [
"add-secure-apps/outposts/embedded/embedded",
{
type: "category",
label: "Integrations",
items: [
"add-secure-apps/outposts/integrations/docker",
"add-secure-apps/outposts/integrations/kubernetes",
],
},
{
type: "category",
label: "Running and upgrading",
items: [
"add-secure-apps/outposts/manual-deploy-docker-compose",
"add-secure-apps/outposts/manual-deploy-kubernetes",
"add-secure-apps/outposts/upgrading",
],
},
"add-secure-apps/outposts/manual-deploy-docker-compose",
"add-secure-apps/outposts/manual-deploy-kubernetes",
],
},
],
},
{
type: "category",
label: "Customize your instance",
collapsed: true,
link: {
type: "doc",
id: "customize/index",
},
items: [
{
type: "category",
label: "Policies",
collapsed: true,
link: {
type: "doc",
id: "customize/policies/index",
},
items: [
"customize/policies/working_with_policies",
{
type: "category",
label: "Expression Policies",
link: {
type: "doc",
id: "customize/policies/expression",
},
items: [
"customize/policies/expression/unique_email",
"customize/policies/expression/whitelist_email",
"customize/policies/expression/managing_flow_context_keys",
],
},
"customize/policies/unique_password",
],
},
{
type: "category",
label: "Interfaces",
items: [
{
type: "category",
label: "Flow",
items: ["customize/interfaces/flow/customization"],
},
{
type: "category",
label: "User",
items: ["customize/interfaces/user/customization"],
},
{
type: "category",
label: "Admin",
items: ["customize/interfaces/admin/customization"],
},
],
},
{
type: "category",
label: "Blueprints",
link: {
type: "doc",
id: "customize/blueprints/index",
},
items: [
"customize/blueprints/export",
"customize/blueprints/v1/structure",
"customize/blueprints/v1/tags",
"customize/blueprints/v1/example",
{
type: "category",
label: "Models",
link: {
type: "doc",
id: "customize/blueprints/v1/models",
},
items: ["customize/blueprints/v1/meta"],
},
],
},
"customize/branding",
],
},
{
type: "category",
label: "Manage Users and Sources",
collapsed: true,
items: [
{
type: "category",
label: "Users",
link: {
type: "doc",
id: "users-sources/user/index",
},
items: [
"users-sources/user/user_basic_operations",
"users-sources/user/user_ref",
"users-sources/user/invitations",
],
},
{
type: "category",
label: "Groups",
link: {
type: "doc",
id: "users-sources/groups/index",
},
items: ["users-sources/groups/manage_groups", "users-sources/groups/group_ref"],
},
{
type: "category",
label: "Roles",
link: {
type: "doc",
id: "users-sources/roles/index",
},
items: ["users-sources/roles/manage_roles"],
},
{
type: "category",
label: "Access Control",
link: {
type: "doc",
id: "users-sources/access-control/index",
},
items: [
"users-sources/access-control/permissions",
"users-sources/access-control/manage_permissions",
"users-sources/access-control/initial_permissions",
],
},
{
type: "category",
label: "Federated and Social Sources",
collapsed: true,
link: {
type: "doc",
id: "users-sources/sources/index",
},
items: [
{
type: "category",
label: "Protocols",
collapsed: true,
items: [
{
type: "category",
label: "Kerberos",
link: {
type: "doc",
id: "users-sources/sources/protocols/kerberos/index",
},
items: ["users-sources/sources/protocols/kerberos/browser"],
},
"users-sources/sources/protocols/ldap/index",
"users-sources/sources/protocols/oauth/index",
"users-sources/sources/protocols/saml/index",
"users-sources/sources/protocols/scim/index",
],
},
{
type: "category",
label: "Source Property Mappings",
link: {
type: "doc",
id: "users-sources/sources/property-mappings/index",
},
items: ["users-sources/sources/property-mappings/expressions"],
},
{
type: "category",
label: "Directory synchronization",
items: [
"users-sources/sources/directory-sync/active-directory/index",
"users-sources/sources/directory-sync/freeipa/index",
],
},
{
type: "category",
label: "Identity Providers",
link: {
type: "doc",
id: "users-sources/sources/social-logins/index",
},
items: [
"users-sources/sources/social-logins/apple/index",
"users-sources/sources/social-logins/azure-ad/index",
"users-sources/sources/social-logins/discord/index",
"users-sources/sources/social-logins/facebook/index",
"users-sources/sources/social-logins/github/index",
{
type: "category",
label: "Google",
link: {
type: "doc",
id: "users-sources/sources/social-logins/google/index",
},
items: [
"users-sources/sources/social-logins/google/cloud/index",
"users-sources/sources/social-logins/google/workspace/index",
],
},
"users-sources/sources/social-logins/mailcow/index",
"users-sources/sources/social-logins/twitch/index",
"users-sources/sources/social-logins/plex/index",
"users-sources/sources/social-logins/twitter/index",
],
},
],
},
],
},
{
type: "category",
label: "System Management",
collapsed: true,
items: [
"sys-mgmt/brands",
{
type: "category",
label: "Operations",
collapsed: true,
items: [
"sys-mgmt/ops/monitoring",
"sys-mgmt/ops/storage-s3",
"sys-mgmt/ops/geoip",
"sys-mgmt/ops/backup-restore",
],
},
{
type: "category",
label: "Events",
collapsed: true,
link: {
type: "doc",
id: "sys-mgmt/events/index",
},
items: ["sys-mgmt/events/notifications", "sys-mgmt/events/transports"],
},
"sys-mgmt/certificates",
"sys-mgmt/settings",
"sys-mgmt/service-accounts",
],
},
{
type: "category",
label: "Developer Documentation",
collapsed: true,
link: {
type: "doc",
id: "developer-docs/index",
},
items: [
{
type: "category",
label: "Development environment",
items: [
"developer-docs/setup/full-dev-environment",
"developer-docs/setup/frontend-dev-environment",
"developer-docs/setup/website-dev-environment",
"developer-docs/setup/debugging",
],
},
{
type: "category",
label: "API",
link: {
type: "doc",
id: "developer-docs/api/api",
},
items: [
"developer-docs/api/flow-executor",
"developer-docs/api/making-schema-changes",
"developer-docs/api/websocket",
{
type: "category",
label: "Reference",
items: apiReference,
},
"developer-docs/api/clients",
],
},
{
type: "category",
label: "Writing documentation",
link: {
type: "doc",
id: "developer-docs/docs/writing-documentation",
},
items: [
"developer-docs/docs/style-guide",
{
type: "category",
label: "Templates",
link: {
type: "doc",
id: "developer-docs/docs/templates/index",
},
items: [
"developer-docs/docs/templates/procedural",
"developer-docs/docs/templates/conceptual",
"developer-docs/docs/templates/reference",
"developer-docs/docs/templates/combo",
],
},
],
},
{
type: "doc",
id: "developer-docs/releases/index",
},
"developer-docs/translation",
],
},
{
type: "category",
label: "Security",
collapsed: true,
link: {
type: "generated-index",
title: "Security",
slug: "security",
},
items: [
"security/policy",
"security/security-hardening",
{
type: "category",
label: "Audits and Certificates",
items: [
"security/audits-and-certs/2023-06-cure53",
"security/audits-and-certs/2024-11-cobalt",
],
},
{
type: "category",
label: "CVEs",
items: [
{
type: "category",
label: "2025",
items: ["security/cves/CVE-2025-29928"],
},
{
type: "category",
label: "2024",
items: [
"security/cves/CVE-2024-52307",
"security/cves/CVE-2024-52289",
"security/cves/CVE-2024-52287",
"security/cves/CVE-2024-47077",
"security/cves/CVE-2024-47070",
"security/cves/CVE-2024-42490",
"security/cves/CVE-2024-38371",
"security/cves/CVE-2024-37905",
"security/cves/CVE-2024-23647",
"security/cves/CVE-2024-21637",
],
},
{
type: "category",
label: "2023",
items: [
"security/cves/CVE-2023-48228",
"security/cves/GHSA-rjvp-29xq-f62w",
"security/cves/CVE-2023-39522",
"security/cves/CVE-2023-36456",
"security/cves/CVE-2023-26481",
],
},
{
type: "category",
label: "2022",
items: [
"security/cves/CVE-2022-46172",
"security/cves/CVE-2022-46145",
"security/cves/CVE-2022-23555",
],
},
],
},
],
},
{
type: "category",
label: "Troubleshooting",
link: {
type: "generated-index",
title: "Troubleshooting",
slug: "troubleshooting",
description: "Troubleshooting various issues",
},
items: [
{
type: "category",
label: "Forward auth",
items: ["troubleshooting/forward_auth/general"],
link: {
type: "generated-index",
title: "Forward auth troubleshooting",
slug: "troubleshooting/forward_auth",
description:
"Steps to help debug forward auth setups with various reverse proxies.",
},
},
{
type: "category",
label: "PostgreSQL",
items: [
"troubleshooting/postgres/upgrade_kubernetes",
"troubleshooting/postgres/upgrade_docker",
],
},
"troubleshooting/access",
"troubleshooting/login",
"troubleshooting/logs",
"troubleshooting/image_upload",
"troubleshooting/missing_permission",
"troubleshooting/missing_admin_group",
"troubleshooting/csrf",
"troubleshooting/emails",
"troubleshooting/ldap_source",
],
},
{
type: "category",
label: "Release Notes",
link: {
type: "generated-index",
title: "Releases",
slug: "releases",
description: "Release Notes for recent authentik versions",
},
items: releases,
},
];
/**
* @type {SidebarItemConfig}
*/
const sidebar = {
docs: items,
};
export default sidebar;

221
website/sidebars/integrations.mjs Normal file
View File

@ -0,0 +1,221 @@
/**
* @file Sidebar configuration for the authentik integrations.
*
* @import { SidebarItemConfig } from "@docusaurus/plugin-content-docs-types"
*/
/**
* @type {SidebarItemConfig[]}
*/
const items = [
{
type: "category",
label: "Device Management",
items: ["services/apple/index", "services/fleet/index"],
},
{
type: "category",
label: "Chat, Communication & Collaboration",
items: [
"services/bookstack/index",
"services/dokuwiki/index",
"services/espocrm/index",
"services/hedgedoc/index",
"services/kimai/index",
"services/mailcow/index",
"services/mastodon/index",
"services/matrix-synapse/index",
"services/mautic/index",
"services/mobilizon/index",
"services/nextcloud/index",
"services/onlyoffice/index",
"services/openproject/index",
"services/outline/index",
"services/owncloud/index",
"services/paperless-ng/index",
"services/paperless-ngx/index",
"services/rocketchat/index",
"services/roundcube/index",
"services/sharepoint-se/index",
"services/slack/index",
"services/thelounge/index",
"services/vikunja/index",
"services/wekan/index",
"services/wiki-js/index",
"services/writefreely/index",
"services/zulip/index",
],
},
{
type: "category",
label: "Cloud Providers",
items: [
"services/aws/index",
"services/google/index",
"services/hashicorp-cloud/index",
"services/oracle-cloud/index",
],
},
{
type: "category",
label: "Dashboards",
items: ["services/organizr/index", "services/linkwarden/index", "services/homarr/index"],
},
{
type: "category",
label: "Hypervisors / Orchestrators",
items: [
"services/portainer/index",
"services/proxmox-ve/index",
"services/rancher/index",
"services/xen-orchestra/index",
"services/vmware-vcenter/index",
],
},
{
type: "category",
label: "Infrastructure",
items: [
"services/apache-guacamole/index",
"services/argocd/index",
"services/awx-tower/index",
"services/cloudflare-access/index",
"services/globalprotect/index",
"services/harbor/index",
"services/hashicorp-vault/index",
"services/jenkins/index",
"services/knocknoc/index",
"services/meshcentral/index",
"services/minio/index",
"services/netbox/index",
"services/omni/index",
"services/pgadmin/index",
"services/phpipam/index",
"services/plesk/index",
"services/powerdns-admin/index",
"services/proftpd/index",
"services/qnap-nas/index",
"services/rustdesk-pro/index",
"services/semgrep/index",
"services/synology-dsm/index",
"services/skyhigh/index",
"services/snipe-it/index",
"services/sssd/index",
"services/terrakube/index",
"services/truecommand/index",
"services/veeam-enterprise-manager/index",
"services/xcreds/index",
"services/zammad/index",
],
},
{
type: "category",
label: "Networking",
items: [
"services/aruba-orchestrator/index",
"services/firezone/index",
"services/fortigate-admin/index",
"services/fortigate-ssl/index",
"services/fortimanager/index",
"services/gravity/index",
"services/netbird/index",
"services/opnsense/index",
"services/pfsense/index",
],
},
{
type: "category",
label: "Miscellaneous",
items: [
"services/actual-budget/index",
"services/adventurelog/index",
"services/calibre-web/index",
"services/engomo/index",
"services/frappe/index",
"services/freshrss/index",
"services/gravitee/index",
"services/karakeep/index",
"services/home-assistant/index",
"services/immich/index",
"services/jellyfin/index",
"services/komga/index",
"services/mealie/index",
"services/miniflux/index",
"services/node-red/index",
"services/open-webui/index",
"services/semaphore/index",
"services/sonar-qube/index",
"services/sonarr/index",
"services/tandoor/index",
"services/tautulli/index",
"services/weblate/index",
"services/youtrack/index",
"services/zipline/index",
],
},
{
type: "category",
label: "Monitoring",
items: [
"services/beszel/index",
"services/chronograf/index",
"services/gatus/index",
"services/glitchtip/index",
"services/grafana/index",
"services/observium/index",
"services/sentry/index",
"services/ubuntu-landscape/index",
"services/uptime-kuma/index",
"services/wazuh/index",
"services/zabbix/index",
"services/whats-up-docker/index",
],
},
{
type: "category",
label: "Platforms",
items: [
"services/atlassian/index",
"services/budibase/index",
"services/drupal/index",
"services/pocketbase/index",
"services/wordpress/index",
],
},
{
type: "category",
label: "Version Control Systems",
items: [
"services/gitea/index",
"services/github-organization/index",
"services/github-enterprise-cloud/index",
"services/github-enterprise-emu/index",
"services/github-enterprise-server/index",
"services/gitlab/index",
],
},
];
/**
* @satisfies {SidebarItemConfig}
*/
const integrationsSidebar = {
integrations: [
{
type: "doc",
id: "index",
},
{
type: "category",
label: "Applications",
collapsed: false,
link: {
type: "doc",
id: "services/index",
},
items,
},
],
};
export default integrationsSidebar;

33
website/test/sidebarIntegrations.mjs → website/sidebars/integrations.test.mjs
View File

@ -1,28 +1,48 @@
/**
* @file Test suite for the sidebar configuration of the authentik integrations.
*
* @todo Enforce types.
*/
import FastGlob from "fast-glob";
import assert from "node:assert";
import test from "node:test";
import sidebar from "../sidebarsIntegrations.js";
import sidebar from "./integrations.mjs";
const getSidebarItems = () => {
/**
* @type {any[]}
*/
const allItems = [];
/**
*
* @param {any} category
*/
const mapper = (category) => {
if (!category.items) {
return;
}
category.items.forEach((item) => {
if (item.constructor === String) {
category.items.forEach(
/**
*
* @param {any} item
*/
(item) => {
if (typeof item === "string") {
allItems.push(item);
} else {
mapper(item);
}
});
},
);
};
sidebar.integrations.forEach(mapper);
return allItems.sort();
};
test("ensure all services have a sidebar entry", (t) => {
test("ensure all services have a sidebar entry", (_t) => {
// All services in the sidebar
const services = getSidebarItems()
.filter((entry) => entry.startsWith("services/"))
@ -39,7 +59,7 @@ test("ensure all services have a sidebar entry", (t) => {
});
});
test("ensure all sources have a sidebar entry", (t) => {
test("ensure all sources have a sidebar entry", (_t) => {
// All sources in the sidebar
const sources = getSidebarItems()
.filter((entry) => entry.startsWith("sources/"))
@ -51,6 +71,7 @@ test("ensure all sources have a sidebar entry", (t) => {
.map((entry) => entry.replace(/\/index\.mdx?/, ""))
.map((entry) => entry.replace(".md", ""))
.sort();
sourceFiles.forEach((file, idx) => {
assert.strictEqual(file, sources[idx]);
});

209
website/sidebarsIntegrations.js
View File

@ -1,209 +0,0 @@
module.exports = {
integrations: [
{
type: "doc",
id: "index",
},
{
type: "category",
label: "Applications",
collapsed: false,
link: {
type: "doc",
id: "services/index",
},
items: [
{
type: "category",
label: "Device Management",
items: ["services/apple/index", "services/fleet/index"],
},
{
type: "category",
label: "Chat, Communication & Collaboration",
items: [
"services/bookstack/index",
"services/dokuwiki/index",
"services/espocrm/index",
"services/hedgedoc/index",
"services/kimai/index",
"services/mailcow/index",
"services/mastodon/index",
"services/matrix-synapse/index",
"services/mautic/index",
"services/mobilizon/index",
"services/nextcloud/index",
"services/onlyoffice/index",
"services/openproject/index",
"services/outline/index",
"services/owncloud/index",
"services/paperless-ng/index",
"services/paperless-ngx/index",
"services/rocketchat/index",
"services/roundcube/index",
"services/sharepoint-se/index",
"services/slack/index",
"services/thelounge/index",
"services/vikunja/index",
"services/wekan/index",
"services/wiki-js/index",
"services/writefreely/index",
"services/zulip/index",
],
},
{
type: "category",
label: "Cloud Providers",
items: [
"services/aws/index",
"services/google/index",
"services/hashicorp-cloud/index",
"services/oracle-cloud/index",
],
},
{
type: "category",
label: "Dashboards",
items: [
"services/organizr/index",
"services/linkwarden/index",
"services/homarr/index",
],
},
{
type: "category",
label: "Hypervisors / Orchestrators",
items: [
"services/portainer/index",
"services/proxmox-ve/index",
"services/rancher/index",
"services/xen-orchestra/index",
"services/vmware-vcenter/index",
],
},
{
type: "category",
label: "Infrastructure",
items: [
"services/apache-guacamole/index",
"services/argocd/index",
"services/awx-tower/index",
"services/cloudflare-access/index",
"services/globalprotect/index",
"services/harbor/index",
"services/hashicorp-vault/index",
"services/jenkins/index",
"services/knocknoc/index",
"services/meshcentral/index",
"services/minio/index",
"services/netbox/index",
"services/omni/index",
"services/pgadmin/index",
"services/phpipam/index",
"services/plesk/index",
"services/powerdns-admin/index",
"services/proftpd/index",
"services/qnap-nas/index",
"services/rustdesk-pro/index",
"services/semgrep/index",
"services/synology-dsm/index",
"services/skyhigh/index",
"services/snipe-it/index",
"services/sssd/index",
"services/terrakube/index",
"services/truecommand/index",
"services/veeam-enterprise-manager/index",
"services/xcreds/index",
"services/zammad/index",
],
},
{
type: "category",
label: "Networking",
items: [
"services/aruba-orchestrator/index",
"services/firezone/index",
"services/fortigate-admin/index",
"services/fortigate-ssl/index",
"services/fortimanager/index",
"services/gravity/index",
"services/netbird/index",
"services/opnsense/index",
"services/pfsense/index",
],
},
{
type: "category",
label: "Miscellaneous",
items: [
"services/actual-budget/index",
"services/adventurelog/index",
"services/calibre-web/index",
"services/engomo/index",
"services/frappe/index",
"services/freshrss/index",
"services/gravitee/index",
"services/karakeep/index",
"services/home-assistant/index",
"services/immich/index",
"services/jellyfin/index",
"services/komga/index",
"services/mealie/index",
"services/miniflux/index",
"services/node-red/index",
"services/open-webui/index",
"services/semaphore/index",
"services/sonar-qube/index",
"services/sonarr/index",
"services/tandoor/index",
"services/tautulli/index",
"services/weblate/index",
"services/youtrack/index",
"services/zipline/index",
],
},
{
type: "category",
label: "Monitoring",
items: [
"services/beszel/index",
"services/chronograf/index",
"services/gatus/index",
"services/glitchtip/index",
"services/grafana/index",
"services/observium/index",
"services/sentry/index",
"services/ubuntu-landscape/index",
"services/uptime-kuma/index",
"services/wazuh/index",
"services/zabbix/index",
"services/whats-up-docker/index",
],
},
{
type: "category",
label: "Platforms",
items: [
"services/atlassian/index",
"services/budibase/index",
"services/drupal/index",
"services/pocketbase/index",
"services/wordpress/index",
],
},
{
type: "category",
label: "Version Control Systems",
items: [
"services/gitea/index",
"services/github-organization/index",
"services/github-enterprise-cloud/index",
"services/github-enterprise-emu/index",
"services/github-enterprise-server/index",
"services/gitlab/index",
],
},
],
},
],
};

2
website/src/components/SupportBadge.tsx
View File

@ -1,4 +1,4 @@
import { SupportLevelToLabel, isSupportLevel } from "@site/remark/support-directive";
import { SupportLevelToLabel, isSupportLevel } from "@site/remark/support-directive.mjs";
import React from "react";
export interface SupportBadgeProps {

58
website/src/theme/DocItem/Content/index.tsx
View File

@ -1,3 +1,4 @@
/// <reference types="@docusaurus/plugin-content-docs" />
/**
* @file Swizzled DocItemContent component.
*
@ -7,8 +8,7 @@
* the content of a documentation page. However, it also adds support for
* support badges, and Authentik version badges.
*/
import { DocFrontMatter } from "@docusaurus/plugin-content-docs";
import { DocContextValue, useDoc } from "@docusaurus/plugin-content-docs/client";
import { useDoc } from "@docusaurus/plugin-content-docs/client";
import { ThemeClassNames } from "@docusaurus/theme-common";
import { SupportBadge } from "@site/src/components/SupportBadge";
import { VersionBadge } from "@site/src/components/VersionBadge";
@ -17,24 +17,25 @@ import type { Props } from "@theme/DocItem/Content";
import Heading from "@theme/Heading";
import MDXContent from "@theme/MDXContent";
import clsx from "clsx";
import React from "react";
import React, { useEffect } from "react";
interface SwizzledDocFrontMatter extends DocFrontMatter {
support_level?: string;
authentik_version?: string;
authentik_preview: boolean;
authentik_enterprise: boolean;
class MarkdownLintError extends Error {
constructor(message: string) {
super(message);
this.name = "MarkdownLintError";
}
interface SwizzledDocContextValue extends DocContextValue {
frontMatter: SwizzledDocFrontMatter;
}
const DocItemContent: React.FC<Props> = ({ children }) => {
const syntheticTitle = useSyntheticTitle();
const { frontMatter } = useDoc() as SwizzledDocContextValue;
const { support_level, authentik_version, authentik_enterprise, authentik_preview } =
frontMatter;
const { frontMatter, metadata, contentTitle } = useDoc();
const {
// ---
support_level,
authentik_version,
authentik_enterprise,
authentik_preview,
} = frontMatter;
const badges: JSX.Element[] = [];
@ -54,6 +55,35 @@ const DocItemContent: React.FC<Props> = ({ children }) => {
badges.push(<span className="badge badge--primary">Enterprise</span>);
}
if (badges.length && !syntheticTitle) {
throw new MarkdownLintError(
`${metadata.id}: ${badges.length} Badge(s) found with a missing synthetic title. Remove the page heading and set it via the frontmatter.`,
);
}
if (frontMatter.title && contentTitle && frontMatter.title === contentTitle) {
throw new MarkdownLintError(
`${metadata.id}: Synthetic title "${frontMatter.title}" and content title "${contentTitle}" are the same. Remove the first heading and let the frontmatter set the title.`,
);
}
useEffect(() => {
const invalidBadges = document.querySelectorAll(`.theme-doc-markdown > header + .badge,
.theme-doc-markdown .markdown > .badge
`);
if (!invalidBadges.length) return;
console.error(
`Found ${invalidBadges.length} invalid badges on ${metadata.id}`,
invalidBadges,
);
throw new MarkdownLintError(
`${metadata.id}: ${invalidBadges.length} Badge(s) defined in markdown content instead of the frontmatter.`,
);
}, []);
return (
<div className={clsx(ThemeClassNames.docs.docMarkdown, "markdown")}>
{syntheticTitle ? (

11
website/src/theme/EditMetaRow/index.tsx
View File

@ -1,11 +1,10 @@
import Translate from "@docusaurus/Translate";
import Admonition from "@theme/Admonition";
import IconNote from "@theme/Admonition/Icon/Note";
import type { Props } from "@theme/EditMetaRow";
import EditThisPage from "@theme/EditThisPage";
import LastUpdated from "@theme/LastUpdated";
import clsx from "clsx";
import React, { type ReactNode } from "react";
import React from "react";
import styles from "./styles.module.css";
@ -49,11 +48,11 @@ const EditMetaRow: React.FC<Props> = ({
<div className="row">
<div className="col col--12">
<ul>
{editUrl && (
{editUrl ? (
<li>
<EditThisPage editUrl={editUrl} />
</li>
)}
) : null}
<li>
<a
@ -106,9 +105,9 @@ const EditMetaRow: React.FC<Props> = ({
<div className="row">
<div className={clsx("col", styles.lastUpdated)}>
{(lastUpdatedAt || lastUpdatedBy) && (
{lastUpdatedAt || lastUpdatedBy ? (
<LastUpdated lastUpdatedAt={lastUpdatedAt} lastUpdatedBy={lastUpdatedBy} />
)}
) : null}
</div>
</div>
</>

45
website/types/docusaurus.d.ts vendored Normal file
View File

@ -0,0 +1,45 @@
/**
* @file Supplemental type definitions for Docusaurus.
*
* @remarks
*
* Docusaurus uses an unconventional module resolution strategy, which can lead to
* issues when using TypeScript.
*
* The types in this file are intended to expose less visible types to TypeScript's
* project references, allowing for better type checking and autocompletion.
*/
declare module "@docusaurus/plugin-content-docs-types" {
export * from "@docusaurus/plugin-content-docs";
export * from "@docusaurus/plugin-content-docs/src/types.ts";
export * from "@docusaurus/plugin-content-docs/src/sidebars/types.ts";
}
declare module "@docusaurus/plugin-content-docs/src/sidebars/types" {
export * from "@docusaurus/plugin-content-docs/src/sidebars/types.ts";
}
declare module "@docusaurus/plugin-content-docs/client" {
import { DocContextValue as BaseDocContextValue } from "@docusaurus/plugin-content-docs/lib/client/doc.js";
import { DocFrontMatter as BaseDocFrontMatter } from "@docusaurus/plugin-content-docs";
/**
* @monkeypatch
*/
export interface DocFrontMatter extends BaseDocFrontMatter {
support_level?: string;
authentik_version?: string;
authentik_preview: boolean;
authentik_enterprise: boolean;
}
export interface DocContextValue extends BaseDocContextValue {
/**
* @monkeypatch
*/
frontMatter: DocFrontMatter;
}
export function useDoc(): DocContextValue;
}