website: format docs with prettier (#2833)

* run prettier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add scim to comparison Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-09 21:22:41 +02:00
parent 26d92d9259
commit f9469e3f99
148 changed files with 3447 additions and 3107 deletions
--- a/website/integrations/sources/active-directory/index.md
+++ b/website/integrations/sources/active-directory/index.md
@ -6,8 +6,8 @@ title: Active Directory

 The following placeholders will be used:

- `ad.company` is the Name of the Active Directory domain.
- `authentik.company` is the FQDN of the authentik install.
+-   `ad.company` is the Name of the Active Directory domain.
+-   `authentik.company` is the FQDN of the authentik install.

 ## Active Directory setup

@ -27,7 +27,7 @@ The following placeholders will be used:

    ![](./02_delegate.png)

-7. Grant these additional permissions (only required when *Sync users' password* is enabled, and dependent on your AD Domain)
+7. Grant these additional permissions (only required when _Sync users' password_ is enabled, and dependent on your AD Domain)

    ![](./03_additional_perms.png)

@ -39,7 +39,7 @@ In authentik, create a new LDAP Source in Directory -> Federation & Social login

 Use these settings:

- Server URI: `ldap://ad.company`
+-   Server URI: `ldap://ad.company`

    For authentik to be able to write passwords back to Active Directory, make sure to use `ldaps://`. You can test to verify LDAPS is working using `ldp.exe`.

@ -47,20 +47,20 @@ Use these settings:

    When using a DNS entry with multiple Records, authentik will select a random entry when first connecting.

- Bind CN: `<name of your service user>@ad.company`
- Bind Password: The password you've given the user above
- Base DN: The base DN which you want authentik to sync
- Property mappings: Control/Command-select all Mappings which start with "authentik default LDAP" and "authentik default Active Directory"
- Group property mappings: Select "authentik default LDAP Mapping: Name"
+-   Bind CN: `<name of your service user>@ad.company`
+-   Bind Password: The password you've given the user above
+-   Base DN: The base DN which you want authentik to sync
+-   Property mappings: Control/Command-select all Mappings which start with "authentik default LDAP" and "authentik default Active Directory"
+-   Group property mappings: Select "authentik default LDAP Mapping: Name"

 Additional settings that might need to be adjusted based on the setup of your domain:

- Group: If enabled, all synchronized groups will be given this group as a parent.
- Addition User/Group DN: Additional DN which is _prepended_ to your Base DN configured above to limit the scope of synchronization for Users and Groups
- User object filter: Which objects should be considered users. For Active Directory set it to `(&(objectClass=user)(!(objectClass=computer)))` to exclude Computer accounts.
- Group object filter: Which objects should be considered groups.
- Group membership field: Which user field saves the group membership
- Object uniqueness field: A user field which contains a unique Identifier
+-   Group: If enabled, all synchronized groups will be given this group as a parent.
+-   Addition User/Group DN: Additional DN which is _prepended_ to your Base DN configured above to limit the scope of synchronization for Users and Groups
+-   User object filter: Which objects should be considered users. For Active Directory set it to `(&(objectClass=user)(!(objectClass=computer)))` to exclude Computer accounts.
+-   Group object filter: Which objects should be considered groups.
+-   Group membership field: Which user field saves the group membership
+-   Object uniqueness field: A user field which contains a unique Identifier

 After you save the source, a synchronization will start in the background. When its done, you can see the summary under Dashboards -> System Tasks.

--- a/website/integrations/sources/apple/index.md
+++ b/website/integrations/sources/apple/index.md
@ -12,7 +12,7 @@ An Apple developer account is required for this.

 The following placeholders will be used:

- `authentik.company` is the FQDN of the authentik install.
+-   `authentik.company` is the FQDN of the authentik install.

 ## Apple

--- a/website/integrations/sources/azure-ad/index.md
+++ b/website/integrations/sources/azure-ad/index.md
@ -6,38 +6,40 @@ title: Azure AD

 The following placeholders will be used:

- `authentik.company` is the FQDN of the authentik install.
+-   `authentik.company` is the FQDN of the authentik install.

 ## Azure setup

-1. Navigate to [portal.azure.com](https://portal.azure.com), and open the *App registration* service
+1. Navigate to [portal.azure.com](https://portal.azure.com), and open the _App registration_ service
 2. Register a new application

-    Under *Supported account types*, select whichever account type applies to your use-case.
+    Under _Supported account types_, select whichever account type applies to your use-case.

    ![](./aad_01.png)
-3. Take note of the *Application (client) ID* value.

-    If you selected *Single tenant* in the *Supported account types* prompt, also note the *Directory (tenant) ID* value.
-4. Navigate to *Certificates & secrets* in the sidebar, and to the *Client secrets* tab.
+3. Take note of the _Application (client) ID_ value.
+
+    If you selected _Single tenant_ in the _Supported account types_ prompt, also note the _Directory (tenant) ID_ value.
+
+4. Navigate to _Certificates & secrets_ in the sidebar, and to the _Client secrets_ tab.
 5. Add a new secret, with an identifier of your choice, and select any expiration. Currently the secret in authentik has to be rotated manually or via API, so it is recommended to choose at least 12 months.
-6. Note the secret's value in the *Value* column.
+6. Note the secret's value in the _Value_ column.

 ## authentik Setup

-In authentik, create a new *Azure AD OAuth Source* in Resources -> Sources.
+In authentik, create a new _Azure AD OAuth Source_ in Resources -> Sources.

 Use the following settings:

- Name: `Azure AD`
- Slug: `azure-ad` (this must match the URL being used above)
- Consumer key: `*Application (client) ID* value from above`
- Consumer secret: `*Value* of the secret from above`
+-   Name: `Azure AD`
+-   Slug: `azure-ad` (this must match the URL being used above)
+-   Consumer key: `*Application (client) ID* value from above`
+-   Consumer secret: `*Value* of the secret from above`

-If you kept the default *Supported account types* selection of *Single tenant*, then you must change the URLs below as well:
+If you kept the default _Supported account types_ selection of _Single tenant_, then you must change the URLs below as well:

- Authorization URL: `https://login.microsoftonline.com/*Directory (tenant) ID* from above/oauth2/v2.0/authorize`
- Access token URL: `https://login.microsoftonline.com/*Directory (tenant) ID* from above/oauth2/v2.0/token`
+-   Authorization URL: `https://login.microsoftonline.com/*Directory (tenant) ID* from above/oauth2/v2.0/authorize`
+-   Access token URL: `https://login.microsoftonline.com/*Directory (tenant) ID* from above/oauth2/v2.0/token`

 ![](./authentik_01.png)

--- a/website/integrations/sources/discord/index.md
+++ b/website/integrations/sources/discord/index.md
@ -8,8 +8,7 @@ Allows users to authenticate using their Discord credentials

 The following placeholders will be used:

- `authentik.company` is the FQDN of the authentik install.
-
+-   `authentik.company` is the FQDN of the authentik install.

 ## Discord

--- a/website/integrations/sources/freeipa/index.md
+++ b/website/integrations/sources/freeipa/index.md
@ -6,9 +6,9 @@ title: FreeIPA

 The following placeholders will be used:

- `svc_authentik` is the name of the bind account.
- `freeipa.company` is the Name of the domain.
- `ipa1.freeipa.company` is the Name of the FreeIPA server.
+-   `svc_authentik` is the name of the bind account.
+-   `freeipa.company` is the Name of the domain.
+-   `ipa1.freeipa.company` is the Name of the FreeIPA server.

 ## FreeIPA Setup

@ -40,31 +40,32 @@ The following placeholders will be used:
 Additional info: [22.1.2. Enabling Password Reset Without Prompting for a Password Change at the Next Login](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/user-authentication#user-passwords-no-expiry)

 ## authentik Setup
+
 In authentik, create a new LDAP Source in Resources -> Sources.

 Use these settings:

- Server URI: `ldaps://ipa1.freeipa.company`
+-   Server URI: `ldaps://ipa1.freeipa.company`

    You can specify multiple servers by separating URIs with a comma, like `ldap://ipa1.freeipa.company,ldap://ipa2.freeipa.company`.

    When using a DNS entry with multiple Records, authentik will select a random entry when first connecting.

- Bind CN: `uid=svc_authentik,cn=users,cn=accounts,dc=freeipa,dc=company`
- Bind Password: The password you've given the user above
- Base DN: `dc=freeipa,dc=company`
- Property mappings: Control/Command-select all Mappings which start with "authentik default LDAP" and "authentik default OpenLDAP"
- Group property mappings: Select "authentik default OpenLDAP Mapping: cn"
+-   Bind CN: `uid=svc_authentik,cn=users,cn=accounts,dc=freeipa,dc=company`
+-   Bind Password: The password you've given the user above
+-   Base DN: `dc=freeipa,dc=company`
+-   Property mappings: Control/Command-select all Mappings which start with "authentik default LDAP" and "authentik default OpenLDAP"
+-   Group property mappings: Select "authentik default OpenLDAP Mapping: cn"

 Additional settings:

- Group: If selected, all synchronized groups will be given this group as a parent.
- Addition User/Group DN: `cn=users,cn=accounts`
- Addition Group DN: `cn=groups,cn=accounts`
- User object filter: `(objectClass=person)`
- Group object filter: `(objectClass=groupofnames)`
- Group membership field: `member`
- Object uniqueness field: `ipaUniqueID`
+-   Group: If selected, all synchronized groups will be given this group as a parent.
+-   Addition User/Group DN: `cn=users,cn=accounts`
+-   Addition Group DN: `cn=groups,cn=accounts`
+-   User object filter: `(objectClass=person)`
+-   Group object filter: `(objectClass=groupofnames)`
+-   Group membership field: `member`
+-   Object uniqueness field: `ipaUniqueID`

    ![](./04_source_settings_1.png)
    ![](./05_source_settings_2.png)
--- a/website/integrations/sources/github/index.md
+++ b/website/integrations/sources/github/index.md
@ -8,8 +8,8 @@ Allows users to authenticate using their Github credentials

 The following placeholders will be used:

- `authentik.company` is the FQDN of the authentik install.
- `www.my.company` Homepage URL for your site
+-   `authentik.company` is the FQDN of the authentik install.
+-   `www.my.company` Homepage URL for your site

 ## Github

@ -27,7 +27,7 @@ Example screenshot
 ![Example Screen](githubdeveloperexample.png)

 6. Copy the **Client ID** and _save it for later_
-7. Click **Generate a new client secret** and _save it for later_  You will not be able to see the secret again, so be sure to copy it now.
+7. Click **Generate a new client secret** and _save it for later_ You will not be able to see the secret again, so be sure to copy it now.

 ## authentik

@ -35,7 +35,7 @@ Example screenshot

 9. **Name**: Choose a name (For the example I use Github)
 10. **Slug**: github (If you choose a different slug the URLs will need to be updated to reflect the change)
-11.  **Consumer Key:** Client ID from step 6
+11. **Consumer Key:** Client ID from step 6
 12. **Consumer Secret:** Client Secret from step 7
 13. **Provider Type:** Github

--- a/website/integrations/sources/google/index.md
+++ b/website/integrations/sources/google/index.md
@ -8,11 +8,11 @@ Allows users to authenticate using their Google credentials

 The following placeholders will be used:

- `authentik.company` is the FQDN of the authentik install.
+-   `authentik.company` is the FQDN of the authentik install.

 ## Google

-You will need to create a new project, and OAuth credentials in the Google Developer console.  The developer console can be overwhelming at first.
+You will need to create a new project, and OAuth credentials in the Google Developer console. The developer console can be overwhelming at first.

 1. Visit https://console.developers.google.com/ to create a new project
 2. Create a New project.
@ -27,7 +27,7 @@ You will need to create a new project, and OAuth credentials in the Google Devel

 6. Click **Create**
 7. Choose your project from the drop down at the top
-8. Click the **Credentials** menu item on the left.  It looks like a key.
+8. Click the **Credentials** menu item on the left. It looks like a key.

 ![Example Screen](googledeveloper3.png)

@ -35,8 +35,7 @@ You will need to create a new project, and OAuth credentials in the Google Devel

 ![Example Screen](googledeveloper4.png)

-
-10. **User Type:** If you do not have a Google Workspace (GSuite) account choose _External_.  If you do have a Google Workspace (Gsuite) account and want to limit access to only users inside of your organization choose _Internal_
+10. **User Type:** If you do not have a Google Workspace (GSuite) account choose _External_. If you do have a Google Workspace (Gsuite) account and want to limit access to only users inside of your organization choose _Internal_

 _I'm only going to list the mandatory/important fields to complete._

@ -45,9 +44,9 @@ _I'm only going to list the mandatory/important fields to complete._
 13. **Authorized Domains:** authentik.company
 14. **Developer Contact Info:** Must have a value
 15. Click **Save and Continue**
-16. If you have special scopes configured for google, enter them on this screen.  If not click **Save and Continue**
+16. If you have special scopes configured for google, enter them on this screen. If not click **Save and Continue**
 17. If you want to create Test Users enter them here, if not click **Save and Continue**
-18. From the _Summary Page_ click on the **Credentials* link on the left.  Same link as step 8
+18. From the _Summary Page_ click on the \*_Credentials_ link on the left. Same link as step 8
 19. Click **Create Credentials** on the top of the screen
 20. Choose **OAuth Client ID**

--- a/website/integrations/sources/index.md
+++ b/website/integrations/sources/index.md
@ -7,8 +7,9 @@ Sources allow you to connect authentik to an existing user directory. They can a
 ### Add Sources to Default Login Page

 To have sources show on the default login screen you will need to add them. This is assuming you have not created or renamed the default stages and flows.
+
 1. Access the **Flows** section
 2. Click on **default-authentication-flow**
 3. Click the **Stage Bindings** tab
 4. Chose **Edit Stage** for the _default-authentication-identification_ stage
-5. Under **Sources** you should see the additional sources you have configured.  Click all applicable sources to have them displayed on the Login Page
+5. Under **Sources** you should see the additional sources you have configured. Click all applicable sources to have them displayed on the Login Page
--- a/website/integrations/sources/ldap/index.md
+++ b/website/integrations/sources/ldap/index.md
@ -14,25 +14,25 @@ For Active Directory, follow the [Active Directory Integration](../active-direct
 For FreeIPA, follow the [FreeIPA Integration](../freeipa/)
 :::

- Server URI: URI to your LDAP server/Domain Controller.
+-   Server URI: URI to your LDAP server/Domain Controller.

    You can specify multiple servers by separating URIs with a comma, like `ldap://ldap1.company,ldap://ldap2.company`.

    When using a DNS entry with multiple Records, authentik will select a random entry when first connecting.

- Bind CN: CN of the bind user. This can also be a UPN in the format of `user@domain.tld`.
- Bind password: Password used during the bind process.
- Enable StartTLS: Enables StartTLS functionality. To use LDAPS instead, use port `636`.
- Base DN: Base DN used for all LDAP queries.
- Addition User DN: Prepended to the base DN for user queries.
- Addition Group DN: Prepended to the base DN for group queries.
- User object filter: Consider objects matching this filter to be users.
- Group object filter: Consider objects matching this filter to be groups.
- User group membership field: This field contains the user's group memberships.
- Object uniqueness field: This field contains a unique identifier.
- Sync groups: Enable/disable group synchronization. Groups are synced in the background every 5 minutes.
- Sync parent group: Optionally set this group as the parent group for all synced groups. An example use case of this would be to import Active Directory groups under a root `imported-from-ad` group.
- Property mappings: Define which LDAP properties map to which authentik properties. The default set of property mappings is generated for Active Directory. See also [LDAP Property Mappings](../../../docs/property-mappings/#ldap-property-mapping)
+-   Bind CN: CN of the bind user. This can also be a UPN in the format of `user@domain.tld`.
+-   Bind password: Password used during the bind process.
+-   Enable StartTLS: Enables StartTLS functionality. To use LDAPS instead, use port `636`.
+-   Base DN: Base DN used for all LDAP queries.
+-   Addition User DN: Prepended to the base DN for user queries.
+-   Addition Group DN: Prepended to the base DN for group queries.
+-   User object filter: Consider objects matching this filter to be users.
+-   Group object filter: Consider objects matching this filter to be groups.
+-   User group membership field: This field contains the user's group memberships.
+-   Object uniqueness field: This field contains a unique identifier.
+-   Sync groups: Enable/disable group synchronization. Groups are synced in the background every 5 minutes.
+-   Sync parent group: Optionally set this group as the parent group for all synced groups. An example use case of this would be to import Active Directory groups under a root `imported-from-ad` group.
+-   Property mappings: Define which LDAP properties map to which authentik properties. The default set of property mappings is generated for Active Directory. See also [LDAP Property Mappings](../../../docs/property-mappings/#ldap-property-mapping)

 ## Property mappings

--- a/website/integrations/sources/mailcow/index.md
+++ b/website/integrations/sources/mailcow/index.md
@ -8,12 +8,12 @@ Allows users to authenticate using their Mailcow credentials

 The following placeholders will be used:

- `authentik.company` is the FQDN of the authentik install.
- `mailcow.company` is the FQDN of the mailcow install.
+-   `authentik.company` is the FQDN of the authentik install.
+-   `mailcow.company` is the FQDN of the mailcow install.

 ## Mailcow

-1. Log into mailcow as an admin and navigate to the OAuth2 Apps settings 
+1. Log into mailcow as an admin and navigate to the OAuth2 Apps settings

 ![OAuth2 Apps menu](mailcow1.png)

@ -49,4 +49,4 @@ Save, and you now have Mailcow as a source.

 :::note
 For more details on how-to have the new source display on the Login Page see [here](../).
-:::
+:::
--- a/website/integrations/sources/oauth/index.md
+++ b/website/integrations/sources/oauth/index.md
@ -10,9 +10,9 @@ All Integration-specific Sources are documented in the Integrations Section

 This source allows users to enroll themselves with an external OAuth-based Identity Provider. The generic provider expects the endpoint to return OpenID-Connect compatible information. Vendor-specific implementations have their own OAuth Source.

- Policies: Allow/Forbid users from linking their accounts with this provider.
- Request Token URL: This field is used for OAuth v1 implementations and will be provided by the provider.
- Authorization URL: This value will be provided by the provider.
- Access Token URL: This value will be provided by the provider.
- Profile URL: This URL is called by authentik to retrieve user information upon successful authentication.
- Consumer key/Consumer secret: These values will be provided by the provider.
+-   Policies: Allow/Forbid users from linking their accounts with this provider.
+-   Request Token URL: This field is used for OAuth v1 implementations and will be provided by the provider.
+-   Authorization URL: This value will be provided by the provider.
+-   Access Token URL: This value will be provided by the provider.
+-   Profile URL: This URL is called by authentik to retrieve user information upon successful authentication.
+-   Consumer key/Consumer secret: These values will be provided by the provider.
--- a/website/integrations/sources/plex/index.md
+++ b/website/integrations/sources/plex/index.md
@ -12,10 +12,10 @@ None

 Add _Plex_ as a _source_

- Name: Choose a name
- Slug: Set a slug
- Client ID: Set a unique Client Id or leave the generated ID
- Press _Load Servers_ to login to plex and pick the authorized Plex Servers for "allowed users"
- Decide if *anyone* with a plex account can authenticate or only friends you share with
+-   Name: Choose a name
+-   Slug: Set a slug
+-   Client ID: Set a unique Client Id or leave the generated ID
+-   Press _Load Servers_ to login to plex and pick the authorized Plex Servers for "allowed users"
+-   Decide if _anyone_ with a plex account can authenticate or only friends you share with

 Save, and you now have Plex as a source.