a3634ab21d 
					 
					
						
						
							
							website/docs: new PR for the Entra provider docs (ignore old one) ( #9741 )  
						
						... 
						
						
						
						* new PR
* ken edits
* tweaks
---------
Co-authored-by: Tana M Berry <tana@goauthentik.com > 
						
						
					 
					
						2024-05-16 17:00:03 -05:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9dc813d9ab 
					 
					
						
						
							
							website/docs: update traefik to latest version in proxy provider ( #9707 )  
						
						
						
						
					 
					
						2024-05-13 20:00:37 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5d54f696d4 
					 
					
						
						
							
							website/docs: add docs about Google Workspace ( #9669 )  
						
						... 
						
						
						
						* stub files
* tweaks
* add to sidebar
* tweaks
* steps to set up gws
* first drafts
* link
* unsaved
* formatting
* typos
* add Ent badge
* backchannel and otehr edits
* tweaks
* tweaks
* rewrite stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* em one word
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-05-13 20:33:06 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						53f8699deb 
					 
					
						
						
							
							website/docs: 2024.4 release notes ( #9267 )  
						
						... 
						
						
						
						* website/docs: 2024.4 release notes WIP
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix .next
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* reword
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add python api client
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix consistency
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* expand scim docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add release notes to sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update release notes and add disclaimer
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add disclaimer to template
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add list of API Clients to developer docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add performance improvements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-04-19 15:32:48 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						48d1b289a3 
					 
					
						
						
							
							website/docs: cleanup more ( #9249 )  
						
						... 
						
						
						
						simplify DocCardList
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-04-15 14:58:27 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6df28758f0 
					 
					
						
						
							
							website/docs: ensure yaml code blocks have language tags ( #9240 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-04-12 16:51:50 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c379787a90 
					 
					
						
						
							
							website/docs: add websocket support to nginx snippets ( #9220 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-04-12 02:02:41 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6cb6db0bc4 
					 
					
						
						
							
							website/docs: add procedural docs for RAC ( #9006 )  
						
						... 
						
						
						
						* draft
* how outposts work
* image and edits
* removed old image,edits
* new image
* formattiing tweak
* draft for review
* tweaks
* git fights
* added period
* Optimised images with calibre/image-actions
* typos
* new image, more procedurals
* updated screenshot
* final poplish
* Optimised images with calibre/image-actions
* Ken's excellent edits
* another typo
* tweak
* more tweaks
* not sure
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update website/docs/outposts/index.mdx
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/outposts/index.mdx
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/outposts/index.mdx
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/outposts/index.mdx
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/outposts/index.mdx
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/providers/rac/how-to-rac.md
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/providers/rac/how-to-rac.md
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/providers/rac/how-to-rac.md
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/providers/rac/how-to-rac.md
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/providers/rac/how-to-rac.md
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* grammar
* rebase merge conflict
* merge fights
* fix embededded video syntax
* reworded for single endpoint
* undo root package
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-04-04 09:24:27 -05:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ac1ef5139c 
					 
					
						
						
							
							website/docs: update example ldapsearch commands ( #8906 )  
						
						... 
						
						
						
						* Update generic_setup.md
Updated ldapsearch command to no longer use the deprecated -h -p options.
Signed-off-by: Trident101 <44569289+Trident101@users.noreply.github.com >
* Update website/docs/providers/ldap/generic_setup.md
Signed-off-by: Jens L. <jens@beryju.org >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Trident101 <44569289+Trident101@users.noreply.github.com >
Signed-off-by: Jens L. <jens@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@beryju.org >
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-03-15 17:49:19 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4c0b6c71ac 
					 
					
						
						
							
							Update _envoy_istio.md ( #8888 )  
						
						... 
						
						
						
						Added a comment about allowing the http authorization headers to upstream, necessary in an istio meshConfig if there are proxy providers which inject http basic auth headers.
Signed-off-by: Wessel Valkenburg (prevue.ch) <116259817+valkenburg-prevue-ch@users.noreply.github.com > 
						
						
					 
					
						2024-03-12 14:10:09 -05:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						cfc065b41b 
					 
					
						
						
							
							website/docs: new landing page for Providers ( #8879 )  
						
						... 
						
						
						
						* stub file
* draft content
* edit sidebar
* info re metadata SAML
* fix links
* polish
---------
Co-authored-by: Tana M Berry <tana@goauthentik.com > 
						
						
					 
					
						2024-03-12 10:36:30 -05:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c3fb84397a 
					 
					
						
						
							
							providers/oauth2: improve conformance with client_credentials standard ( #8471 )  
						
						... 
						
						
						
						* allow using username:password base64 encoded as client_secret
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* support standard method by generating a user
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix warning
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-02-19 16:11:20 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a3bfb3d25c 
					 
					
						
						
							
							website/docs: 2024.2 release notes ( #8468 )  
						
						... 
						
						
						
						Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Jens L. <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-02-14 20:52:56 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						abc0c2d2a2 
					 
					
						
						
							
							root: Multi-tenancy ( #7590 )  
						
						... 
						
						
						
						* tenants -> brands, init new tenant model, migrate some config to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* setup logging for tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* configure celery and cache
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* small fixes, runs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* task fixes, creation of tenant now works by cloning a template schema, some other small stuff
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* upstream fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix avatar tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* migrate config reputation_expiry as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web rebase
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema 3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* revert reputation expiry migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix type
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix some more tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* website: tenants -> brands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* start frontend :help:
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add ability to disable tenants api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* delete embedded outpost if it is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure embedded outpost is disabled when tenants are enabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* management commands: add --schema option where relevant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* store files per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost deletion
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tenant api tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add domain tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add settings tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make --schema-name default to public in mgmt commands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* sources/ldap: make sure lock is per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix stuff I broke
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix remaining failing tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* much better frontend, but save does not refresh form properly
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with latest fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* i18n-extract
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* review comments
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* move event_retention from brands to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* root: add support for storing media files in S3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* use permissions for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* blueprints: disable tenants management
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost create/delete logic
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make gen
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure prometheus metrics are correctly served
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* makefile: don't delete the go api client when not regenerating it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* tenants api: add recovery group and token creation endpoints
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix startup
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix prometheus metrics
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migrations from stable
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix oauth source type import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Revert "fix oauth source type import"
This reverts commit d015fd0244marc.schmitt@risson.space >
* try with connection_created signal
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix scim tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix enterprise settings
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try with connection_created signal"
This reverts commit 764a999db832b40a3bbbmarc.schmitt@risson.space >
* fix django version
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* relock poetry
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix reconcile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try running tenant save in a transaction
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* black
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* test: export postgres logs for debugging and use failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test: fix container name for logs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* do not copy tenant data
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try running tenant save in a transaction"
This reverts commit da6dec5a614bffb19704marc.schmitt@risson.space >
* why not
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove postgres query logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update reconcile logic to clearly differentiate between tenant and global
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix reconcile app decorator
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* enable django checks
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually nodata was unnecessary as we're cloning from template and not from public
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with sequence fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually update
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for recovery api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* recovery tests: do them on a new tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* web: fix system status being degraded when embedded outpost is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix recovery tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add management command to create a tenant
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* more docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* checklist
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* self review
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* spelling
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make web after upgrading
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove extra xlif file
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* prettier
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "add management command to create a tenant"
This reverts commit 39d13c0447jens@goauthentik.io >
* rewite some things on the release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* root: make sure install_id comes from public schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* require a license to use tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes: add warning about user sessions being invalidated
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove api disabled test, we can't test for it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-01-23 14:28:06 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2bc865b024 
					 
					
						
						
							
							website/docs: fix nginx ingress proxy example ( #8245 )  
						
						
						
						
					 
					
						2024-01-22 08:13:58 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						509b502d3c 
					 
					
						
						
							
							providers/oauth2: offline access ( #8026 )  
						
						... 
						
						
						
						* improve scope check (log when application requests non-configured scopes)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add offline_access special scope
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ensure scope is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update tests for refresh tokens
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* special handling of scopes for github compat
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix spec
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* attempt to fix oidc tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove hardcoded slug
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* check scope from authorization code instead of request
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix injection for consent stage checking incorrectly
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-01-04 19:57:11 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						240cf6dd94 
					 
					
						
						
							
							enterprise/providers: Add RAC [AUTH-15] ( #7291 )  
						
						... 
						
						
						
						* add basic guacamole
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make everything mostly work
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add rac build to CI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix resize, fix web lint, sendSize correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* pre-send connection from client, format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve throughput
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework TokenOutpostConsumer into middleware
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some layout issues
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add outpost controllers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start testing audio things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix to work with outpost group
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add simple loadbalancing
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add simple reconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* show reconnecting text
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix error when checking ports
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move to providers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add flow check to interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix go lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix rac app label
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix audio
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* allow overriding all settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix duplicate keyboard, debug high DPI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing __init__.py breaking model loading
I love python
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* bump successful ws connection to info
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* hide cursor since guac draws that
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add clipboard support (bidirectional)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make codespell not want to break the code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* run pr comment in separate task
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start endpoint and property mapping stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more endpoint things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix event model_pk filtering with ints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: improve event display for changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rebuild endpoint stuff again
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* idk special url
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more stuff, connect token with session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add disconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework disconnect
cleanly disconnect from guacd instead of just letting the connection timeout
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* clear cache when creating outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* support host:port and fix protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* center smaller viewport
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework connection to wait more and stop after some time
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add policy control to endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove provider protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't switch to different outpost connection when already chosen
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start using property mappings, add static settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add some RAC mapping settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests for event changes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests and fix issues found by said tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add preview banner, move endpoints to main page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* auto-select endpoint if only one is available
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* backport https://github.com/goauthentik/authentik/pull/7831  to rac
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont select property mappings on endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make table modal only load when opened
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only auto-redirect when open
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* check for token expiry and terminate session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add endpoint name to title
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* disconnect connection when token is manually deleted
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add initial RAC docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add connection expiry setting to provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix flaky tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-12-30 21:33:14 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						49df3cb3c4 
					 
					
						
						
							
							Documentation: Added note for necessary unigue base DNs ( #7717 )  
						
						... 
						
						
						
						* Added note for necessary unigue base DNs
Added information, that every LDAP provider needs to have a unique base DN. Related to #7714 
Signed-off-by: tedstriker <github@meins.org >
* Update website/docs/providers/ldap/index.md
Thank's for fixing the grammar ;)
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: tedstriker <github@meins.org >
---------
Signed-off-by: tedstriker <github@meins.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-11-28 14:56:56 -06:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						41bb1ca707 
					 
					
						
						
							
							providers/scim: remove preview ( #7166 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-10-13 19:03:13 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9860ac983c 
					 
					
						
						
							
							website/docs: fix typo in providers/scim ( #7076 )  
						
						... 
						
						
						
						chore(docs): typo in providers/scim
Signed-off-by: jon r <jon@allmende.io > 
						
						
					 
					
						2023-10-06 17:43:03 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e40a0b1f8b 
					 
					
						
						
							
							website/docs: add notice for nginx ingress configuration requirement ( #7027 )  
						
						... 
						
						
						
						* website/docs: add notice for nginx ingress configuration requirement
https://github.com/goauthentik/infrastructure/pull/574 
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update website/docs/providers/proxy/_nginx_ingress.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-10-02 16:04:26 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c7537f9f32 
					 
					
						
						
							
							web, website: compress images ( #6121 )  
						
						... 
						
						
						
						Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-08-02 12:06:03 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f2293c0f5b 
					 
					
						
						
							
							website/docs: Update syntax in traefik standalone example ( #6303 )  
						
						... 
						
						
						
						* Update syntax in traefik standalone example
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de >
* One more syntax update
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de >
---------
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de > 
						
						
					 
					
						2023-07-26 10:56:31 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						01311929d1 
					 
					
						
						
							
							providers/ldap: improve password totp detection ( #6006 )  
						
						... 
						
						
						
						* providers/ldap: improve password totp detection
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add flag for totp mfa support
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* keep support for static tokens
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-06-20 12:09:13 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a2de6194e4 
					 
					
						
						
							
							website/docs: correct LDAP StartTLS documentation ( #5886 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-06-08 11:00:20 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						0ce41a1b2d 
					 
					
						
						
							
							providers/ldap: add StartTLS support ( #5861 )  
						
						... 
						
						
						
						* providers/ldap: add StartTLS support
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add starttls test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update form and docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add tls server name
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-06-06 21:40:19 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c68a42f63b 
					 
					
						
						
							
							website/docs: improve docs for OAuth2 device code flow ( #5570 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-05-10 20:58:31 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bb92c4a967 
					 
					
						
						
							
							providers/ldap: remove deprecated fields ( #5154 )  
						
						... 
						
						
						
						* providers/ldap: remove deprecated fields
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-04-21 14:10:24 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						34e9af57fe 
					 
					
						
						
							
							website/integrations: switch default gitlab name identifier ( #5321 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io >
#5312  
						
						
					 
					
						2023-04-20 19:47:41 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1893626e04 
					 
					
						
						
							
							website/docs: clear up radius provider ( #5263 )  
						
						... 
						
						
						
						* website/docs: clear up radius provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update website/docs/providers/radius/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-04-18 10:42:42 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						67644ace87 
					 
					
						
						
							
							website/docs: prepare 2023.4 release notes ( #5223 )  
						
						... 
						
						
						
						* website/docs: prepare 2023.4 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add prompt preview
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* Update website/docs/releases/2023/v2023.4.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* add new release to sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-04-13 14:11:46 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3f5effb1bc 
					 
					
						
						
							
							providers/radius: simple radius outpost ( #1796 )  
						
						... 
						
						
						
						* initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* minor fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use search-select
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix ip with port being sent to delegated ip
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add radius tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-20 16:54:35 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						eaf56f4f3f 
					 
					
						
						
							
							stages/user_login: stay logged in ( #4958 )  
						
						... 
						
						
						
						* add initial remember me offset
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add to go executor
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add ui for user login stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-15 20:21:05 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						8b7a92068b 
					 
					
						
						
							
							website/docs: forward-auth page, add list of links ( #4937 )  
						
						... 
						
						
						
						* add list of links
* added commas
* fix build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana Berry <tanaberry@Tanas-MacBook-Pro-authentik.local >
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-14 07:45:49 -05:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bf7dc5df78 
					 
					
						
						
							
							website/docs: separate pages for each webserver ( #4911 )  
						
						... 
						
						
						
						* website/docs: separate pages for each webserver
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-03-13 17:29:51 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7618c2e45f 
					 
					
						
						
							
							website/docs: improve traefik standalone docs ( #4493 )  
						
						... 
						
						
						
						* Create _traefik_standalone_single_application.md 
Example for Authentik Single Application Proxy with Service example because this was unclear for many users and if you dont create a middleware for every application you get the error "no app for hostname". 
Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com >
* Update _traefik_standalone_single_application.md
Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com >
* rename to old file
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-10 13:45:41 -06:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6ae2fc9668 
					 
					
						
						
							
							providers/SCIM: customizable externalId, document behavior  ( #4868 )  
						
						... 
						
						
						
						* only set externalId if mapping hasn't set it
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* better document use of SCIM in conjunction with OAuth/SAML
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-08 00:15:16 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9559bc2e1e 
					 
					
						
						
							
							providers/scim: add option to filter out service accounts, parent group ( #4862 )  
						
						... 
						
						
						
						* add option to filter out service accounts, parent group
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rename to filter group
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework sync card to show scim sync status
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-07 15:39:48 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f6a8b3d568 
					 
					
						
						
							
							website/docs: Corrected typo and added Note about port number if using Istio/Kubern… ( #4851 )  
						
						... 
						
						
						
						* Corrected typo and added Note about port number if using Istio/Kubernetes
@BeryJu I was reading [this article](https://prevue.ch/news/2022-10-11-istio-authentik/ ) about a fellow setting up authentik, using Istio and Kubernetes. I wanted to somehow add a heads up about the port number, but I am not confident that I got it right. Is it only if there are custom decisions being made that the port number has to be for the cluster? 
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/providers/proxy/forward_auth.mdx
Signed-off-by: Jens L. <jens@beryju.org >
* fix lint error
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens.langhammer@beryju.org >
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-06 19:28:40 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						28ddeb124f 
					 
					
						
						
							
							providers: SCIM ( #4835 )  
						
						... 
						
						
						
						* basic user sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add group sync and some refactor
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start API
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* allow null authorization flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make task monitored
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add missing dependency
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make authorization_flow required for most providers via API
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make task result better readable, exclude anonymous user
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add task UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add scheduled task for all sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make scim errors more readable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add mappings, migrate to mappings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add mapping UI and more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add scim docs to web
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start implementing membership
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate signals to tasks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate fully to tasks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* strip none keys, fix lint errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix saml
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add scim schemas and validate against it
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve error handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add group put support, add group tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* send correct application/scim+json headers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* stop sync if no mappings are confiugred
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add test for task sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add membership tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use decorator for tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make tests better
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-06 19:39:08 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						cd99b6e48f 
					 
					
						
						
							
							providers/ldap: making ldap compatible with synology ( #4694 )  
						
						... 
						
						
						
						* internal/outpost/ldap: making ldap compatible with synology
* fix duplicate attributes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs about homedirectory
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix duplicate attributes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add substitution to values
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-02-22 15:26:41 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						51c6a14786 
					 
					
						
						
							
							providers/ldap: Improve compatibility with LDAP clients ( #4750 )  
						
						... 
						
						
						
						* Fixed invalid LDAP attributes by replacing '.'s and '/'s with '-'
* Leave old fields for now for backward compatibility
* Add forgotten depreceated field
* Fix tests
* Fix tests
* use shorter attribute names
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* sanitize attributes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* keep both sanitized and unsanitized user fields
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add sanitized fields to test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-02-22 14:18:22 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7d6b573f8b 
					 
					
						
						
							
							website: migrate to mermaid charts, rework proxy page  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-02-15 12:14:17 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3170b2f92c 
					 
					
						
						
							
							providers/proxy: add token support for basic auth  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-02-07 22:50:49 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						547c01f481 
					 
					
						
						
							
							website/docs: update Caddy docs to include HTTPS proxying ( #4316 )  
						
						... 
						
						
						
						Update Caddy documentation to include HTTPS proxying
Signed-off-by: Melvin Snijders <mail@melvinsnijders.nl > 
						
						
					 
					
						2023-02-03 14:43:13 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7d4ce41e12 
					 
					
						
						
							
							providers/proxy: outpost wide logout implementation ( #4605 )  
						
						... 
						
						
						
						* initial outpost wide logout implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* handle deserialize error
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix file cleanup, add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-02-02 21:18:59 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3a59b75f4a 
					 
					
						
						
							
							website/docs: update ldap provider docs  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-01-20 11:46:57 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						23c69c456a 
					 
					
						
						
							
							providers/proxy: add setting to intercept authorization header ( #4457 )  
						
						... 
						
						
						
						* add setting to intercept authorization header
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rename to intercept_header_auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-01-17 18:56:48 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						19ee98b36d 
					 
					
						
						
							
							outposts/proxy: allow setting no-redirect via header or query param  
						
						... 
						
						
						
						closes  #4455 
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
					
						2023-01-17 10:56:43 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d31e566873 
					 
					
						
						
							
							outposts/proxy: add header to prevent redirects  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-01-14 22:18:25 +01:00