--- title: Integrate with Frappe sidebar_label: Frappe support_level: community --- :::note These instructions apply to all projects in the Frappe Family. ::: ## What is Frappe > Frappe is a full stack, batteries-included, web framework written in Python and JavaScript. > > -- https://frappe.io/ ## Preparation The following placeholders are used in this guide: - `frappe.company` is the FQDN of the Frappe installation. - `authentik.company` is the FQDN of the authentik installation. - `provider` is the name for the social login provider in Frappe. :::note This documentation only lists the settings that have been changed from their default values. Please verify your changes carefully to avoid any issues accessing your application. ::: ## authentik configuration To support the integration of Frappe with authentik, you need to create an application/provider pair in authentik. ### Create an application and provider in authentik 1. Log in to authentik as an administrator and open the authentik Admin interface. 2. Navigate to **Applications** > **Applications** and click **Create with Provider** to create an application and provider pair. (Alternatively you can first create a provider separately, then create the application and connect it with the provider.) - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type. - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations. - Note the **Client ID**, **Client Secret**, and **slug** values because they will be required later. - Set a `Strict` redirect URI to `https://frappe.company/api/method/frappe.integrations.oauth2_logins.custom/provider`. - Select any available signing key. - Under **Advanced Protocol Settings**, set **Subject mode** to be `Based on the Users's username`. - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page. 3. Click **Submit** to save the new application and provider. ## Frappe configuration 1. **Navigate to Integrations** - From the Frappe main menu, go to **Integrations** and then select **Social Login Key**. 2. **Add a New Social Login Key** - Click the black **+ New** button in the top-right corner. ![](./frappe1.png) 3. **Enter the Required Settings** - **Client Credentials** - **Enable Social Login**: Turn the toggle to the **on** position. - **Client ID**: Enter the Client ID from the authentik wizard. - **Client Secret**: Enter the Client Secret from the authentik wizard. - **Configuration** - **Sign-ups**: Set to **Allow**. ![](./frappe2.png) - **Identity Details** - **Base URL**: `https://authentik.company/` - **Client URLs**: - **Authorize URL**: `/application/o/authorize/` - **Access Token URL**: `/application/o/token/` - **Redirect URL**: `https://frappe.company/api/method/frappe.integrations.oauth2_logins.custom/provider` - **API Endpoint**: `/application/o/userinfo/` ![](./frappe3.png) - **Client Information** - **Auth URL Data**: ```json { "response_type": "code", "scope": "email profile openid" } ``` ![](./frappe4.png) 4. **Save the Configuration** - Click the black **Save** button in the top-right corner to complete the setup. ## Configuration verification To verify that authentik is correctly set up with Frappe, navigate to your Frappe installation and click **Login with Provider**. A successful login should redirect you to the main page of your installation. ## Resources - [Frappe's official OpenID Connect guide](https://docs.frappe.io/framework/user/en/guides/integration/openid_connect_and_frappe_social_login)