habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
47206d33284a6ffc848924b55223bc5d6661841c
authentik/website/docs/customize/blueprints/v1/models.md
Tana M Berry 6d5172d18a website: latest PR for new Docs structure (#11639) 
* first pass

* dependency shenanigans

* move blueprints

* few broken links

* change config the throw errors

* internal file edits

* fighting links

* remove sidebarDev

* fix subdomain

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix relative URL

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix mismatched package versions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix api reference build

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* test tweak

* links hell

* more links hell

* links hell2

* yep last of the links

* last broken link fixed

* re-add cves

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add devdocs redirects

* add dir

* tweak netlify.toml

* move latest 2 CVES into dir

* fix links to moved cves

* typoed title fix

* fix link

* remove banner

* remove committed api docs

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* integrations: remove version dropdown

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* Update Makefile

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* change doc links in web as well

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* fix some more docs paths

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* fix more docs paths

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* ci: require ci-web.build for merging

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* Revert "ci: require ci-web.build for merging"

This reverts commit b99a4842a9.

* remove sluf for Application

* put slug back in

* minor fix to trigger deploy

* Spelled out Documentation in menu bar

* remove image redirects...

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove explicit index.md

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove mdx first

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* then remove .md

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add missing prefix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2024-10-09 09:33:40 -05:00

3.5 KiB
Raw Blame History

Models

Some models behave differently and allow for access to different API fields when created via blueprint.

authentik_core.token

key authentik 2023.4+

Via the standard API, a token's key cannot be changed, it can only be rotated. This is to ensure a high entropy in it's key, and to prevent insecure data from being used. However, when provisioning tokens via a blueprint, it may be required to set a token to an existing value.

With blueprints, the field key can be set, to set the token's key to any value.

For example:

# [...]
- model: authentik_core.token
  state: present
  identifiers:
      identifier: my-token
  attrs:
      key: this-should-be-a-long-value
      user: !KeyOf my-user
      intent: api

authentik_core.user

password authentik 2023.6+

Via the standard API, a user's password can only be set via the separate /api/v3/core/users/<id>/set_password/ endpoint. In blueprints, the password of a user can be set using the password field.

Keep in mind that if an LDAP Source is configured and the user maps to an LDAP user, this password change will be propagated to the LDAP server.

For example:

# [...]
- model: authentik_core.user
  state: present
  identifiers:
      username: test-user
  attrs:
      name: test user
      password: this-should-be-a-long-value

permissions authentik 2024.8+

The permissions field can be used to set global permissions for a user. A full list of possible permissions is included in the JSON schema for blueprints.

For example:

# [...]
- model: authentik_core.user
  identifiers:
      username: test-user
  attrs:
      permissions:
          - authentik_blueprints.view_blueprintinstance

authentik_core.application

icon authentik 2023.5+

Application icons can be directly set to URLs with the icon field.

For example:

# [...]
- model: authentik_core.application
  identifiers:
      slug: my-app
  attrs:
      name: My App
      icon: https://goauthentik.io/img/icon.png

authentik_sources_oauth.oauthsource, authentik_sources_saml.samlsource, authentik_sources_plex.plexsource

icon authentik 2023.5+

Source icons can be directly set to URLs with the icon field.

For example:

# [...]
- model: authentik_sources_oauth.oauthsource
  identifiers:
      slug: my-source
  attrs:
      name: My source
      icon: https://goauthentik.io/img/icon.png

authentik_flows.flow

icon authentik 2023.5+

Flow backgrounds can be directly set to URLs with the background field.

For example:

# [...]
- model: authentik_flows.flow
  identifiers:
      slug: my-flow
  attrs:
      name: my-flow
      title: My flow
      designation: authentication
      background: https://goauthentik.io/img/icon.png

authentik_rbac.role

permissions authentik 2024.8+

The permissions field can be used to set global permissions for a role. A full list of possible permissions is included in the JSON schema for blueprints.

For example:

# [...]
- model: authentik_rbac.role
  identifiers:
      name: test-role
  attrs:
      permissions:
          - authentik_blueprints.view_blueprintinstance