habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
582812b3ec5df24a556f41e76b925647788038e2
authentik/docs/integrations/development/frappe/index.md
Teffen Ellis 582812b3ec website: Flesh out docs split. 
website: Copy files during build.

website: Allow for mixed env builds.

website: Reduce build size.

website: Expose build.

website: Add build memory debugging.

WIP: Disable broken links check to compare memory usage.

website: Update deps.

website: Clean up API paths.

website: Flesh out 3.8 fixes.

Format.

website: Update ignore paths.

Website: Clean up integrations build.

website: Fix paths.

website: Optimize remark.

website: Update deps.

website: Format.

website: Remove linking.

website: Fix paths.

wip: Attempt API only build.

Prep.

Migrate render to runtime. Tidy sidebar.

Clean up templates.

docs: Move directory. WIP

docs: Flesh out split.

website: Fix issue where routes have collisions.
2025-07-01 21:53:19 +02:00

94 lines
4.1 KiB
Markdown
Raw Blame History

---
title: Integrate with Frappe
sidebar_label: Frappe
support_level: community
---
:::note
These instructions apply to all projects in the Frappe Family.
:::
## What is Frappe
> Frappe is a full stack, batteries-included, web framework written in Python and JavaScript.
>
> -- https://frappe.io/
## Preparation
The following placeholders are used in this guide:
- `frappe.company` is the FQDN of the Frappe installation.
- `authentik.company` is the FQDN of the authentik installation.
- `provider` is the name for the social login provider in Frappe.
:::note
This documentation only lists the settings that have been changed from their default values. Please verify your changes carefully to avoid any issues accessing your application.
:::
## authentik configuration
To support the integration of Frappe with authentik, you need to create an application/provider pair in authentik.
### Create an application and provider in authentik
1. Log in to authentik as an administrator and open the authentik Admin interface.
2. Navigate to **Applications** > **Applications** and click **Create with Provider** to create an application and provider pair. (Alternatively you can first create a provider separately, then create the application and connect it with the provider.)
- **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings.
- **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
- **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
- Note the **Client ID**, **Client Secret**, and **slug** values because they will be required later.
- Set a `Strict` redirect URI to `https://frappe.company/api/method/frappe.integrations.oauth2_logins.custom/provider`.
- Select any available signing key.
- Under **Advanced Protocol Settings**, set **Subject mode** to be `Based on the Users's username`.
- **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
3. Click **Submit** to save the new application and provider.
## Frappe configuration
1. **Navigate to Integrations**
- From the Frappe main menu, go to **Integrations** and then select **Social Login Key**.
2. **Add a New Social Login Key**
- Click the black **+ New** button in the top-right corner.
![](./frappe1.png)
3. **Enter the Required Settings**
- **Client Credentials**
- **Enable Social Login**: Turn the toggle to the **on** position.
- **Client ID**: Enter the Client ID from the authentik wizard.
- **Client Secret**: Enter the Client Secret from the authentik wizard.
- **Configuration**
- **Sign-ups**: Set to **Allow**.
![](./frappe2.png)
- **Identity Details**
- **Base URL**: `https://authentik.company/`
- **Client URLs**:
- **Authorize URL**: `/application/o/authorize/`
- **Access Token URL**: `/application/o/token/`
- **Redirect URL**: `https://frappe.company/api/method/frappe.integrations.oauth2_logins.custom/provider`
- **API Endpoint**: `/application/o/userinfo/`
![](./frappe3.png)
- **Client Information**
- **Auth URL Data**:
```json
{ "response_type": "code", "scope": "email profile openid" }
```
![](./frappe4.png)
4. **Save the Configuration**
- Click the black **Save** button in the top-right corner to complete the setup.
## Configuration verification
To verify that authentik is correctly set up with Frappe, navigate to your Frappe installation and click **Login with Provider**. A successful login should redirect you to the main page of your installation.
## Resources
- [Frappe's official OpenID Connect guide](https://docs.frappe.io/framework/user/en/guides/integration/openid_connect_and_frappe_social_login)
Reference in New Issue View Git Blame Copy Permalink