habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
582812b3ec5df24a556f41e76b925647788038e2
authentik/docs/topics/add-secure-apps/providers/ssf/create-ssf-provider.md
Teffen Ellis 582812b3ec website: Flesh out docs split. 
website: Copy files during build.

website: Allow for mixed env builds.

website: Reduce build size.

website: Expose build.

website: Add build memory debugging.

WIP: Disable broken links check to compare memory usage.

website: Update deps.

website: Clean up API paths.

website: Flesh out 3.8 fixes.

Format.

website: Update ignore paths.

Website: Clean up integrations build.

website: Fix paths.

website: Optimize remark.

website: Update deps.

website: Format.

website: Remove linking.

website: Fix paths.

wip: Attempt API only build.

Prep.

Migrate render to runtime. Tidy sidebar.

Clean up templates.

docs: Move directory. WIP

docs: Flesh out split.

website: Fix issue where routes have collisions.
2025-07-01 21:53:19 +02:00

2.2 KiB
Raw Blame History

title, authentik_version, authentik_enterprise, authentik_preview, tags
title authentik_version authentik_enterprise authentik_preview tags
Configure an SSF provider 2025.2.0 true true
backchannel
provider

The workflow to implement an SSF provider as a backchannel provider for an application/provider pair is as follows:

  1. Create the SSF provider (which serves as the backchannel provider).
  2. Create an OIDC provider (which serves as the protocol provider for the application).
  3. Create the application, and assign both the OIDC provider and the SSF provider.

Create the SSF provider

  1. Log in to authentik as an administrator and in the Admin interface navigate to Applications -> Providers.

  2. Click Create.

  3. In the modal, select the Provider Type of SSF, and then click Next.

  4. On the New provider page, provide the configuration settings. Be sure to select a Signing Key.

  5. Click Finish to create and save the provider.

Create the OIDC provider

  1. Log in to authentik as an administrator and in the Admin interface navigate to Applications -> Providers.

  2. Click Create.

  3. In the modal, select the Provider Type of OIDC, and then click Next.

  4. Define the settings for the provider, and then click Finish to save the new provider.

Create the application

  1. Log in to authentik as an administrator and in the Admin interface navigate to Applications -> Applications.

  2. Click Create.

  3. Define the settings for the application:

    • Name: define a descriptive name of the application.
    • Slug: optionally define the internal application name used in URLs.
    • Group: optionally select a group that you want to have access to this application.
    • Provider: select the OIDC provider that you created.
    • Backchannel Providers: select the SSF provider you created.
    • Policy engine mode: define policy-based access.
    • UI Settings: optionally define a launch URL, an icon, and other UI elements.

  4. Click Create to save the new application.

The new application, with its OIDC provider and the backchannel SFF provider, should now appear in your list of Applications.