habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a15365a9f1b570150d52d3b51f34408cda0000c7
authentik/website/integrations/services/engomo/index.mdx
Dominic R 9e736f2838 website: use "administrator" instead of "admin" for Admin interface (#14771) 
* website: use "administrator" instead of "admin" for Admin interface

* website: some manual touches

---------

Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2025-05-30 09:29:30 -05:00

91 lines
4.6 KiB
Plaintext
Raw Blame History

---
title: Integrate with engomo
sidebar_label: engomo
support_level: community
---
## What is engomo
> engomo is an low-code app development platform to create enterprise apps for smartphones and tablets based on Android, iOS, or iPadOS.
>
> -- https://engomo.com/
>
> This guide explains how to set up engomo to use authentik as the OAuth provider for the application login on the smartphone/tablet and login to the admin WebGUI (composer).
## Preparation
The following placeholders are used in this guide:
- `engomo.company` is the FQDN of the engomo installation.
- `authentik.company` is the FQDN of the authentik installation.
:::note
This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
:::
## authentik configuration
To support the integration of Engomo with authentik, you need to create an application/provider pair in authentik.
### Create property mappings
1. Log in to authentik as an administrator and open the authentik Admin interface.
2. Navigate to **Customization** > **Property Mappings** and click **Create**. Create a **Scope Mapping** with the following settings:
- **Name**: Set an appropriate name.
- **Scope Name**: `profile`
- **Description**: Set an appropriate description, if desired.
- **Expression**: `return {"preferred_username": request.user.email}`
### Create an application and provider in authentik
1. Log in to authentik as an administrator and open the authentik Admin interface.
2. Navigate to **Applications** > **Applications** and click **Create with Provider** to create an application and provider pair. (Alternatively you can first create a provider separately, then create the application and connect it with the provider.)
- **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings.
- **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
- **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
- Note the **Client ID** and **slug** values because they will be required later.
- Set the **Client type** to `Public`.
- Add two `Strict` redirect URIs and set them to <kbd>https://<em>engomo.company</em>/auth</kbd> and <kbd>com.engomo.engomo://callback/</kbd>.
- Select any available signing key.
- Under **Advanced Protocol Settings**, add the scope you just created to the list of available scopes.
- **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
3. Click **Submit** to save the new application and provider.
## engomo configuration
Navigate to <kbd>https://<em>engomo.company</em>/composer</kbd> and log in with your admin credentials.
1. Select **Server**.
2. Select **Authentication**.
3. Add a new authentication method by clicking on the plus icon on the right.
4. Name: `authentik`
5. Type: **OpenID Connect**
6. Click **Create**.
7. Configure the following values using information from the authentik provider:
- Set **Issuer** to <kbd>https://<em>authentik.company</em>/application/o/<em>engomo</em></kbd>.
- Set **Client ID** to the Client ID copied from authentik.
- Set **Client secret** to the Client Secret copied from authentik.
## engomo user creation
engomo doesn't create users automatically when signing in. So you have to do it manually right now.
Navigate to <kbd>https://<em>engomo.company</em>/composer</kbd> and log in with your admin credentials.
- Select **Users & Devices**.
- Click the plus button in the Users section.
- Choose `authentik` from the Authenticator dropdown.
- Create your user by entering the email address as the username. This email must match the one used for the user in authentik.
## Test the login
- Open a browser of your choice and open the URL <kbd>https://<em>engomo.company</em></kbd>.
- Enter the created user's email address and click the small arrow icon to log in.
- You should be redirected to authentik (with the login flows you created) and then authentik should redirect you back to <kbd>https://<em>engomo.company</em>/composer</kbd> URL.
- If you are redirected back to the <kbd>https://<em>engomo.company</em>/composer</kbd> URL you did everything correct.
:::note
The created user will only have access to the app or composer page if they have been granted the necessary permissions.
:::
Reference in New Issue View Git Blame Copy Permalink