habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bb2b6d163bd1317a30b47827e98b009e9f4fbef6
authentik/website/docs/add-secure-apps/providers/ssf/create-ssf-provider.md
Tana M Berry cc0659168d website/docs: add enterprise label to SSF docs (#13251) 
* added Enterprise label

* fix date to be semantic version

* added Ent label, for real this time

* add Ent to procedural page too

---------

Co-authored-by: Tana M Berry <tana@goauthentik.com>
2025-02-25 18:43:39 +01:00

2.1 KiB
Raw Blame History

title, authentik_version, authentik_enterprise, authentik_preview
title authentik_version authentik_enterprise authentik_preview
Configure an SSF provider 2025.2.0 true true

The workflow to implement an SSF provider as a backchannel provider for an application/provider pair is as follows:

  1. Create the SSF provider (which serves as the backchannel provider).
  2. Create an OIDC provider (which serves as the protocol provider for the application).
  3. Create the application, and assign both the OIDC provider and the SSF provider.

Create the SSF provider

  1. Log in to authentik as an admin, and in the Admin interface navigate to Applications -> Providers.

  2. Click Create.

  3. In the modal, select the Provider Type of SSF, and then click Next.

  4. On the New provider page, provide the configuration settings. Be sure to select a Signing Key.

  5. Click Finish to create and save the provider.

Create the OIDC provider

  1. Log in to authentik as an admin, and in the Admin interface navigate to Applications -> Providers.

  2. Click Create.

  3. In the modal, select the Provider Type of OIDC, and then click Next.

  4. Define the settings for the provider, and then click Finish to save the new provider.

Create the application

  1. Log in to authentik as an admin, and in the Admin interface navigate to Applications -> Applications.

  2. Click Create.

  3. Define the settings for the application:

    • Name: define a descriptive name ofr the application.
    • Slug: optionally define the internal application name used in URLs.
    • Group: optionally select a group that you want to have access to this application.
    • Provider: select the OIDC provider that you created.
    • Backchannel Providers: select the SSF provider you created.
    • Policy engine mode: define policy-based access.
    • UI Settings: optionally define a launch URL, an icon, and other UI elements.

  4. Click Create to save the new application.

The new application, with its OIDC provider and the backchannel SFF provider, should now appear in your list of Applications.