b6973f6b46
* main: (867 commits) website: bump elliptic from 6.5.7 to 6.6.0 in /website (#11869) core: bump selenium from 4.25.0 to 4.26.0 (#11875) core: bump goauthentik.io/api/v3 from 3.2024083.14 to 3.2024100.1 (#11876) website/docs: add info about invalidation flow, default flows in general (#11800) website: fix docs redirect (#11873) website: remove RC disclaimer for version 2024.10 (#11871) website: update supported versions (#11841) web: bump API Client version (#11870) root: backport version bump 2024.10.0 (#11868) website/docs: 2024.8.4 release notes (#11862) web/admin: provide default invalidation flows for LDAP and Radius (#11861) core, web: update translations (#11858) web/admin: fix code-based MFA toggle not working in wizard (#11854) sources/kerberos: add kiprop to ignored system principals (#11852) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#11846) translate: Updates for file locale/en/LC_MESSAGES/django.po in it (#11845) translate: Updates for file web/xliff/en.xlf in zh_CN (#11847) translate: Updates for file web/xliff/en.xlf in zh-Hans (#11848) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#11849) translate: Updates for file web/xliff/en.xlf in it (#11850) ...
4.8 KiB
4.8 KiB
import Collapse from "@site/src/components/Collapse";
File structure
Blueprints are YAML files, which can use some additional tags to ease blueprint creation.
Schema
The blueprint schema is available under
https://goauthentik.io/blueprints/schema.json. It
is also possible to target a specific version's blueprint schema by using
https://version-2023-4.goauthentik.io/blueprints/schema.json.
To use the schema with Visual Studio code and the YAML extension, add this comment at the top of your blueprint files:
# yaml-language-server: $schema=https://goauthentik.io/blueprints/schema.json
Example
# yaml-language-server: $schema=https://goauthentik.io/blueprints/schema.json
# The version of this blueprint, currently 1
version: 1
# Optional block of metadata, name is required if metadata is set
metadata:
# Arbitrary key=value store, special labels are listed below
labels:
foo: bar
name: example-blueprint
# Optional default context, instance context is merged over this.
context:
foo: bar
# List of entries (required)
entries:
- # Model in app.model notation, possibilities are listed in the schema (required)
model: authentik_flows.flow
# The state this object should be in (optional, can be "present", "created" or "absent")
# Present will keep the object in sync with its definition here, created will only ensure
# the object is created (and create it with the values given here), and "absent" will
# delete the object
state: present
# An optional list of boolean-like conditions. If all conditions match (or
# no conditions are provided) the entry will be evaluated and acted upon
# as normal. Otherwise, the entry is skipped as if not defined at all.
# Each condition will be evaluated in Python to its boolean representation
# bool(<condition>). Furthermore, complex conditions can be built using
# a special !Condition tag. See the documentattion for custom tags for more
# information.
conditions:
- true
- text
- 2
- !Condition [AND, ...] # See custom tags section
# Key:value filters to uniquely identify this object (required)
identifiers:
slug: initial-setup
# Optional ID for use with !KeyOf
id: flow
# Attributes to set on the object. Only explicitly required settings should be stated
# as these values will override existing attributes
attrs:
denied_action: message_continue
designation: stage_configuration
name: default-oobe-setup
title: Welcome to authentik!
# Optionally set object-level permissions on the object
# Requires authentik 2024.8
permissions:
- permission: inspect_flow
user: !Find [authentik_core.user, [username, akadmin]]
Special Labels
blueprints.goauthentik.io/system:
Used by authentik's packaged blueprints to keep globals up-to-date. Should only be removed in special cases.
blueprints.goauthentik.io/instantiate:
Configure if this blueprint should automatically be instantiated (defaults to "true"). When set to "false", blueprints are listed and available to be instantiated via API/Browser.
blueprints.goauthentik.io/description:
Optionally set a description, which can be seen in the web interface.