64fbbcf3e8
* website/docs: update airgapped config Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix immich urls Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2.0 KiB
2.0 KiB
title
| title |
|---|
| Immich |
Support level: Community
What is Immich
Immich is a self-hosted backup solution for photos and videos on mobile devices.
Preparation
The following placeholders will be used:
https://immich.companyis the URL used to access the Immich instance.authentik.companyis the FQDN of the authentik install.
authentik configuration
- Create a new OAuth2/OpenID Provider under Applications > Providers using the following settings:
- Name: Immich
- Authentication flow: default-authentication-flow
- Authorization flow: default-provider-authorization-explicit-consent
- Client type: Confidential
- Client ID: Either create your own Client ID or use the auto-populated ID
- Client Secret: Either create your own Client Secret or use the auto-populated secret
:::note
Take note of the
Client IDandClient Secretas they are required when configuring Immich. ::: - Redirect URIs/Origins (RegEx): :::note Please note that the following URIs are just examples. Be sure to include all of the domains / URLs that you will use to access Immich. :::
- Signing Key: authentik Self-signed Certificate
- Leave everything else as default
- Open the new provider you've just created.
- Make a note of the OpenID Configuration Issuer.
Immich configuration
Immich documentation can be found here: https://immich.app/docs/administration/oauth
- In Immich, navigate to Administration > Settings > OAuth Authentication
- Configure Immich as follows:
- Issuer URL: Populate this field with the
OpenID Configuration Issuer - Client ID: Enter your Client ID from authentik
- Client Secret: Enter your Client Secret from authentik
- Scope:
openid email profile
- Issuer URL: Populate this field with the