From a0e451c5e5b874b47399f16cd64c4c5c0ba4bb5b Mon Sep 17 00:00:00 2001 From: Neriderc <89974636+Neriderc@users.noreply.github.com> Date: Thu, 3 Feb 2022 22:15:57 +0000 Subject: [PATCH] website/integrations: clarify some steps Nextcloud SAML (#2222) I've updated the steps to provide some clarity around certain areas that tripped me up as a newcomer to authentik trying to follow these instructions. --- website/integrations/services/nextcloud/index.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/website/integrations/services/nextcloud/index.md b/website/integrations/services/nextcloud/index.md index e5123f61b..95fb28748 100644 --- a/website/integrations/services/nextcloud/index.md +++ b/website/integrations/services/nextcloud/index.md @@ -25,13 +25,13 @@ The following placeholders will be used: - `nextcloud.company` is the FQDN of the NextCloud install. - `authentik.company` is the FQDN of the authentik install. -Create an application in authentik and note the slug, as this will be used later. Create a SAML provider with the following parameters: +Create an application in authentik and note the slug you choose, as this will be used later. In the Admin Interface, go to Applications->Providers. Create a SAML provider with the following parameters: - ACS URL: `https://nextcloud.company/apps/user_saml/saml/acs` - Issuer: `https://authentik.company` - Service Provider Binding: `Post` - Audience: `https://nextcloud.company/apps/user_saml/saml/metadata` -- Signing Keypair: Select any certificate you have. +- Signing certificate: Select any certificate you have. - Property mappings: Select all Managed mappings. You can of course use a custom signing certificate, and adjust durations. @@ -55,6 +55,8 @@ Under Attribute mapping, set these values: - Attribute to map the email address to.: `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` - Attribute to map the users groups to.: `http://schemas.xmlsoap.org/claims/Group` +You should now be able to log in with authentik. + :::note If Nextcloud is behind a reverse proxy you may need to force Nextcloud to use HTTPS. To do this you will need to add the line `'overwriteprotocol' => 'https'` to `config.php` in the Nextcloud `config\config.php` file