diff --git a/website/integrations/services/rocketchat/index.md b/website/integrations/services/rocketchat/index.md new file mode 100644 index 000000000..7152ce321 --- /dev/null +++ b/website/integrations/services/rocketchat/index.md @@ -0,0 +1,141 @@ +--- +title: Rocket.chat +--- + +## What is Rocket.chat + +From https://github.com/RocketChat/Rocket.Chat + +:::note +Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript for organizations with high standards of data protection. It is licensed under the MIT License with some other licenses mixed in. See [Rocket.chat Git Hub](https://github.com/RocketChat/Rocket.Chat/blob/develop/LICENSE) for licensing information. +::: + +:::note +This is based on authentik 2022.3.1 and Rocket.chat 4.5.1 using the [Docker-Compose install](https://docs.rocket.chat/quick-start/installing-and-updating/rapid-deployment-methods/docker-and-docker-compose/docker-containers). Instructions may differ between versions. +::: + +## Preparation + +The following placeholders will be used: + +- `rocket.company` is the FQDN of Rocket.chat. +- `authentik.company` is the FQDN of authentik. + +### Step 1 + +In authentik, under _Providers_, create an _OAuth2/OpenID Provider_ with these settings: + +:::note +Only settings that have been modified from default have been listed. +::: + +**Protocol Settings** +- Name: RocketChat +- Client type: Confidential +- Client ID: Copy and Save this for Later +- Client Secret: Copy and Save this for later +- Redirect URIs/Origins: +``` +https://rocket.company/_oauth/authentik + +``` + +![](./rocketchat1.png) + +### Step 2 + +In authentik, under _Applications_, create a new application with these settings: + +**Application Settings** +- Name: Rocket.chat +- Slug: rocketchat +- Provider: RocketChat +- Launch URL: +``` +https://rocket.company/_oauth/authentik + +``` + +![](./rocketchat2.png) + +### Step 3 + +:::note +Only settings that have been modified from default have been listed. + +You may have different settings for some of the group and role mapping for advanced configurations. The settings below are the base settings to connect authentik and Rocket.chat. +::: + +In Rocket.chat, follow the procedure below: + +1. Log in as a System Administrator, click on your avatar, and choose _Administration_ + +2. Scroll down and click on _OAuth_ + +3. In the top right corner, click _Add custom oauth_ + +4. Give your new oauth the name of _Authenik_, then click _Send_ + +![](./rocketchat6.png) + +5. Scroll down to the new OAuth application, expand the dropdown, and enter the following settings: + - Enable: Turn the radio button to the _on_ position + - URL: https://authentik.company/application/o + - Token Path: /token/ + - Token Sent Via: Payload + - Identity Token Sent Via: Same as "Token Sent Via" + - Identity Path: /userinfo/ + - Authorize Path: /authorize/ + - Scope: email profile openid + - Param Name for access token: access_token + - Id: _THIS IS THE CLIENT ID YOU COPIED FROM STEP 1 in authentik_ + - Secret: _THIS IS THE CLIENT SECRET YOU COPIED FROM STEP 1 in authentik_ + - Login Style: Redirect + - Button Text: _Fill in with what you want the SSO button to say_ + - Button Text Color: _Hex Color for Text on the SSO login button_ + - Button Color: _Hex Color for the SSO login button_ + - Key Field: Username + - Username field: preferred_username + - Email field: email + - Name field: name + - Roles/Groups field name: groups + - Roles/Groups field for channel mapping: groups + - User Data Group Map: rocket.cat + - Merge users: Turn the radio button to the _on_ position + - Show Button on Login Page: Turn the radio button to the _on_ position + + ![](./rocketchat7.png) + + ![](./rocketchat8.png) + + ![](./rocketchat9.png) + + ![](./rocketchat10.png) + +6. Click _Save changes_ in the top right corner of the screen + + + +### Step 4 (Optional) + +:::note +By default, Rocket.chat will attempt to use two-factor authentication with any new user coming in to the system and allows users to change their information +::: + +**To disable changing user information and other options inside Rocket.chat:** + +Navigate to the _Accounts_ settings to change the following: + +- Allow Name Change: Off +- Allow Username Change: Off +- Allow Email Change: Off +- Allow Password Change for OAuth Users: Off + +**If you are using Two Factor authentication through authentik:** + +Navigate to the _Accounts_ settings, Scroll Down to Two Factor Authentication and turn off _Enable Two Factor Authentication_ + +**Registration Options** +Navigate to the _Accounts_ settings, Scroll Down to Registration and choose your [registration options](https://docs.rocket.chat/guides/administration/settings/account-settings#registration), such as: + +- Registration Form: Disabled diff --git a/website/integrations/services/rocketchat/rocketchat1.png b/website/integrations/services/rocketchat/rocketchat1.png new file mode 100644 index 000000000..181809812 Binary files /dev/null and b/website/integrations/services/rocketchat/rocketchat1.png differ diff --git a/website/integrations/services/rocketchat/rocketchat10.png b/website/integrations/services/rocketchat/rocketchat10.png new file mode 100644 index 000000000..cfad4c01d Binary files /dev/null and b/website/integrations/services/rocketchat/rocketchat10.png differ diff --git a/website/integrations/services/rocketchat/rocketchat2.png b/website/integrations/services/rocketchat/rocketchat2.png new file mode 100644 index 000000000..8df697cd4 Binary files /dev/null and b/website/integrations/services/rocketchat/rocketchat2.png differ diff --git a/website/integrations/services/rocketchat/rocketchat3.png b/website/integrations/services/rocketchat/rocketchat3.png new file mode 100644 index 000000000..66baaded0 Binary files /dev/null and b/website/integrations/services/rocketchat/rocketchat3.png differ diff --git a/website/integrations/services/rocketchat/rocketchat4.png b/website/integrations/services/rocketchat/rocketchat4.png new file mode 100644 index 000000000..5b3711b83 Binary files /dev/null and b/website/integrations/services/rocketchat/rocketchat4.png differ diff --git a/website/integrations/services/rocketchat/rocketchat5.png b/website/integrations/services/rocketchat/rocketchat5.png new file mode 100644 index 000000000..62dcc6462 Binary files /dev/null and b/website/integrations/services/rocketchat/rocketchat5.png differ diff --git a/website/integrations/services/rocketchat/rocketchat6.png b/website/integrations/services/rocketchat/rocketchat6.png new file mode 100644 index 000000000..19224bea7 Binary files /dev/null and b/website/integrations/services/rocketchat/rocketchat6.png differ diff --git a/website/integrations/services/rocketchat/rocketchat7.png b/website/integrations/services/rocketchat/rocketchat7.png new file mode 100644 index 000000000..80d675c33 Binary files /dev/null and b/website/integrations/services/rocketchat/rocketchat7.png differ diff --git a/website/integrations/services/rocketchat/rocketchat8.png b/website/integrations/services/rocketchat/rocketchat8.png new file mode 100644 index 000000000..8a7855c49 Binary files /dev/null and b/website/integrations/services/rocketchat/rocketchat8.png differ diff --git a/website/integrations/services/rocketchat/rocketchat9.png b/website/integrations/services/rocketchat/rocketchat9.png new file mode 100644 index 000000000..810b63227 Binary files /dev/null and b/website/integrations/services/rocketchat/rocketchat9.png differ diff --git a/website/sidebarsIntegrations.js b/website/sidebarsIntegrations.js index 9fa8a39e2..724a1b2ce 100644 --- a/website/sidebarsIntegrations.js +++ b/website/sidebarsIntegrations.js @@ -31,6 +31,7 @@ module.exports = { "services/powerdns-admin/index", "services/proxmox-ve/index", "services/rancher/index", + "services/rocketchat/index", "services/roundcube/index", "services/sentry/index", "services/sssd/index",