trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

website/integrations: Add danger annotation for using username as Nextcloud UID (#4667) 

* Add danger annotation for using username as Nextcloud UID

* fix lint
This commit is contained in:
sdimovv 2023-02-12 13:13:32 +00:00 committed by GitHub
parent c5870fcab2
commit e490d25791
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
website/integrations/services/nextcloud/index.md
View File

@ -49,6 +49,9 @@ In Nextcloud, ensure that the `SSO & SAML Authentication` app is installed. Navi
Set the following values:
- Attribute to map the UID to: `http://schemas.goauthentik.io/2021/02/saml/uid`
:::danger
Nextcloud uses the UID attribute as username. However, mapping it to authentik usernames is **not recommended** due to their mutable nature. This can lead to security issues such as user impersonation. If you still wish to map the UID to an username, [disable username changing](../../../docs/installation/configuration#authentik_default_user_change_username) in authentik and set the UID attribute to "http://schemas.goauthentik.io/2021/02/saml/username".
:::
- Optional display name of the identity provider (default: "SSO & SAML log in"): `authentik`
- Identifier of the IdP entity (must be a URI): `https://authentik.company`
- URL Target of the IdP where the SP will send the Authentication Request Message: `https://authentik.company/application/saml/<application-slug>/sso/binding/redirect/`