* website/integrations: Update discord integration expression error handling
As per discussion in https://github.com/goauthentik/authentik/pull/5701 after merge, we could do with handling the case where the user is not in the guild being queried!
Signed-off-by: Aterfax <Aterfax@users.noreply.github.com>
* Correct lowercase f in False.
Signed-off-by: Aterfax <Aterfax@users.noreply.github.com>
* Update website/integrations/sources/discord/index.md
Co-authored-by: Jens L. <jens@beryju.org>
Signed-off-by: Aterfax <Aterfax@users.noreply.github.com>
---------
Signed-off-by: Aterfax <Aterfax@users.noreply.github.com>
Co-authored-by: Jens L. <jens@beryju.org>
* Update Discord OAuth instructions - index.md
Adds two sections to this document describing how the required expression policies needed to check users are a member of a certain guild or a member of a certain guild with a certain role.
Signed-off-by: Aterfax <Aterfax@users.noreply.github.com>
* Linting and styleguide amendments.
* Remove spurious empty lines.
* Add an extra line to space comments out.
* Moved warning in wrong place.
* Apply suggestions from code review
Refactor as per BeryJu's suggestions.
Co-authored-by: Jens L. <jens@beryju.org>
Signed-off-by: Aterfax <Aterfax@users.noreply.github.com>
---------
Signed-off-by: Aterfax <Aterfax@users.noreply.github.com>
Co-authored-by: Jens L. <jens@beryju.org>
* Updated AWS Integration docs
Updated the AWS Integration docs to match the new IAM Centre's method.
This includes SCIM.
Signed-off-by: Sem <86064734+justSem@users.noreply.github.com>
* website/docs: Updated AWS Docs
* website/docs: AWS - Updated AWS docs to allow for both methods
* format, cleanup mapping, follow guidelines
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Looks good to me!
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sem <86064734+justSem@users.noreply.github.com>
* final formatting pass
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Sem <86064734+justSem@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
* website/integrations: add detail to MinIO docs
Add more information and reference links for the Scope Mapping, to clarify how it's used.
Also update to reflect that MinIO seems to require a Confidential client type now.
Signed-off-by: Braxton Schafer <braxton@cmdcentral.xyz>
* fix lint and move
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Braxton Schafer <braxton@cmdcentral.xyz>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* Automatic sign-in to HedgeDoc
Following the HedgeDoc guides, if you clicks on a HedgeDoc application,
you then still have to click “Sign-in” and “Sign in via authentik” to
actually get signed in.
This patch suggests adding a launch URL to the application which will
cause users to automatically get signed in.
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Changes to reverse proxy information for grafana
Changed to remove the port at the end of the domain for root_url, if grafana is behind a reverse proxy and is reachable at its ip or at https://grafana.company it would not than be accessible by that port.
Until the root_url was changed in grafana.ini to https://grafana.company/ gives the following error The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri).
This was tested using:
authentik 2023.3.0
grafana 9.3.6
nginx proxy manager 2.9.19
Signed-off-by: SiskoUrso <91812199+SiskoUrso@users.noreply.github.com>
* Update index.md
Removed need to enable ExtendedQuery, changed format of Authentication Containers to use semi-colons per note in pfSense, and added setting for Group member attribute (to allow users to not have to create pfsense users individually)
Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>
* Update index.md
Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>
* Update index.md
Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>
* revert Authentication containers
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* Update Wiki.JS documentation
updated based on UI changes in latest Authentik version
under providers, removed settings that are now the default. default Subject Mode also works instead of changing to based on username.
under self registration note, updated to reflect that emails must match instead of usernames, tested with latest wikijs and authentik
* fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
Update Bookstack SAML settings
Enabled AUTH_AUTO_INITIATE=true to reduce amount of clicks needed to proceed to Bookstack and give a propper SSO experience. If user is not logged in elsewhere already, authentik's login page will still be displayed.
Edited SAML2_DISPLAY_NAME_ATTRIBUTES so it actually works. The previous "Name" entry is non-functional and does not parse. When this is the case, or the field is empty, usernames in Bookstack default to user's email address. Entries here need to be in line with Active Directory Federation Services' Role of Claims found here: https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/technical-reference/the-role-of-claims. Additionally, this will use the user's authentik username rather than real/full name.
Enabled Group Sync by default for easier administration for sysadmins. SAML2_GROUP_ATTRIBUTE also needed to be in line with Active Directory Federation Services' Role of Claims
Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>
Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>
Aterfax
David Davtian
Sem
xaver
Jens L
Denis Arnst
cmellwig
Lázaro Blanc
Aaron
Braxton Schafer
Tealk
Lars Kiesow
Zakaria aourzag
SiskoUrso
Nate Brady
kolaente
sdimovv
barrelltitor
Antoine
bjk525
Abdullah Alhazmy
Zakaria aourzag
Oliver Møller
Jens L
Skyler Mäntysaari
jonah
NWHirschfeld
IrwenXYZ
flaktrooper
Nils K
Avsynthe