Update Bookstack SAML settings
Enabled AUTH_AUTO_INITIATE=true to reduce amount of clicks needed to proceed to Bookstack and give a propper SSO experience. If user is not logged in elsewhere already, authentik's login page will still be displayed.
Edited SAML2_DISPLAY_NAME_ATTRIBUTES so it actually works. The previous "Name" entry is non-functional and does not parse. When this is the case, or the field is empty, usernames in Bookstack default to user's email address. Entries here need to be in line with Active Directory Federation Services' Role of Claims found here: https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/technical-reference/the-role-of-claims. Additionally, this will use the user's authentik username rather than real/full name.
Enabled Group Sync by default for easier administration for sysadmins. SAML2_GROUP_ATTRIBUTE also needed to be in line with Active Directory Federation Services' Role of Claims
Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>
Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>
* Add new integration application category for Dashboard and initialize organizr service template
* added images and additional info for organizr integration
* alphabetized application integration categories
* alphabetized integration federation and social login categories
* forgot to make website-lint-fix :/
* revert mention of organizr in generic setup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: improve Vikunja docs
- Added placeholder for name set in config.yml with example using uppercase letters and spaces, to show how the callback URL will be handled with said name
- Added note that local login can be disabled
- Reword restart note at bottom to sound more fluent
Signed-off-by: JJGadgets <git@jjgadgets.tech>
* website/docs: update Vikunja provider screenshot
* minor fixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: JJGadgets <git@jjgadgets.tech>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* Update index.mdx
Added user creation process in Guac
Added Signing Key as this was blocking usage on Production and Test Server
Signed-off-by: obxjames <james@myapollo.dev>
* reword changes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: obxjames <james@myapollo.dev>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* Add ArgoCD documentation
* fix naming and email verification configuration
* specify Slug field and update url to specify it has to match the slug value
* update preparation note
* minor consistency fixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* Cleared up confusion regarding portainer
Adding in a / at the end of the redirect url is crucial and failing to do so will cause a 'Redirect URL' error thrown in by authentik.
I also find it more clear to use 'portainer.company' instead of 'port.company'.
Signed-off-by: Matthieu B <66959271+mtthidoteu@users.noreply.github.com>
* fix lint
Signed-off-by: Matthieu B <66959271+mtthidoteu@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
I was stuck after setting up as the guide never actually mentions you need to make the change to your reverse proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
In the sample code, there was an extra training "}" in the localpart_template causing all usernames to be appended with "=7D" before the server designation, such as:
@[Username]=7D:[ServerName]
* add hashicorp vault
basic instructions for hashicorp vault
* removed auth0, updated redirect_uri's
removed auth0, updated redirect_uri's to include localhost
* Add hashicorp vault to app list
Add hashicorp-vault to the applications sidebar
* Update instructions
I've updated the steps to provide some clarity around certain areas that tripped me up as a newcomer to authentik trying to follow these instructions.
* Added Paperless
Added authentik instructions for Paperless-ng
* Moved to paperless-ng directory
* Minor update to remove redundant part
Removed example authentik.company as these instructions do not require referencing authentik host name directly.
* Added Paperless-ng
* Typo fix
* Formatting changes
Updated changes based on feedback
* Add documentation for roundcube webmail client
Includes required dovecot configuration snippet.
* added roundcube to sidebar links
* fixed typo
* clean up formatting
Tighten up extra info and match format to other integration documents
* fix roundcube wiki url display
Newer gitea versions now expose "additional OIDC mapping" to admin GUI.
The configuration file change required in previous versions can now be
done in the GUI.