This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/docs/integrations/services/wekan/index.mdx
Ernie 8962081d92
website/docs: add wekan (#1032)
* Create index.mdx

Add Wekan example

* updated to include wekan entry
2021-06-16 23:08:58 +02:00

81 lines
2.3 KiB
Plaintext

---
title: Wekan
---
## What is Wekan
From https://github.com/wekan/wekan/wiki
:::note
Wekan is an open-source kanban board which allows a card-based task and to-do management.
:::
## Preparation
The following placeholders will be used:
- `wekan.company` is the FQDN of the wekan install.
- `authentik.company` is the FQDN of the authentik install.
Create an application in authentik. Create an OAuth2/OpenID provider with the following parameters:
- Client Type: `Confidential`
- JWT Algorithm: `RS256`
- Scopes: OpenID, Email and Profile
- RSA Key: Select any available key
- Redirect URIs: `https://wekan.company/_oauth/oidc`
Note the Client ID and Client Secret values. Create an application, using the provider you've created above. Note the slug of the application you've created.
## Wekan
import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
<Tabs
defaultValue="docker"
values={[
{label: 'Docker', value: 'docker'},
{label: 'Standalone', value: 'standalone'},
]}>
<TabItem value="docker">
If your Wekan is running in docker, add the following environment variables for Authentik
```yaml
environment:
OAUTH2_ENABLED=true
OAUTH2_LOGIN_STYLE=redirect
OAUTH2_CLIENT_ID=<Client ID from above>
OAUTH2_SERVER_URL=https://authentik.company
OAUTH2_AUTH_ENDPOINT=/application/o/authorize/
OAUTH2_USERINFO_ENDPOINT=/application/o/userinfo/
OAUTH2_TOKEN_ENDPOINT=/application/o/token/
OAUTH2_SECRET=<Client Secret from above>
OAUTH2_ID_MAP=preferred_username
OAUTH2_USERNAME_MAP=preferred_username
OAUTH2_FULLNAME_MAP=given_name
OAUTH2_EMAIL_MAP=email
```
</TabItem>
<TabItem value="standalone">
edit `.env` and add the following:
```ini
# Authentik OAUTH Config
OAUTH2_ENABLED='true'
OAUTH2_LOGIN_STYLE='redirect'
OAUTH2_CLIENT_ID='<Client ID from above>'
OAUTH2_SERVER_URL='https://authentik.company'
OAUTH2_AUTH_ENDPOINT='/application/o/authorize/'
OAUTH2_USERINFO_ENDPOINT='/application/o/userinfo/'
OAUTH2_TOKEN_ENDPOINT='/application/o/token/'
OAUTH2_SECRET='<Client Secret from above>'
OAUTH2_ID_MAP='preferred_username'
OAUTH2_USERNAME_MAP='preferred_username'
OAUTH2_FULLNAME_MAP='given_name'
OAUTH2_EMAIL_MAP='email'
```
</TabItem>
</Tabs>