3f5effb1bc
* initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * minor fixes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use search-select Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fixup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ip with port being sent to delegated ip Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add radius tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io>
1.4 KiB
| title |
|---|
| Radius Provider |
:::info This feature is still in technical preview, so please report any Bugs you run into on GitHub :::
You can configure a Radius Provider for applications that don't support any other protocols or require Radius.
:::info Note: This provider requires the deployment of the Radius Outpost :::
Currently, only authentication requests are supported.
Authentication requests against the Radius Server use a flow in the background. This allows you to use the same policies and flows as you do for web-based logins.
The following stages are supported:
-
Note: Authenticator validation currently only supports DUO, TOTP and static authenticators.
For code-based authenticators, the code must be given as part of the bind password, separated by a semicolon. For example for the password
example-passwordand the code123456, the input must beexample-password;123456.SMS-based authenticators are not supported as they require a code to be sent from authentik, which is not possible during the bind.