authenticationauthentikauthorizationkubernetesoauth2oauth2-clientoauth2-serveroidcoidc-clientoidc-providerproxyreverse-proxysamlsaml-idpsaml-spsecuritysso
80f4fccd35
* don't open inspector by default when debug is enabled Signed-off-by: Jens Langhammer <jens@goauthentik.io> * encode error in fragment when using hybrid grant_type Signed-off-by: Jens Langhammer <jens@goauthentik.io> * require nonce for all response_types that get an id_token from the authorization endpoint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't set empty family_name Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only set at_hash when response has token Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleaner way to get login time Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove authentication requirement from authentication flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use wrapper Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix auth_time not being handled correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * minor cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test files Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove USER_LOGIN_AUTHENTICATED Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework prompt=login handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also set last login uid for max_age check to prevent double login when max_age and prompt=login is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> |
||
---|---|---|
.github | ||
.vscode | ||
authentik | ||
blueprints | ||
cmd | ||
internal | ||
lifecycle | ||
locale | ||
scripts | ||
tests | ||
web | ||
website | ||
xml | ||
.bumpversion.cfg | ||
.dockerignore | ||
.editorconfig | ||
.gitignore | ||
CODE_OF_CONDUCT.md | ||
CONTRIBUTING.md | ||
docker-compose.yml | ||
Dockerfile | ||
go.mod | ||
go.sum | ||
ldap.Dockerfile | ||
LICENSE | ||
Makefile | ||
manage.py | ||
poetry.lock | ||
proxy.Dockerfile | ||
pyproject.toml | ||
README.md | ||
schema.yml | ||
SECURITY.md |
What is authentik?
authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols. authentik is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.
Installation
For small/test setups it is recommended to use docker-compose, see the documentation
For bigger setups, there is a Helm Chart here. This is documented here
Screenshots
Light | Dark |
---|---|
Development
Security
See SECURITY.md
Support
Your organization uses authentik? We'd love to add your logo to the readme and our website! Email us @ hello@goauthentik.io or open a GitHub Issue/PR!
Sponsors
This project is proudly sponsored by:
DigitalOcean provides development and testing resources for authentik.