authenticationauthentikauthorizationkubernetesoauth2oauth2-clientoauth2-serveroidcoidc-clientoidc-providerproxyreverse-proxysamlsaml-idpsaml-spsecuritysso
860c85d012
Update Bookstack SAML settings Enabled AUTH_AUTO_INITIATE=true to reduce amount of clicks needed to proceed to Bookstack and give a propper SSO experience. If user is not logged in elsewhere already, authentik's login page will still be displayed. Edited SAML2_DISPLAY_NAME_ATTRIBUTES so it actually works. The previous "Name" entry is non-functional and does not parse. When this is the case, or the field is empty, usernames in Bookstack default to user's email address. Entries here need to be in line with Active Directory Federation Services' Role of Claims found here: https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/technical-reference/the-role-of-claims. Additionally, this will use the user's authentik username rather than real/full name. Enabled Group Sync by default for easier administration for sysadmins. SAML2_GROUP_ATTRIBUTE also needed to be in line with Active Directory Federation Services' Role of Claims Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com> Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com> |
||
---|---|---|
.github | ||
.vscode | ||
authentik | ||
blueprints | ||
cmd | ||
internal | ||
lifecycle | ||
locale | ||
scripts | ||
tests | ||
web | ||
website | ||
xml | ||
.bumpversion.cfg | ||
.dockerignore | ||
.editorconfig | ||
.gitignore | ||
CODE_OF_CONDUCT.md | ||
CONTRIBUTING.md | ||
Dockerfile | ||
LICENSE | ||
Makefile | ||
README.md | ||
SECURITY.md | ||
docker-compose.yml | ||
go.mod | ||
go.sum | ||
ldap.Dockerfile | ||
manage.py | ||
poetry.lock | ||
proxy.Dockerfile | ||
pyproject.toml | ||
schema.yml |
README.md
What is authentik?
authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols. authentik is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.
Installation
For small/test setups it is recommended to use docker-compose, see the documentation
For bigger setups, there is a Helm Chart here. This is documented here
Screenshots
Light | Dark |
---|---|
Development
Security
See SECURITY.md
Sponsors
This project is proudly sponsored by:
DigitalOcean provides development and testing resources for authentik.
Netlify hosts the goauthentik.io site.