authentik

authentik fork

authentication authentik authorization kubernetes oauth2 oauth2-client oauth2-server oidc oidc-client oidc-provider proxy reverse-proxy saml saml-idp saml-sp security sso

This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.

Go to file

Jens L e28babb0b8 core: Initial RBAC (#6806 ) * rename consent permission Signed-off-by: Jens Langhammer <jens@goauthentik.io> * the user version Signed-off-by: Jens Langhammer <jens@goauthentik.io> t Signed-off-by: Jens Langhammer <jens@goauthentik.io> * initial role Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start form Signed-off-by: Jens Langhammer <jens@goauthentik.io> * some minor table refactoring Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix user, add assign Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add roles ui Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix backend Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add assign API for roles Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding toggle buttons Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start view page Signed-off-by: Jens Langhammer <jens@goauthentik.io> * exclude add_ permission for per-object perms Signed-off-by: Jens Langhammer <jens@goauthentik.io> * small cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add permission list for roles Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make sidebar update Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix page header not re-rendering? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fixup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add search Signed-off-by: Jens Langhammer <jens@goauthentik.io> * show first category in table groupBy except when its empty Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make model and object PK optional but required together Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow for setting global perms Signed-off-by: Jens Langhammer <jens@goauthentik.io> * exclude non-authentik permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * exclude models which aren't allowed (base models etc) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ensure all models have verbose_name set, exclude some more internal objects Signed-off-by: Jens Langhammer <jens@goauthentik.io> * lint fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix role perm assign Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add unasign for global perms Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add meta changes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * clear modal state after submit Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add roles to our group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate url names Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make recursive group query more usable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add name field to role itself and move group creation to signal Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move rbac stuff to separate django app Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint and such Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix go Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start API changes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more API tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make admin interface not require superuser for now, improve error handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * replace some IsAdminUser where applicable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate flow inspector perms to actual permission Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix license not being a serializermodel Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add permission modal to models without view page Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add additional permissions to assign/unassign permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add action to unassign user permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add permissions tab to remaining view pages Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix flow inspector permission check Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix codecov config? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more API tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ensure viewsets have an order set Signed-off-by: Jens Langhammer <jens@goauthentik.io> * hopefully the last api name change Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make perm modal less confusing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start user view permission page Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only make delete bulk form expandable if usedBy is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> * expand permission tables Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add user global permission table Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests' url names Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests for assign perms Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add unassign tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rebuild permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * prevent assigning/unassigning permissions to internal service accounts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only enable default api browser in debug Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix role object permissions showing duplicate Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix role link on role object permissions table Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix object permission modal having duplicate close buttons Signed-off-by: Jens Langhammer <jens@goauthentik.io> * return error if user has no global perm and no object perms also improve error display on table Signed-off-by: Jens Langhammer <jens@goauthentik.io> * small optimisation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * optimise even more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add system permission for non-object permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow access to admin interface based on perm Signed-off-by: Jens Langhammer <jens@goauthentik.io> * clean Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't exclude base models Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>		2023-10-16 17:31:50 +02:00
.github	core: Initial RBAC (#6806 )	2023-10-16 17:31:50 +02:00
.vscode	root: migrate bootstrap to blueprints (#6433 )	2023-07-31 19:34:46 +02:00
authentik	core: Initial RBAC (#6806 )	2023-10-16 17:31:50 +02:00
blueprints	core: Initial RBAC (#6806 )	2023-10-16 17:31:50 +02:00
cmd	web/flows: bottom-align about text on flows page (#7051 )	2023-10-03 14:10:10 +02:00
internal	core: Initial RBAC (#6806 )	2023-10-16 17:31:50 +02:00
lifecycle	lifecycle: re-fix system migrations (#7185 )	2023-10-16 17:28:53 +02:00
locale	translate: Updates for file locale/en/LC_MESSAGES/django.po in de (#7151 )	2023-10-12 12:36:58 +02:00
schemas	providers: SCIM (#4835 )	2023-03-06 19:39:08 +01:00
scripts	providers/oauth2: fix id_token being saved incorrectly leading to lost claims (#6645 )	2023-08-28 00:51:48 +02:00
tests	web: bump the wdio group in /tests/wdio with 3 updates (#7180 )	2023-10-16 11:31:50 +02:00
web	core: Initial RBAC (#6806 )	2023-10-16 17:31:50 +02:00
website	website/docs: fix API OAuth token usage (#7159 )	2023-10-16 13:10:21 +02:00
.bumpversion.cfg	release: 2023.8.3	2023-09-11 18:55:08 +02:00
.dockerignore	root: don't exclude enterprise from container image (#6956 )	2023-09-22 16:22:16 +02:00
.editorconfig	website: codespell with custom dictionary and CI (#5062 )	2023-03-24 00:24:55 +01:00
.gitignore	root: Ignore the vendor folder (#7094 )	2023-10-06 17:50:46 +02:00
CODEOWNERS	web: bump the eslint group in /web with 1 update (#7039 )	2023-10-02 19:37:32 +02:00
CODE_OF_CONDUCT.md	root: rework and expand security policy	2022-11-28 12:10:53 +01:00
CONTRIBUTING.md	website/developer-docs: move contributing to dev docs index and link contributing file (#5554 )	2023-05-09 20:26:55 +02:00
Dockerfile	core: bump golang from 1.21.2-bookworm to 1.21.3-bookworm (#7142 )	2023-10-11 11:36:24 +02:00
LICENSE	enterprise: initial license (#5293 )	2023-04-19 16:13:45 +02:00
Makefile	core: Initial RBAC (#6806 )	2023-10-16 17:31:50 +02:00
README.md	root: remove outdated sponsorship section on readme (#6973 )	2023-09-25 16:38:50 +02:00
SECURITY.md	website: update 2023.8 release notes (#6666 )	2023-08-29 19:57:14 +02:00
docker-compose.yml	release: 2023.8.3	2023-09-11 18:55:08 +02:00
go.mod	core: bump golang.org/x/net from 0.16.0 to 0.17.0 (#7148 )	2023-10-12 11:26:52 +02:00
go.sum	core: bump golang.org/x/net from 0.16.0 to 0.17.0 (#7148 )	2023-10-12 11:26:52 +02:00
ldap.Dockerfile	core: bump golang from 1.21.2-bookworm to 1.21.3-bookworm (#7142 )	2023-10-11 11:36:24 +02:00
manage.py	root: update deprecation warnings	2022-11-25 11:47:28 +01:00
poetry.lock	core: bump sentry-sdk from 1.31.0 to 1.32.0 (#7150 )	2023-10-12 11:06:43 +02:00
proxy.Dockerfile	core: bump golang from 1.21.2-bookworm to 1.21.3-bookworm (#7142 )	2023-10-11 11:36:24 +02:00
pyproject.toml	Merge branch 'version-2023.8'	2023-09-11 22:04:23 +02:00
radius.Dockerfile	core: bump golang from 1.21.2-bookworm to 1.21.3-bookworm (#7142 )	2023-10-11 11:36:24 +02:00
schema.yml	core: Initial RBAC (#6806 )	2023-10-16 17:31:50 +02:00

README.md

authentik logo

What is authentik?

authentik is an open-source Identity Provider that emphasizes flexibility and versatility. It can be seamlessly integrated into existing environments to support new protocols. authentik is also a great solution for implementing sign-up, recovery, and other similar features in your application, saving you the hassle of dealing with them.

Installation

For small/test setups it is recommended to use Docker Compose; refer to the documentation.

For bigger setups, there is a Helm Chart here. This is documented here.

Screenshots

Light	Dark

Development

See Developer Documentation

Security

See SECURITY.md

Adoption and Contributions

Your organization uses authentik? We'd love to add your logo to the readme and our website! Email us @ hello@goauthentik.io or open a GitHub Issue/PR! For more information on how to contribute to authentik, please refer to our CONTRIBUTING.md file.