website/docs: Troubleshooting Whitelist Email and Web-Dev Setup Docs (#6426)

* Whitelist email troubleshooting docs

* update preview website command

* Update website/docs/troubleshooting/whitelist_email.md

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>

* Update website/docs/troubleshooting/whitelist_email.md

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>

* Update website/docs/troubleshooting/whitelist_email.md

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>

* Update website/docs/troubleshooting/whitelist_email.md

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>

* Update website/docs/troubleshooting/whitelist_email.md

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>

* refactor policies section

* refactor policies section

---------

Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>
Co-authored-by: sandeepgadhiya <sandeep.gadhiya@turtlemint.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
This commit is contained in:
Sandeep Gadhiya 2023-08-09 20:36:41 +05:30 committed by GitHub
parent 1e6e99b5d3
commit 4693c50701
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 38 additions and 2 deletions

View file

@ -17,5 +17,5 @@ Depending on platform, some native dependencies might be required. On macOS, run
1. Clone the git repo from https://github.com/goauthentik/authentik
2. Run `make website-install` to install the website development dependencies
3. Run `website-watch` to start a development server to see and preview your changes
3. Run `make website-watch` to start a development server to see and preview your changes
4. Finally when you're about to commit your changes, run `make website` to run the linter and auto-formatter.

View file

@ -0,0 +1,23 @@
---
title: Whitelist email domains
---
To add specific email addresses to an allow list for signing in through SSO or directly with default policy customization,
follow these steps:
1. In the Admin interface, navigate to **Customization > Policies** and modify the default policy named `default-source-enrollment-if-sso`.
2. Add the following code snippet in the policy-specific settings under **Expression** and then click **Update**.
```python
allowed_domains = ["example.net", "example.com"]
current_domain =request.context["prompt_data"]["email"].split("@")[1]
if current_domain in allowed_domains:
email = request.context["prompt_data"]["email"]
request.context["prompt_data"]["username"] = email
return ak_is_sso_flow
else:
return ak_message("Access denied for this email domain")
```
This configuration specifies the `allowed_domains` list of domains for logging in through SSO, such as Google OAuth2. If your email is not in the available domains, you will receive a 'Permission Denied' message on the login screen.

View file

@ -183,7 +183,20 @@ module.exports = {
type: "doc",
id: "policies/index",
},
items: ["policies/expression"],
items: [
{
type: "category",
label: "Working with policies",
items: ["policies/working_with_policies/whitelist_email"],
link: {
type: "generated-index",
title: "Working with policies",
slug: "policies/working_with_policies",
description: "Overview of policies configuration",
},
},
"policies/expression",
],
},
{
type: "category",