website/docs: Troubleshooting Whitelist Email and Web-Dev Setup Docs (#6426)
* Whitelist email troubleshooting docs * update preview website command * Update website/docs/troubleshooting/whitelist_email.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com> * Update website/docs/troubleshooting/whitelist_email.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com> * Update website/docs/troubleshooting/whitelist_email.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com> * Update website/docs/troubleshooting/whitelist_email.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com> * Update website/docs/troubleshooting/whitelist_email.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com> * refactor policies section * refactor policies section --------- Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com> Co-authored-by: sandeepgadhiya <sandeep.gadhiya@turtlemint.com> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
This commit is contained in:
parent
1e6e99b5d3
commit
4693c50701
|
@ -17,5 +17,5 @@ Depending on platform, some native dependencies might be required. On macOS, run
|
|||
|
||||
1. Clone the git repo from https://github.com/goauthentik/authentik
|
||||
2. Run `make website-install` to install the website development dependencies
|
||||
3. Run `website-watch` to start a development server to see and preview your changes
|
||||
3. Run `make website-watch` to start a development server to see and preview your changes
|
||||
4. Finally when you're about to commit your changes, run `make website` to run the linter and auto-formatter.
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
title: Whitelist email domains
|
||||
---
|
||||
|
||||
To add specific email addresses to an allow list for signing in through SSO or directly with default policy customization,
|
||||
follow these steps:
|
||||
|
||||
1. In the Admin interface, navigate to **Customization > Policies** and modify the default policy named `default-source-enrollment-if-sso`.
|
||||
|
||||
2. Add the following code snippet in the policy-specific settings under **Expression** and then click **Update**.
|
||||
|
||||
```python
|
||||
allowed_domains = ["example.net", "example.com"]
|
||||
current_domain =request.context["prompt_data"]["email"].split("@")[1]
|
||||
if current_domain in allowed_domains:
|
||||
email = request.context["prompt_data"]["email"]
|
||||
request.context["prompt_data"]["username"] = email
|
||||
return ak_is_sso_flow
|
||||
else:
|
||||
return ak_message("Access denied for this email domain")
|
||||
```
|
||||
|
||||
This configuration specifies the `allowed_domains` list of domains for logging in through SSO, such as Google OAuth2. If your email is not in the available domains, you will receive a 'Permission Denied' message on the login screen.
|
|
@ -183,7 +183,20 @@ module.exports = {
|
|||
type: "doc",
|
||||
id: "policies/index",
|
||||
},
|
||||
items: ["policies/expression"],
|
||||
items: [
|
||||
{
|
||||
type: "category",
|
||||
label: "Working with policies",
|
||||
items: ["policies/working_with_policies/whitelist_email"],
|
||||
link: {
|
||||
type: "generated-index",
|
||||
title: "Working with policies",
|
||||
slug: "policies/working_with_policies",
|
||||
description: "Overview of policies configuration",
|
||||
},
|
||||
},
|
||||
"policies/expression",
|
||||
],
|
||||
},
|
||||
{
|
||||
type: "category",
|
||||
|
|
Reference in a new issue