diff --git a/website/docs/flow/flows.md b/website/docs/flow/flows.md index 8cc5ca84f..d5cad928f 100644 --- a/website/docs/flow/flows.md +++ b/website/docs/flow/flows.md @@ -1,5 +1,5 @@ --- -title: Flows +title: Overview --- Flows are a method of describing a sequence of stages. A stage represents a single verification or logic step. They are used to authenticate users, enroll them, and more. diff --git a/website/docs/integrations/sources/active-directory/index.md b/website/docs/integrations/sources/active-directory/index.md index 43dd89fb9..faa9087af 100644 --- a/website/docs/integrations/sources/active-directory/index.md +++ b/website/docs/integrations/sources/active-directory/index.md @@ -9,7 +9,7 @@ The following placeholders will be used: - `ad.company` is the Name of the Active Directory domain. - `authentik.company` is the FQDN of the authentik install. -## Active Directory Setup +## Active Directory setup 1. Open Active Directory Users and Computers @@ -34,7 +34,8 @@ The following placeholders will be used: Additional infos: https://support.microfocus.com/kb/doc.php?id=7023371 ## authentik Setup -In authentik, create a new LDAP Source in Administration -> Sources. + +In authentik, create a new LDAP Source in Resources -> Sources. Use these settings: diff --git a/website/docs/integrations/sources/apple/index.md b/website/docs/integrations/sources/apple/index.md index 8c6ecb44d..4e0e3ff3f 100644 --- a/website/docs/integrations/sources/apple/index.md +++ b/website/docs/integrations/sources/apple/index.md @@ -63,5 +63,5 @@ The following placeholders will be used: Save, and you now have Apple as a source. :::note -For more details on how-to have the new source display on the Login Page see the Sources page. +For more details on how-to have the new source display on the Login Page see [here](../index). ::: diff --git a/website/docs/integrations/sources/azure-ad/aad_01.png b/website/docs/integrations/sources/azure-ad/aad_01.png new file mode 100644 index 000000000..ae244b29c Binary files /dev/null and b/website/docs/integrations/sources/azure-ad/aad_01.png differ diff --git a/website/docs/integrations/sources/azure-ad/authentik_01.png b/website/docs/integrations/sources/azure-ad/authentik_01.png new file mode 100644 index 000000000..8815123bb Binary files /dev/null and b/website/docs/integrations/sources/azure-ad/authentik_01.png differ diff --git a/website/docs/integrations/sources/azure-ad/index.md b/website/docs/integrations/sources/azure-ad/index.md new file mode 100644 index 000000000..d9942b2bb --- /dev/null +++ b/website/docs/integrations/sources/azure-ad/index.md @@ -0,0 +1,48 @@ +--- +title: Azure AD +--- + +## Preparation + +The following placeholders will be used: + +- `authentik.company` is the FQDN of the authentik install. + +## Azure setup + +1. Navigate to [portal.azure.com](https://portal.azure.com), and open the *App registration* service +2. Register a new application + + Under *Supported account types*, select whichever account type applies to your use-case. + + ![](./aad_01.png) +3. Take note of the *Application (client) ID* value. + + If you selected *Single tenant* in the *Supported account types* prompt, also note the *Directory (tenant) ID* value. +4. Navigate to *Certificates & secrets* in the sidebar, and to the *Client secrets* tab. +5. Add a new secret, with an identifier of your choice, and select any expiration. Currently the secret in authentik has to be rotated manually or via API, so it is recommended to choose at least 12 months. +6. Note the secret's value in the *Value* column. + +## authentik Setup + +In authentik, create a new *Azure AD OAuth Source* in Resources -> Sources. + +Use the following settings: + +- Name: `Azure AD` +- Slug: `azure-ad` (this must match the URL being used above) +- Consumer key: `*Application (client) ID* value from above` +- Consumer secret: `*Value* of the secret from above` + +If you kept the default *Supported account types* selection of *Single tenant*, then you must change the URLs below as well: + +- Authorization URL: `https://login.microsoftonline.com/*Directory (tenant) ID* from above/oauth2/v2.0/authorize` +- Access token URL: `https://login.microsoftonline.com/*Directory (tenant) ID* from above/oauth2/v2.0/token` + +![](./authentik_01.png) + +Save, and you now have Azure AD as a source. + +:::note +For more details on how-to have the new source display on the Login Page see [here](../index). +::: diff --git a/website/docs/integrations/sources/discord/index.md b/website/docs/integrations/sources/discord/index.md index c119cc511..bd243417b 100644 --- a/website/docs/integrations/sources/discord/index.md +++ b/website/docs/integrations/sources/discord/index.md @@ -50,5 +50,5 @@ Here is an example of a complete authentik Discord OAuth Source Save, and you now have Discord as a source. :::note -For more details on how-to have the new source display on the Login Page see the Sources page +For more details on how-to have the new source display on the Login Page see [here](../index). ::: diff --git a/website/docs/integrations/sources/github/index.md b/website/docs/integrations/sources/github/index.md index 6e9d9d541..953d03411 100644 --- a/website/docs/integrations/sources/github/index.md +++ b/website/docs/integrations/sources/github/index.md @@ -56,5 +56,5 @@ Here is an example of a complete authentik Github OAuth Source Save, and you now have Github as a source. :::note -For more details on how-to have the new source display on the Login Page see the Sources page +For more details on how-to have the new source display on the Login Page see [here](../index). ::: diff --git a/website/docs/integrations/sources/google/index.md b/website/docs/integrations/sources/google/index.md index 69d517b12..156c99236 100644 --- a/website/docs/integrations/sources/google/index.md +++ b/website/docs/integrations/sources/google/index.md @@ -79,5 +79,5 @@ Here is an example of a complete authentik Google OAuth Source Save, and you now have Google as a source. :::note -For more details on how-to have the new source display on the Login Page see the Sources page +For more details on how-to have the new source display on the Login Page see [here](../index). ::: diff --git a/website/docs/integrations/sources/index.md b/website/docs/integrations/sources/index.md index 5721fe2a2..22a7d2394 100644 --- a/website/docs/integrations/sources/index.md +++ b/website/docs/integrations/sources/index.md @@ -1,5 +1,5 @@ --- -title: Sources +title: Overview --- Sources allow you to connect authentik to an existing user directory. They can also be used for social logins, using external providers such as Facebook, Twitter, etc. @@ -8,7 +8,7 @@ Sources allow you to connect authentik to an existing user directory. They can a To have sources show on the default login screen you will need to add them. This is assuming you have not created or renamed the default stages and flows. 1. Access the **Flows** section -2. Click on **default-authentication-flow** +2. Click on **default-authentication-flow** 3. Click the **Stage Bindings** tab 4. Chose **Edit Stage** for the _default-authentication-identification_ stage 5. Under **Sources** you should see the additional sources you have configured. Click all applicable sources to have them displayed on the Login Page diff --git a/website/docs/outposts/outposts.md b/website/docs/outposts/outposts.md index ebcc03bb4..74dc51f9e 100644 --- a/website/docs/outposts/outposts.md +++ b/website/docs/outposts/outposts.md @@ -1,5 +1,5 @@ --- -title: Outposts +title: Overview --- An outpost is a single deployment of a authentik component, which can be deployed in a completely separate environment. Currently, Proxy Provider and LDAP are supported as outposts. diff --git a/website/docs/policies/index.md b/website/docs/policies/index.md index 46e751aa6..c3807a32b 100644 --- a/website/docs/policies/index.md +++ b/website/docs/policies/index.md @@ -1,5 +1,5 @@ --- -title: Policies +title: Overview --- ## Event-matcher policy diff --git a/website/docs/property-mappings/index.md b/website/docs/property-mappings/index.md index 3ad6bceb4..61da532bb 100644 --- a/website/docs/property-mappings/index.md +++ b/website/docs/property-mappings/index.md @@ -1,5 +1,5 @@ --- -title: Property Mappings +title: Overview --- Property Mappings allow you to pass information to external applications. For example, pass the current user's groups as a SAML parameter. Property Mappings are also used to map Source fields to authentik fields, for example when using LDAP. diff --git a/website/docs/providers/proxy/proxy.md b/website/docs/providers/proxy/proxy.md index f668bae7a..725cfe077 100644 --- a/website/docs/providers/proxy/proxy.md +++ b/website/docs/providers/proxy/proxy.md @@ -1,5 +1,5 @@ --- -title: Proxy provider +title: Overview --- The proxy outpost sets the following headers: diff --git a/website/sidebars.js b/website/sidebars.js index fae4bc5bf..e76c78031 100644 --- a/website/sidebars.js +++ b/website/sidebars.js @@ -36,7 +36,7 @@ module.exports = { "providers/saml", { type: "category", - label: "Proxy", + label: "Proxy Provider", items: [ "providers/proxy/proxy", "providers/proxy/forward_auth", @@ -71,8 +71,9 @@ module.exports = { label: "as Source", items: [ "integrations/sources/index", - "integrations/sources/apple/index", "integrations/sources/active-directory/index", + "integrations/sources/apple/index", + "integrations/sources/azure-ad/index", "integrations/sources/discord/index", "integrations/sources/freeipa/index", "integrations/sources/github/index",