providers/ldap: add LDAP provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
2f3bf5efe7
commit
f89479caf3
|
@ -47,6 +47,7 @@ from authentik.policies.reputation.api import (
|
|||
ReputationPolicyViewSet,
|
||||
UserReputationViewSet,
|
||||
)
|
||||
from authentik.providers.ldap.api import LDAPOutpostConfigViewSet, LDAPProviderViewSet
|
||||
from authentik.providers.oauth2.api.provider import OAuth2ProviderViewSet
|
||||
from authentik.providers.oauth2.api.scope import ScopeMappingViewSet
|
||||
from authentik.providers.oauth2.api.tokens import (
|
||||
|
@ -120,6 +121,7 @@ router.register(
|
|||
"outposts/service_connections/kubernetes", KubernetesServiceConnectionViewSet
|
||||
)
|
||||
router.register("outposts/proxy", ProxyOutpostConfigViewSet)
|
||||
router.register("outposts/ldap", LDAPOutpostConfigViewSet)
|
||||
|
||||
router.register("flows/instances", FlowViewSet)
|
||||
router.register("flows/bindings", FlowStageBindingViewSet)
|
||||
|
@ -149,6 +151,7 @@ router.register("policies/reputation/ips", IPReputationViewSet)
|
|||
router.register("policies/reputation", ReputationPolicyViewSet)
|
||||
|
||||
router.register("providers/all", ProviderViewSet)
|
||||
router.register("providers/ldap", LDAPProviderViewSet)
|
||||
router.register("providers/proxy", ProxyProviderViewSet)
|
||||
router.register("providers/oauth2", OAuth2ProviderViewSet)
|
||||
router.register("providers/saml", SAMLProviderViewSet)
|
||||
|
|
20
authentik/outposts/migrations/0016_alter_outpost_type.py
Normal file
20
authentik/outposts/migrations/0016_alter_outpost_type.py
Normal file
|
@ -0,0 +1,20 @@
|
|||
# Generated by Django 3.2 on 2021-04-26 09:27
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
("authentik_outposts", "0015_auto_20201224_1206"),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterField(
|
||||
model_name="outpost",
|
||||
name="type",
|
||||
field=models.TextField(
|
||||
choices=[("proxy", "Proxy"), ("ldap", "Ldap")], default="proxy"
|
||||
),
|
||||
),
|
||||
]
|
|
@ -0,0 +1,84 @@
|
|||
# Generated by Django 3.2 on 2021-04-26 09:27
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
("authentik_policies_event_matcher", "0012_auto_20210323_1339"),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterField(
|
||||
model_name="eventmatcherpolicy",
|
||||
name="app",
|
||||
field=models.TextField(
|
||||
blank=True,
|
||||
choices=[
|
||||
("authentik.admin", "authentik Admin"),
|
||||
("authentik.api", "authentik API"),
|
||||
("authentik.events", "authentik Events"),
|
||||
("authentik.crypto", "authentik Crypto"),
|
||||
("authentik.flows", "authentik Flows"),
|
||||
("authentik.outposts", "authentik Outpost"),
|
||||
("authentik.lib", "authentik lib"),
|
||||
("authentik.policies", "authentik Policies"),
|
||||
("authentik.policies.dummy", "authentik Policies.Dummy"),
|
||||
(
|
||||
"authentik.policies.event_matcher",
|
||||
"authentik Policies.Event Matcher",
|
||||
),
|
||||
("authentik.policies.expiry", "authentik Policies.Expiry"),
|
||||
("authentik.policies.expression", "authentik Policies.Expression"),
|
||||
("authentik.policies.hibp", "authentik Policies.HaveIBeenPwned"),
|
||||
("authentik.policies.password", "authentik Policies.Password"),
|
||||
("authentik.policies.reputation", "authentik Policies.Reputation"),
|
||||
("authentik.providers.proxy", "authentik Providers.Proxy"),
|
||||
("authentik.providers.ldap", "authentik Providers.LDAP"),
|
||||
("authentik.providers.oauth2", "authentik Providers.OAuth2"),
|
||||
("authentik.providers.saml", "authentik Providers.SAML"),
|
||||
("authentik.recovery", "authentik Recovery"),
|
||||
("authentik.sources.ldap", "authentik Sources.LDAP"),
|
||||
("authentik.sources.oauth", "authentik Sources.OAuth"),
|
||||
("authentik.sources.saml", "authentik Sources.SAML"),
|
||||
(
|
||||
"authentik.stages.authenticator_static",
|
||||
"authentik Stages.Authenticator.Static",
|
||||
),
|
||||
(
|
||||
"authentik.stages.authenticator_totp",
|
||||
"authentik Stages.Authenticator.TOTP",
|
||||
),
|
||||
(
|
||||
"authentik.stages.authenticator_validate",
|
||||
"authentik Stages.Authenticator.Validate",
|
||||
),
|
||||
(
|
||||
"authentik.stages.authenticator_webauthn",
|
||||
"authentik Stages.Authenticator.WebAuthn",
|
||||
),
|
||||
("authentik.stages.captcha", "authentik Stages.Captcha"),
|
||||
("authentik.stages.consent", "authentik Stages.Consent"),
|
||||
("authentik.stages.deny", "authentik Stages.Deny"),
|
||||
("authentik.stages.dummy", "authentik Stages.Dummy"),
|
||||
("authentik.stages.email", "authentik Stages.Email"),
|
||||
(
|
||||
"authentik.stages.identification",
|
||||
"authentik Stages.Identification",
|
||||
),
|
||||
("authentik.stages.invitation", "authentik Stages.User Invitation"),
|
||||
("authentik.stages.password", "authentik Stages.Password"),
|
||||
("authentik.stages.prompt", "authentik Stages.Prompt"),
|
||||
("authentik.stages.user_delete", "authentik Stages.User Delete"),
|
||||
("authentik.stages.user_login", "authentik Stages.User Login"),
|
||||
("authentik.stages.user_logout", "authentik Stages.User Logout"),
|
||||
("authentik.stages.user_write", "authentik Stages.User Write"),
|
||||
("authentik.core", "authentik Core"),
|
||||
("authentik.managed", "authentik Managed"),
|
||||
],
|
||||
default="",
|
||||
help_text="Match events created by selected application. When left empty, all applications are matched.",
|
||||
),
|
||||
),
|
||||
]
|
0
authentik/providers/ldap/__init__.py
Normal file
0
authentik/providers/ldap/__init__.py
Normal file
47
authentik/providers/ldap/api.py
Normal file
47
authentik/providers/ldap/api.py
Normal file
|
@ -0,0 +1,47 @@
|
|||
"""LDAPProvider API Views"""
|
||||
from rest_framework.fields import CharField
|
||||
from rest_framework.serializers import ModelSerializer
|
||||
from rest_framework.viewsets import ModelViewSet, ReadOnlyModelViewSet
|
||||
|
||||
from authentik.core.api.providers import ProviderSerializer
|
||||
from authentik.providers.ldap.models import LDAPProvider
|
||||
|
||||
|
||||
class LDAPProviderSerializer(ProviderSerializer):
|
||||
"""LDAPProvider Serializer"""
|
||||
|
||||
class Meta:
|
||||
|
||||
model = LDAPProvider
|
||||
fields = ProviderSerializer.Meta.fields + [
|
||||
"bind_flow",
|
||||
"base_dn",
|
||||
]
|
||||
|
||||
|
||||
class LDAPProviderViewSet(ModelViewSet):
|
||||
"""LDAPProvider Viewset"""
|
||||
|
||||
queryset = LDAPProvider.objects.all()
|
||||
serializer_class = LDAPProviderSerializer
|
||||
ordering = ["name"]
|
||||
|
||||
|
||||
class LDAPOutpostConfigSerializer(ModelSerializer):
|
||||
"""LDAPProvider Serializer"""
|
||||
|
||||
application_slug = CharField(source="application.slug")
|
||||
bind_flow_slug = CharField(source="bind_flow.slug")
|
||||
|
||||
class Meta:
|
||||
|
||||
model = LDAPProvider
|
||||
fields = ["pk", "name", "base_dn", "bind_flow_slug", "application_slug"]
|
||||
|
||||
|
||||
class LDAPOutpostConfigViewSet(ReadOnlyModelViewSet):
|
||||
"""LDAPProvider Viewset"""
|
||||
|
||||
queryset = LDAPProvider.objects.filter(application__isnull=False)
|
||||
serializer_class = LDAPOutpostConfigSerializer
|
||||
ordering = ["name"]
|
10
authentik/providers/ldap/apps.py
Normal file
10
authentik/providers/ldap/apps.py
Normal file
|
@ -0,0 +1,10 @@
|
|||
"""authentik ldap provider app config"""
|
||||
from django.apps import AppConfig
|
||||
|
||||
|
||||
class AuthentikProviderLDAPConfig(AppConfig):
|
||||
"""authentik ldap provider app config"""
|
||||
|
||||
name = "authentik.providers.ldap"
|
||||
label = "authentik_providers_ldap"
|
||||
verbose_name = "authentik Providers.LDAP"
|
55
authentik/providers/ldap/migrations/0001_initial.py
Normal file
55
authentik/providers/ldap/migrations/0001_initial.py
Normal file
|
@ -0,0 +1,55 @@
|
|||
# Generated by Django 3.2 on 2021-04-26 09:51
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
("authentik_core", "0019_source_managed"),
|
||||
("authentik_flows", "0018_oob_flows"),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name="LDAPProvider",
|
||||
fields=[
|
||||
(
|
||||
"provider_ptr",
|
||||
models.OneToOneField(
|
||||
auto_created=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
parent_link=True,
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
to="authentik_core.provider",
|
||||
),
|
||||
),
|
||||
(
|
||||
"base_dn",
|
||||
models.TextField(
|
||||
default="DC=ldap,DC=goauthentik,DC=io",
|
||||
help_text="DN under which objects are accessible.",
|
||||
),
|
||||
),
|
||||
(
|
||||
"bind_flow",
|
||||
models.ForeignKey(
|
||||
default=None,
|
||||
help_text="Flow which is used to bind users. When left empty, no users will be able to bind.",
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.SET_DEFAULT,
|
||||
to="authentik_flows.flow",
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
"verbose_name": "LDAP Provider",
|
||||
"verbose_name_plural": "LDAP Providers",
|
||||
},
|
||||
bases=("authentik_core.provider",),
|
||||
),
|
||||
]
|
0
authentik/providers/ldap/migrations/__init__.py
Normal file
0
authentik/providers/ldap/migrations/__init__.py
Normal file
51
authentik/providers/ldap/models.py
Normal file
51
authentik/providers/ldap/models.py
Normal file
|
@ -0,0 +1,51 @@
|
|||
"""LDAP Provider"""
|
||||
from typing import Optional, Type
|
||||
|
||||
from django.db import models
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from rest_framework.serializers import Serializer
|
||||
|
||||
from authentik.core.models import Provider
|
||||
from authentik.flows.models import Flow
|
||||
|
||||
|
||||
class LDAPProvider(Provider):
|
||||
"""LDAP Provider"""
|
||||
|
||||
base_dn = models.TextField(
|
||||
default="DC=ldap,DC=goauthentik,DC=io",
|
||||
help_text=_("DN under which objects are accessible."),
|
||||
)
|
||||
|
||||
bind_flow = models.ForeignKey(
|
||||
Flow,
|
||||
null=True,
|
||||
default=None,
|
||||
on_delete=models.SET_DEFAULT,
|
||||
help_text=_(
|
||||
"Flow which is used to bind users. When left empty, no users will be able to bind."
|
||||
),
|
||||
)
|
||||
|
||||
@property
|
||||
def launch_url(self) -> Optional[str]:
|
||||
"""LDAP never has a launch URL"""
|
||||
return None
|
||||
|
||||
@property
|
||||
def component(self) -> str:
|
||||
return "ak-provider-ldap-form"
|
||||
|
||||
@property
|
||||
def serializer(self) -> Type[Serializer]:
|
||||
from authentik.providers.oauth2.api.provider import OAuth2ProviderSerializer
|
||||
|
||||
return OAuth2ProviderSerializer
|
||||
|
||||
def __str__(self):
|
||||
return f"LDAP Provider {self.name}"
|
||||
|
||||
class Meta:
|
||||
|
||||
verbose_name = _("LDAP Provider")
|
||||
verbose_name_plural = _("LDAP Providers")
|
|
@ -1,11 +1,11 @@
|
|||
"""authentik auth oauth provider app config"""
|
||||
"""authentik oauth provider app config"""
|
||||
from importlib import import_module
|
||||
|
||||
from django.apps import AppConfig
|
||||
|
||||
|
||||
class AuthentikProviderOAuth2Config(AppConfig):
|
||||
"""authentik auth oauth provider app config"""
|
||||
"""authentik oauth provider app config"""
|
||||
|
||||
name = "authentik.providers.oauth2"
|
||||
label = "authentik_providers_oauth2"
|
||||
|
|
|
@ -102,6 +102,7 @@ INSTALLED_APPS = [
|
|||
"authentik.policies.password",
|
||||
"authentik.policies.reputation",
|
||||
"authentik.providers.proxy",
|
||||
"authentik.providers.ldap",
|
||||
"authentik.providers.oauth2",
|
||||
"authentik.providers.saml",
|
||||
"authentik.recovery",
|
||||
|
|
380
swagger.yaml
380
swagger.yaml
|
@ -4671,6 +4671,103 @@ paths:
|
|||
required: true
|
||||
type: string
|
||||
format: uuid
|
||||
/outposts/ldap/:
|
||||
get:
|
||||
operationId: outposts_ldap_list
|
||||
description: LDAPProvider Viewset
|
||||
parameters:
|
||||
- name: ordering
|
||||
in: query
|
||||
description: Which field to use when ordering the results.
|
||||
required: false
|
||||
type: string
|
||||
- name: search
|
||||
in: query
|
||||
description: A search term.
|
||||
required: false
|
||||
type: string
|
||||
- name: page
|
||||
in: query
|
||||
description: Page Index
|
||||
required: false
|
||||
type: integer
|
||||
- name: page_size
|
||||
in: query
|
||||
description: Page Size
|
||||
required: false
|
||||
type: integer
|
||||
responses:
|
||||
'200':
|
||||
description: ''
|
||||
schema:
|
||||
required:
|
||||
- results
|
||||
- pagination
|
||||
type: object
|
||||
properties:
|
||||
pagination:
|
||||
required:
|
||||
- next
|
||||
- previous
|
||||
- count
|
||||
- current
|
||||
- total_pages
|
||||
- start_index
|
||||
- end_index
|
||||
type: object
|
||||
properties:
|
||||
next:
|
||||
type: number
|
||||
previous:
|
||||
type: number
|
||||
count:
|
||||
type: number
|
||||
current:
|
||||
type: number
|
||||
total_pages:
|
||||
type: number
|
||||
start_index:
|
||||
type: number
|
||||
end_index:
|
||||
type: number
|
||||
results:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/definitions/LDAPOutpostConfig'
|
||||
'403':
|
||||
description: Authentication credentials were invalid, absent or insufficient.
|
||||
schema:
|
||||
$ref: '#/definitions/GenericError'
|
||||
tags:
|
||||
- outposts
|
||||
parameters: []
|
||||
/outposts/ldap/{id}/:
|
||||
get:
|
||||
operationId: outposts_ldap_read
|
||||
description: LDAPProvider Viewset
|
||||
parameters: []
|
||||
responses:
|
||||
'200':
|
||||
description: ''
|
||||
schema:
|
||||
$ref: '#/definitions/LDAPOutpostConfig'
|
||||
'403':
|
||||
description: Authentication credentials were invalid, absent or insufficient.
|
||||
schema:
|
||||
$ref: '#/definitions/GenericError'
|
||||
'404':
|
||||
description: Object does not exist or caller has insufficient permissions
|
||||
to access it.
|
||||
schema:
|
||||
$ref: '#/definitions/APIException'
|
||||
tags:
|
||||
- outposts
|
||||
parameters:
|
||||
- name: id
|
||||
in: path
|
||||
description: A unique integer value identifying this LDAP Provider.
|
||||
required: true
|
||||
type: integer
|
||||
/outposts/outposts/:
|
||||
get:
|
||||
operationId: outposts_outposts_list
|
||||
|
@ -8739,6 +8836,203 @@ paths:
|
|||
description: A unique integer value identifying this provider.
|
||||
required: true
|
||||
type: integer
|
||||
/providers/ldap/:
|
||||
get:
|
||||
operationId: providers_ldap_list
|
||||
description: LDAPProvider Viewset
|
||||
parameters:
|
||||
- name: ordering
|
||||
in: query
|
||||
description: Which field to use when ordering the results.
|
||||
required: false
|
||||
type: string
|
||||
- name: search
|
||||
in: query
|
||||
description: A search term.
|
||||
required: false
|
||||
type: string
|
||||
- name: page
|
||||
in: query
|
||||
description: Page Index
|
||||
required: false
|
||||
type: integer
|
||||
- name: page_size
|
||||
in: query
|
||||
description: Page Size
|
||||
required: false
|
||||
type: integer
|
||||
responses:
|
||||
'200':
|
||||
description: ''
|
||||
schema:
|
||||
required:
|
||||
- results
|
||||
- pagination
|
||||
type: object
|
||||
properties:
|
||||
pagination:
|
||||
required:
|
||||
- next
|
||||
- previous
|
||||
- count
|
||||
- current
|
||||
- total_pages
|
||||
- start_index
|
||||
- end_index
|
||||
type: object
|
||||
properties:
|
||||
next:
|
||||
type: number
|
||||
previous:
|
||||
type: number
|
||||
count:
|
||||
type: number
|
||||
current:
|
||||
type: number
|
||||
total_pages:
|
||||
type: number
|
||||
start_index:
|
||||
type: number
|
||||
end_index:
|
||||
type: number
|
||||
results:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/definitions/LDAPProvider'
|
||||
'403':
|
||||
description: Authentication credentials were invalid, absent or insufficient.
|
||||
schema:
|
||||
$ref: '#/definitions/GenericError'
|
||||
tags:
|
||||
- providers
|
||||
post:
|
||||
operationId: providers_ldap_create
|
||||
description: LDAPProvider Viewset
|
||||
parameters:
|
||||
- name: data
|
||||
in: body
|
||||
required: true
|
||||
schema:
|
||||
$ref: '#/definitions/LDAPProvider'
|
||||
responses:
|
||||
'201':
|
||||
description: ''
|
||||
schema:
|
||||
$ref: '#/definitions/LDAPProvider'
|
||||
'400':
|
||||
description: Invalid input.
|
||||
schema:
|
||||
$ref: '#/definitions/ValidationError'
|
||||
'403':
|
||||
description: Authentication credentials were invalid, absent or insufficient.
|
||||
schema:
|
||||
$ref: '#/definitions/GenericError'
|
||||
tags:
|
||||
- providers
|
||||
parameters: []
|
||||
/providers/ldap/{id}/:
|
||||
get:
|
||||
operationId: providers_ldap_read
|
||||
description: LDAPProvider Viewset
|
||||
parameters: []
|
||||
responses:
|
||||
'200':
|
||||
description: ''
|
||||
schema:
|
||||
$ref: '#/definitions/LDAPProvider'
|
||||
'403':
|
||||
description: Authentication credentials were invalid, absent or insufficient.
|
||||
schema:
|
||||
$ref: '#/definitions/GenericError'
|
||||
'404':
|
||||
description: Object does not exist or caller has insufficient permissions
|
||||
to access it.
|
||||
schema:
|
||||
$ref: '#/definitions/APIException'
|
||||
tags:
|
||||
- providers
|
||||
put:
|
||||
operationId: providers_ldap_update
|
||||
description: LDAPProvider Viewset
|
||||
parameters:
|
||||
- name: data
|
||||
in: body
|
||||
required: true
|
||||
schema:
|
||||
$ref: '#/definitions/LDAPProvider'
|
||||
responses:
|
||||
'200':
|
||||
description: ''
|
||||
schema:
|
||||
$ref: '#/definitions/LDAPProvider'
|
||||
'400':
|
||||
description: Invalid input.
|
||||
schema:
|
||||
$ref: '#/definitions/ValidationError'
|
||||
'403':
|
||||
description: Authentication credentials were invalid, absent or insufficient.
|
||||
schema:
|
||||
$ref: '#/definitions/GenericError'
|
||||
'404':
|
||||
description: Object does not exist or caller has insufficient permissions
|
||||
to access it.
|
||||
schema:
|
||||
$ref: '#/definitions/APIException'
|
||||
tags:
|
||||
- providers
|
||||
patch:
|
||||
operationId: providers_ldap_partial_update
|
||||
description: LDAPProvider Viewset
|
||||
parameters:
|
||||
- name: data
|
||||
in: body
|
||||
required: true
|
||||
schema:
|
||||
$ref: '#/definitions/LDAPProvider'
|
||||
responses:
|
||||
'200':
|
||||
description: ''
|
||||
schema:
|
||||
$ref: '#/definitions/LDAPProvider'
|
||||
'400':
|
||||
description: Invalid input.
|
||||
schema:
|
||||
$ref: '#/definitions/ValidationError'
|
||||
'403':
|
||||
description: Authentication credentials were invalid, absent or insufficient.
|
||||
schema:
|
||||
$ref: '#/definitions/GenericError'
|
||||
'404':
|
||||
description: Object does not exist or caller has insufficient permissions
|
||||
to access it.
|
||||
schema:
|
||||
$ref: '#/definitions/APIException'
|
||||
tags:
|
||||
- providers
|
||||
delete:
|
||||
operationId: providers_ldap_delete
|
||||
description: LDAPProvider Viewset
|
||||
parameters: []
|
||||
responses:
|
||||
'204':
|
||||
description: ''
|
||||
'403':
|
||||
description: Authentication credentials were invalid, absent or insufficient.
|
||||
schema:
|
||||
$ref: '#/definitions/GenericError'
|
||||
'404':
|
||||
description: Object does not exist or caller has insufficient permissions
|
||||
to access it.
|
||||
schema:
|
||||
$ref: '#/definitions/APIException'
|
||||
tags:
|
||||
- providers
|
||||
parameters:
|
||||
- name: id
|
||||
in: path
|
||||
description: A unique integer value identifying this LDAP Provider.
|
||||
required: true
|
||||
type: integer
|
||||
/providers/oauth2/:
|
||||
get:
|
||||
operationId: providers_oauth2_list
|
||||
|
@ -15718,6 +16012,34 @@ definitions:
|
|||
title: Version outdated
|
||||
type: boolean
|
||||
readOnly: true
|
||||
LDAPOutpostConfig:
|
||||
required:
|
||||
- name
|
||||
- bind_flow_slug
|
||||
- application_slug
|
||||
type: object
|
||||
properties:
|
||||
pk:
|
||||
title: ID
|
||||
type: integer
|
||||
readOnly: true
|
||||
name:
|
||||
title: Name
|
||||
type: string
|
||||
minLength: 1
|
||||
base_dn:
|
||||
title: Base dn
|
||||
description: DN under which objects are accessible.
|
||||
type: string
|
||||
minLength: 1
|
||||
bind_flow_slug:
|
||||
title: Bind flow slug
|
||||
type: string
|
||||
minLength: 1
|
||||
application_slug:
|
||||
title: Application slug
|
||||
type: string
|
||||
minLength: 1
|
||||
OpenIDConnectConfiguration:
|
||||
description: Embed OpenID Connect provider information
|
||||
required:
|
||||
|
@ -16223,6 +16545,7 @@ definitions:
|
|||
- authentik.policies.password
|
||||
- authentik.policies.reputation
|
||||
- authentik.providers.proxy
|
||||
- authentik.providers.ldap
|
||||
- authentik.providers.oauth2
|
||||
- authentik.providers.saml
|
||||
- authentik.recovery
|
||||
|
@ -16727,6 +17050,63 @@ definitions:
|
|||
description: Description shown to the user when consenting. If left empty,
|
||||
the user won't be informed.
|
||||
type: string
|
||||
LDAPProvider:
|
||||
required:
|
||||
- name
|
||||
- authorization_flow
|
||||
type: object
|
||||
properties:
|
||||
pk:
|
||||
title: ID
|
||||
type: integer
|
||||
readOnly: true
|
||||
name:
|
||||
title: Name
|
||||
type: string
|
||||
minLength: 1
|
||||
authorization_flow:
|
||||
title: Authorization flow
|
||||
description: Flow used when authorizing this provider.
|
||||
type: string
|
||||
format: uuid
|
||||
property_mappings:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
format: uuid
|
||||
uniqueItems: true
|
||||
component:
|
||||
title: Component
|
||||
type: string
|
||||
readOnly: true
|
||||
assigned_application_slug:
|
||||
title: Assigned application slug
|
||||
type: string
|
||||
readOnly: true
|
||||
assigned_application_name:
|
||||
title: Assigned application name
|
||||
type: string
|
||||
readOnly: true
|
||||
verbose_name:
|
||||
title: Verbose name
|
||||
type: string
|
||||
readOnly: true
|
||||
verbose_name_plural:
|
||||
title: Verbose name plural
|
||||
type: string
|
||||
readOnly: true
|
||||
bind_flow:
|
||||
title: Bind flow
|
||||
description: Flow which is used to bind users. When left empty, no users will
|
||||
be able to bind.
|
||||
type: string
|
||||
format: uuid
|
||||
x-nullable: true
|
||||
base_dn:
|
||||
title: Base dn
|
||||
description: DN under which objects are accessible.
|
||||
type: string
|
||||
minLength: 1
|
||||
OAuth2ProviderSetupURLs:
|
||||
type: object
|
||||
properties:
|
||||
|
|
Reference in a new issue