* Automatic sign-in to HedgeDoc
Following the HedgeDoc guides, if you clicks on a HedgeDoc application,
you then still have to click “Sign-in” and “Sign in via authentik” to
actually get signed in.
This patch suggests adding a launch URL to the application which will
cause users to automatically get signed in.
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Changes to reverse proxy information for grafana
Changed to remove the port at the end of the domain for root_url, if grafana is behind a reverse proxy and is reachable at its ip or at https://grafana.company it would not than be accessible by that port.
Until the root_url was changed in grafana.ini to https://grafana.company/ gives the following error The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri).
This was tested using:
authentik 2023.3.0
grafana 9.3.6
nginx proxy manager 2.9.19
Signed-off-by: SiskoUrso <91812199+SiskoUrso@users.noreply.github.com>
* Update index.md
Removed need to enable ExtendedQuery, changed format of Authentication Containers to use semi-colons per note in pfSense, and added setting for Group member attribute (to allow users to not have to create pfsense users individually)
Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>
* Update index.md
Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>
* Update index.md
Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>
* revert Authentication containers
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* Update Wiki.JS documentation
updated based on UI changes in latest Authentik version
under providers, removed settings that are now the default. default Subject Mode also works instead of changing to based on username.
under self registration note, updated to reflect that emails must match instead of usernames, tested with latest wikijs and authentik
* fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
Update Bookstack SAML settings
Enabled AUTH_AUTO_INITIATE=true to reduce amount of clicks needed to proceed to Bookstack and give a propper SSO experience. If user is not logged in elsewhere already, authentik's login page will still be displayed.
Edited SAML2_DISPLAY_NAME_ATTRIBUTES so it actually works. The previous "Name" entry is non-functional and does not parse. When this is the case, or the field is empty, usernames in Bookstack default to user's email address. Entries here need to be in line with Active Directory Federation Services' Role of Claims found here: https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/technical-reference/the-role-of-claims. Additionally, this will use the user's authentik username rather than real/full name.
Enabled Group Sync by default for easier administration for sysadmins. SAML2_GROUP_ATTRIBUTE also needed to be in line with Active Directory Federation Services' Role of Claims
Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>
Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>
* Add new integration application category for Dashboard and initialize organizr service template
* added images and additional info for organizr integration
* alphabetized application integration categories
* alphabetized integration federation and social login categories
* forgot to make website-lint-fix :/
* revert mention of organizr in generic setup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: improve Vikunja docs
- Added placeholder for name set in config.yml with example using uppercase letters and spaces, to show how the callback URL will be handled with said name
- Added note that local login can be disabled
- Reword restart note at bottom to sound more fluent
Signed-off-by: JJGadgets <git@jjgadgets.tech>
* website/docs: update Vikunja provider screenshot
* minor fixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: JJGadgets <git@jjgadgets.tech>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* Update index.mdx
Added user creation process in Guac
Added Signing Key as this was blocking usage on Production and Test Server
Signed-off-by: obxjames <james@myapollo.dev>
* reword changes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: obxjames <james@myapollo.dev>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* Add ArgoCD documentation
* fix naming and email verification configuration
* specify Slug field and update url to specify it has to match the slug value
* update preparation note
* minor consistency fixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* Cleared up confusion regarding portainer
Adding in a / at the end of the redirect url is crucial and failing to do so will cause a 'Redirect URL' error thrown in by authentik.
I also find it more clear to use 'portainer.company' instead of 'port.company'.
Signed-off-by: Matthieu B <66959271+mtthidoteu@users.noreply.github.com>
* fix lint
Signed-off-by: Matthieu B <66959271+mtthidoteu@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>