Update Bookstack SAML settings
Enabled AUTH_AUTO_INITIATE=true to reduce amount of clicks needed to proceed to Bookstack and give a propper SSO experience. If user is not logged in elsewhere already, authentik's login page will still be displayed.
Edited SAML2_DISPLAY_NAME_ATTRIBUTES so it actually works. The previous "Name" entry is non-functional and does not parse. When this is the case, or the field is empty, usernames in Bookstack default to user's email address. Entries here need to be in line with Active Directory Federation Services' Role of Claims found here: https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/technical-reference/the-role-of-claims. Additionally, this will use the user's authentik username rather than real/full name.
Enabled Group Sync by default for easier administration for sysadmins. SAML2_GROUP_ATTRIBUTE also needed to be in line with Active Directory Federation Services' Role of Claims
Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>
Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>
* Add new integration application category for Dashboard and initialize organizr service template
* added images and additional info for organizr integration
* alphabetized application integration categories
* alphabetized integration federation and social login categories
* forgot to make website-lint-fix :/
* revert mention of organizr in generic setup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: improve Vikunja docs
- Added placeholder for name set in config.yml with example using uppercase letters and spaces, to show how the callback URL will be handled with said name
- Added note that local login can be disabled
- Reword restart note at bottom to sound more fluent
Signed-off-by: JJGadgets <git@jjgadgets.tech>
* website/docs: update Vikunja provider screenshot
* minor fixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: JJGadgets <git@jjgadgets.tech>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* Update index.mdx
Added user creation process in Guac
Added Signing Key as this was blocking usage on Production and Test Server
Signed-off-by: obxjames <james@myapollo.dev>
* reword changes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: obxjames <james@myapollo.dev>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* Add ArgoCD documentation
* fix naming and email verification configuration
* specify Slug field and update url to specify it has to match the slug value
* update preparation note
* minor consistency fixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* Cleared up confusion regarding portainer
Adding in a / at the end of the redirect url is crucial and failing to do so will cause a 'Redirect URL' error thrown in by authentik.
I also find it more clear to use 'portainer.company' instead of 'port.company'.
Signed-off-by: Matthieu B <66959271+mtthidoteu@users.noreply.github.com>
* fix lint
Signed-off-by: Matthieu B <66959271+mtthidoteu@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
I was stuck after setting up as the guide never actually mentions you need to make the change to your reverse proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* Expanded documentation for SAML Federation w/ examples.
* Added short section for setup on IDP side
* Formatting according to guidelines
Changed example section to table instead of headings
* Escaped <> for formatting
* Fixed quotation on <>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
In the sample code, there was an extra training "}" in the localpart_template causing all usernames to be appended with "=7D" before the server designation, such as:
@[Username]=7D:[ServerName]
Avsynthe
Jens Langhammer
Darrin
Rob
Nick Baughman
lvoegl
Daniel
Andre Mainka
JJGadgets
sathrudi
obxjames
Corentin Closs
clay
Bennett Panesar
Matthieu B
tigattack
Oliver Møller
Kyle Brown
dugite-code
TheMythologist
Michał Frąckiewicz
Victor
scheibling
Ilija Matoski
Joseph Kavanagh
hexxone
Jan K
Danaël
Josh Chapman
Cookie-Monster-Coder