* Create index.mdx Add Wekan example * updated to include wekan entry * Update and rename website/docs/sources.md to website/docs/sources/index.md Break Sources into individual pages. * Update and rename website/docs/sources/index.md to website/docs/sources/ldap/index.md * Create index.md * Update index.md * Update index.md * Create index.md * Create index.md * Create index.md * Update index.md * Update index.md * Update index.md * Create index.md * discord images * spacing * Added discord * discord changes * Added sources breakdown to the sidebar * Fixed the saml title * Added github examples * fixed formatting * Changed file path, updated sidebar, added google. * fixed a spelling mistake * Cleaned up formatting * Fixed Notes * Added Bookstack to the intergrations * Fixed a typo with formatting * Added a line break for Advanced protocol settings * Added Vikunja to integration providers docs * web: update tsconfig Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * Add Portainer to integration provider docs Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2 KiB
title |
---|
Portainer |
What is Portainer
From https://www.portainer.io/
:::note Portainer is a powerful, GUI-based Container-as-a-Service solution that helps organizations manage and deploy cloud-native applications easily and securely. :::
:::note This is based on authentik 2021.7.3 and Portainer 2.6.x-CE. Portainer 2.6 supports OAuth without additional licenses, 1.x Series requires a paid license for OAuth. :::
Preparation
The following placeholders will be used:
port.company
is the FQDN of Portainer.authentik.company
is the FQDN of authentik.
Step 1 - Authentik
In authentik, under Providers, create an OAuth2/OpenID Provider with these settings:
:::note Only settings that have been modified from default have been listed. :::
Protocol Settings
- Name: Portainer
- Client type: Confidential
- Client ID: Copy and Save this for Later
- Client Secret: Copy and Save this for later
- Redirect URIs/Origins:
https://port.company
Step 2 - Portainer
In Portainer, under Settings, Authentication, Select OAuth and Custom
- Client ID: Client ID from step 1
- Client Secret: Client Secret from step 1
- Authorization URL:
https://authentik.company/application/o/authorize/
- Access Token URL:
https://authentik.company/application/o/token/
- Redirect URL:
https://port.company
- Resource URL:
https://authentik.company/application/o/userinfo/
- Logout URL:
https://authentik.company/o/portainer/end-session/
- User Identifier:
email
- Scopes:
email opennid profile
:::note Portainer by default shows commas between each item in the Scopes field. Do NOT use commas. Use a space :::
Step 3 - Authentik
In authentik, create an application which uses this provider. Optionally apply access restrictions to the application using policy bindings.
- Name: Portainer
- Slug: portainer
- Provider: Portainer
- Launch URL: https://port.company
Notes
:::note Portainer Reference link: https://documentation.portainer.io/v2.0/auth/oauth/ :::