e35c3d19bc
* Automatic sign-in to HedgeDoc Following the HedgeDoc guides, if you clicks on a HedgeDoc application, you then still have to click “Sign-in” and “Sign in via authentik” to actually get signed in. This patch suggests adding a launch URL to the application which will cause users to automatically get signed in. * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
1.6 KiB
1.6 KiB
title |
---|
HedgeDoc |
Support level: Community
What is HedgeDoc
From https://github.com/hedgedoc/hedgedoc
:::note HedgeDoc lets you create real-time collaborative markdown notes. :::
Preparation
The following placeholders will be used:
hedgedoc.company
is the FQDN of the HedgeDoc install.authentik.company
is the FQDN of the authentik install.
Create an OAuth2/OpenID provider with the following parameters:
- Client Type:
Confidential
- Scopes: OpenID, Email and Profile
- Signing Key: Select any available key
- Redirect URIs:
https://hedgedoc.company/auth/oauth2/callback
Note the Client ID and Client Secret values. Create an application, using the provider you've created above. To be logged in immediately if you click on the application, set:
- Launch URL:
https://hedgedoc.company/auth/oauth2
HedgeDoc
You need to set the following env
Variables for Docker based installations.
Set the following values:
CMD_OAUTH2_PROVIDERNAME: "authentik"
CMD_OAUTH2_CLIENT_ID: "<Client ID from above>"
CMD_OAUTH2_CLIENT_SECRET: "<Client Secret from above>"
CMD_OAUTH2_SCOPE: "openid email profile"
CMD_OAUTH2_USER_PROFILE_URL: "https://authentik.company/application/o/userinfo/"
CMD_OAUTH2_TOKEN_URL: "https://authentik.company/application/o/token/"
CMD_OAUTH2_AUTHORIZATION_URL: "https://authentik.company/application/o/authorize/"
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR: "preferred_username"
CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR: "name"
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR: "email"