7503b32c74
* add zammad Signed-off-by: Tealk <tealk@rollenspiel.monster> * some improvements Signed-off-by: Tealk <tealk@rollenspiel.monster> * add navi-item Signed-off-by: Tealk <tealk@rollenspiel.monster> * fix mappings Signed-off-by: Tealk <tealk@rollenspiel.monster> * typo Signed-off-by: Tealk <tealk@rollenspiel.monster> * personalized link removed Signed-off-by: Tealk <tealk@rollenspiel.monster> * replace inventory placeholder & fix SAML Signed-off-by: Tealk <tealk@rollenspiel.monster> * Replace placeholder Signed-off-by: Tealk <tealk@rollenspiel.monster> * text improvement Signed-off-by: Tealk <tealk@rollenspiel.monster> --------- Signed-off-by: Tealk <tealk@rollenspiel.monster>
2.2 KiB
2.2 KiB
title |
---|
Zammad |
Support level: Community
What is Zammad
From https://zammad.org/ :::note Zammad is a web-based, open source user support/ticketing solution. Download and install it on your own servers. For free. :::
Preparation
The following placeholders will be used:
zammad.company
is the FQDN of the zammad install.authentik.company
is the FQDN of the authentik install.
authentik Configuration
Step 1 - Property Mappings
Create two Mappings (under Customisation/Property Mappings) with these settings:
name mapping
- Name: Zammad SAML Mapping: name
- SAML Attribute Name: name
- Friendly Name: none
- Expression:
return request.user.name
email mapping
- Name: Zammad SAML Mapping: email
- SAML Attribute Name: email
- Friendly Name: none
- Expression:
return request.user.email
Step 2 - SAML Provider
In authentik, create a SAML Provider (under Applications/Providers) with these settings :
- Name : zammad
- ACS URL:
https://zammad.company/auth/saml/callback
- Issuer:
https://zammad.company/auth/saml/metadata
- Service Provider Binding: Post
- Audience: https://zammad.company/auth/saml/metadata
- Property mappings: Zammad SAML Mapping: name & Zammad SAML Mapping: email
- NameID Property Mapping: Zammad SAML Mapping: name
Step 3 - Application
In authentik, create an application (under Resources/Applications) with these settings :
- Name: Zammad
- Slug: zammad
- Provider: zammad
zammad Setup
Configure Zammad SAML settings by going to settings (the gear icon), and selecting Security -> Third-party Applications
and activiate Authentication via SAML
and change the following fields:
- Display name: authentik
- IDP SSO target URL: https://authentik.company/application/saml/ticketsystem-seatable/sso/binding/init/
- IDP certificate: ----BEGIN CERTIFICATE---- …
- IDP certificate fingerprint: empty
- Name Identifier Format: empty