From 4615b4dbfbbf8514d9c41176e6e68a8ba3a453ce Mon Sep 17 00:00:00 2001 From: erri120 Date: Fri, 1 Dec 2023 14:08:14 +0000 Subject: [PATCH] docs: add Authentik example config (#1660) Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1660 Reviewed-by: konrad Co-authored-by: erri120 Co-committed-by: erri120 --- docs/content/doc/setup/openid-examples.md | 24 +++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/docs/content/doc/setup/openid-examples.md b/docs/content/doc/setup/openid-examples.md index eb8bdc58944..78a45e57e54 100644 --- a/docs/content/doc/setup/openid-examples.md +++ b/docs/content/doc/setup/openid-examples.md @@ -88,3 +88,27 @@ Keycloak Config: - Set `Root Url` to `https://vikunja.mydomain.com` - Set `Valid redirect URIs` to `/auth/openid/keycloak` - Create the client the navigate to the credentials tab and copy the `Client secret` + +## Authentik + +Authentik Config: +- Create a new Provider called "Vikunja" in Authentik +- Set the `Redirect URIs/Origins (RegEx)` to `https://vikunja.mydomain.com/auth/openid/authentik` +- Copy the Client ID and Client Secret + +Vikunja Config: + +```yaml +auth: + openid: + enabled: true + redirecturl: "https://vikunja.mydomain.com/auth/openid/" + providers: + - name: authentik + authurl: "https://authentik.mydomain.com/application/o/vikunja" + logouturl: "https://authentik.mydomain.com/application/o/vikunja/end-session/" + clientid: "" # copy from Authetik + clientsecret: "" # copy from Authentik +``` + +**Note:** The `authurl` that Vikunja requires is not the `Authorize URL` that you can see in the Provider. Vikunja uses Open ID Discovery to find the correct endpoint to use. Vikunja does this by automatically accessing the `OpenID Configuration URL` (usually `https://authentik.mydomain.com/application/o/vikunja/.well-known/openid-configuration`). Use this URL without the `.well-known/openid-configuration` as the `authurl`.