205hlab-mirrors/authentik
2
0
Fork 0
mirror of https://github.com/goauthentik/authentik.git synced 2026-06-17 19:09:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

website/integrations: add email verified info to Mailcow (#22783)

Browse Source 
* Add email verified info

* website/integrations: address Mailcow review feedback

Agent-thread: https://sdko.org/internal/threads/019e9434-7d09-7b71-a974-d3d0924c06d4

A7k-product: product

A7k-product-repo: 3

Co-authored-by: Agent <agent@svc.sdko.net>

---------

Co-authored-by: Dominic R <dominic@goauthentik.io>
Co-authored-by: Agent <agent@svc.sdko.net>
This commit is contained in:
Dewi Roberts
2026-06-04 21:25:38 +01:00
committed by GitHub
parent d307e200c5
commit 986d961c6b
1 changed files with 31 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
website/integrations/chat-communication-collaboration/mailcow/index.md
+31 -10
View File
@@ -27,20 +27,41 @@ This documentation lists only the settings that you need to change from their de
## authentik configuration
To support the integration of mailcow with authentik, you need to create an application/provider pair in authentik.
To support the integration of mailcow with authentik, you need to create a property mapping, set the `email_verified` attribute on required users, and create an application/provider pair in authentik.
### Create an application and provider in authentik
### Create a property mapping
Mailcow requires that users have a verified email address. The required attribute can be returned via a scope mapping in combination with user attributes.
1. Log in to authentik as an administrator and open the authentik Admin interface.
2. Navigate to **Customization** > **Property Mappings** and click **New Property Mapping**.
3. Select **Scope Mapping** as the property mapping type. Use `email` as the scope name, and copy the user attribute expression from [Email scope verification](/docs/add-secure-apps/providers/oauth2/index.mdx#email-scope-verification).
4. Click **Create**.
### Set `email_verified` user attribute
1. Log in to authentik as an administrator and open the authentik Admin interface.
2. Navigate to **Directory** > **Users** and select a user that will use the Mailcow integration.
3. Click **Edit User**.
4. Add `email_verified: true` to the **Attributes** field.
5. Click **Save Changes**.
Repeat these steps for all users that need to use the Mailcow integration.
### Create an application and provider
1. Log in to authentik as an administrator and open the authentik Admin interface.
2. Navigate to **Applications** > **Applications** and click **New Application** to open the application wizard.
- **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings.
- **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
- **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
- Note the **Client ID** and **Client Secret** values because they will be required later.
- Set a `Strict` redirect URI to `https://mailcow.company`.
- Select any available signing key.
- **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/bindings-overview/) (policy, group, or user) to manage the listing and access to applications on a user's **Application Dashboard** page.
- **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings.
- **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
- **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
- Note the **Client ID** and **Client Secret** values because they will be required later.
- Set a `Strict` redirect URI to `https://mailcow.company`.
- Select any available signing key.
- Under **Advanced protocol settings**:
- Remove the `authentik default OAuth Mapping: OpenID 'email'` scope from **Selected Scopes**.
- Add the scope mapping that you previously created to **Selected Scopes**.
- **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/bindings-overview/) (policy, group, or user) to manage the listing and access to applications on a user's **Application Dashboard** page.
3. Click **Submit** to save the new application and provider.