From b658f7f6b836c98ec12798060206ea109babc8c2 Mon Sep 17 00:00:00 2001 From: Dominic R Date: Tue, 16 Jun 2026 10:25:57 -0400 Subject: [PATCH] website/integrations: Pangolin: cleanup (#23075) Agent-thread: https://sdko.org/internal/thr/ak/019eccc2-1f7d-79f0-b639-2f7e10eb0b3e A7k-product: product A7k-product-repo: 4 Co-authored-by: Agent --- .../integrations/networking/pangolin/index.mdx | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/website/integrations/networking/pangolin/index.mdx b/website/integrations/networking/pangolin/index.mdx index c25c233df5..6384732488 100644 --- a/website/integrations/networking/pangolin/index.mdx +++ b/website/integrations/networking/pangolin/index.mdx @@ -10,7 +10,7 @@ import RedirectURI20265Note from "../../_redirect-uri-2026-5-note.mdx"; > Pangolin is a self-hosted tunneled reverse proxy server with identity and access control, designed to securely expose private resources on distributed networks. > -> -- https://docs.fossorial.io/Pangolin/overview +> -- https://pangolin.net ## Preparation @@ -36,7 +36,7 @@ To support the integration of Pangolin with authentik, you need to create an app - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type. - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations. - - Note the **Client ID**, and **Client Secret** values because they will be required later. + - Note the **Client ID** and **Client Secret** values because they will be required later. - Temporarily add a **Redirect URI** of type `Strict` `Authorization` as `https://temp.temp`. - Select any available signing key. - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/bindings-overview/) (policy, group, or user) to manage the listing and access to applications on a user's **Application Dashboard** page. @@ -45,27 +45,26 @@ To support the integration of Pangolin with authentik, you need to create an app ## Pangolin configuration -1. Log in to Pangolin as an administrator. +1. Log in to Pangolin as a server administrator. 2. Navigate to **Server Admin** > **Identity Providers**, and click **Add Identity Provider**. - Under **General Information**: - **Name**: `authentik` - - **Auto Provision Users** _(optional)_: enable this option for authentik users to be automatically provisioned in Pangolin on first login. + - **Provider Type**: select **OAuth2/OIDC**. + - **Auto Provision Users** _(optional)_: enable this option for authentik users to be automatically provisioned in Pangolin on first login. If this option is disabled, create the user in Pangolin before the first login. - Under **OAuth2/OIDC Configuration**: - **Client ID**: Client ID from authentik. - **Client Secret**: Client Secret from authentik. - **Authorization URL**: `https://authentik.company/application/o/authorize/` - **Token URL**: `https://authentik.company/application/o/token/` - - Under **Advanced protocol settings**: - - Set **Subject Mode** to be **Based on the User's username** 3. Click **Create Identity Provider**. -4. Under **General Information**, take note of the **Redirect URI** value because it will be required in the next section. +4. Open the identity provider, and note the **Redirect URL** value because it will be required in the next section. ## Reconfigure authentik provider 1. Log in to authentik as an administrator and open the authentik Admin interface. 2. Navigate to **Applications** > **Providers** and click the **Edit** icon of the newly created Pangolin provider. -3. Add a **Redirect URI** of type `Strict` `Authorization` as the value taken from Pangolin (e.g. `https://pangolin.company/auth/idp//oidc/callback`). +3. Add a **Redirect URI** of type `Strict` `Authorization` as the value taken from Pangolin, for example `https://pangolin.company/auth/idp//oidc/callback`. 4. Click **Update**. ## Configuration verification @@ -74,4 +73,5 @@ To confirm that authentik is properly configured with Pangolin, log out and log ## Resources -- [Official Pangolin SSO Documentation](https://docs.fossorial.io/Pangolin/Identity%20Providers/configuring-identity-providers) +- [Pangolin Docs - Add Identity Providers](https://docs.pangolin.net/manage/identity-providers/add-an-idp) +- [Pangolin Docs - OAuth2/OIDC](https://docs.pangolin.net/manage/identity-providers/openid-connect)