* docs/integrations: Update docs to specify redirect uri of type authorization or post logout
* bold redirect uri
* improve wording
* update docs
* add banner for warning of redirect uri's
* Update website/integrations/_redirect-uri-2026-5-note.mdx
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
---------
Signed-off-by: Connor Peshek <connor@connorpeshek.me>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
* website/integrations: FortiAnalyzer
Add an integration guide for FortiAnalyzer with SAML SSO against authentik,
covering the SAML provider configuration, a `username` property mapping, and
the FortiAnalyzer Single Sign-On settings (tested with FortiAnalyzer 8.0).
Also add ADOM to the integrations spell-check dictionary because the term is
used by multiple Fortinet products (FortiAnalyzer, FortiManager, FortiGate)
and will likely appear in future guides as well.
* website/integrations: FortiAnalyzer: cleanup
Update the FortiAnalyzer SAML guide to match the current integration template and verified Fortinet/authentik behavior.
Agent-thread: https://sdko.org/internal/threads/019e6120-ca6e-7301-a10f-669607e5ac61
Co-authored-by: Agent <agent@svc.sdko.net>
* trigger ci???
Signed-off-by: Dominic R <dominic@goauthentik.io>
---------
Signed-off-by: Dominic R <dominic@goauthentik.io>
Co-authored-by: nicedevil007 <nicedevil007@users.noreply.github.com>
Co-authored-by: Dominic R <dominic@goauthentik.io>
Co-authored-by: Agent <agent@svc.sdko.net>
Co-authored-by: Dominic R <dominic@sdko.org>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
* website: fix British spellings flagged by cspell
Apply American spellings (behaviour->behavior, colour->color, organise->organize, etc.) across release notes, integration docs, and security docs. Part of enabling cspell's British-spelling rule; the rule itself lands in a separate PR once all areas are clean.
Co-Authored-By: Playpen Agent <279763771+playpen-agent@users.noreply.github.com>
* Update website/docs/developer-docs/docs/style-guide.mdx
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Playpen Agent <279763771+playpen-agent@users.noreply.github.com>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dominic R <dominic@goauthentik.io>
* website/integrations: Icinga Web 2
Add an integration guide for Icinga Web 2 with OIDC SSO against
authentik via the third-party RISE-GmbH oidc module
(github.com/RISE-GmbH/icingaweb2-module-oidc). Covers the OAuth2/
OpenID Connect provider configuration in authentik (including the
module-specific redirect URI under /icingaweb2/oidc/authentication/
realm?name=<name>), the New Provider dialog in the Icinga Web 2 OIDC
module (Name, Url, Secret, Appname, Groups to sync, Enabled, Enforce
Https on redirect urls), an explicit hint to scope Groups to sync to
the few groups actually used for Icinga, and a pointer to assign
roles to the imported users and groups under Configuration >
Authentication > Roles. Tested with Icinga Web 2 2.13 and authentik
2026.5.2.
Also add Icinga to the integrations spell-check dictionary.
* website/integrations: Icinga Web 2: cleanup
Agent-thread: https://sdko.org/internal/threads/019e93e4-7da8-7432-81c3-dd7dca5f8590
A7k-product: product
A7k-product-repo: 2
Co-authored-by: Agent <agent@svc.sdko.net>
---------
Co-authored-by: nicedevil007 <nicedevil007@users.noreply.github.com>
Co-authored-by: Dominic R <dominic@goauthentik.io>
Co-authored-by: Agent <agent@svc.sdko.net>
* test format
* ran make docs
* Updated integration guides with the old label "Create with Provider" to new label of "New Application".
* mention drop-down menu
* add ellipses
* docs/integrations: Update all guides to match auto generated issuer
* clean up audience mismatches
* clean up more
* update saml providers page
* fix url breaking build
* clean up pipeline errors
* Apply suggestion from @dominic-r
Signed-off-by: Dominic R <dominic@goauthentik.io>
---------
Signed-off-by: Dominic R <dominic@goauthentik.io>
Co-authored-by: Dominic R <dominic@goauthentik.io>
* website/integrations: grafana: migrate to entitlements
* website/integrations: migrate Grafana role mappings to entitlements
* rm
* Add scope
* Add scope
* Update website/integrations/monitoring/grafana/index.mdx
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Dominic R <dominic@sdko.org>
---------
Signed-off-by: Dominic R <dominic@sdko.org>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
* website/docs: document Grafana OAuth admin sync workaround
Clarify a Grafana Generic OAuth failure mode when an existing local admin account overlaps with the first OAuth login, and document where the Grafana admin assignment toggle lives.
Also fix the broken Grafana integration link in the first-steps guide.
Closes#21249
* Apply suggestion from @dewi-tik
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Dominic R <dominic@sdko.org>
* Apply suggestion from @dewi-tik
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Dominic R <dominic@sdko.org>
* Apply suggestion from @dewi-tik
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Dominic R <dominic@sdko.org>
* Lint fix
---------
Signed-off-by: Dominic R <dominic@sdko.org>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Update OIDC configuration formatting
The original documentation caused an error with the current gatus version. It has been fixed with the correct formatting.
Signed-off-by: Kofl <thomas@kofler.tk>
Update authentik configuration steps
Removed the noting of 'slug' from the authentik configuration steps, as its not required on the Beszel site
Signed-off-by: Kofl <thomas@kofler.tk>
* new first steps docs
* moved email config up to match Docker
* first draft
* moved sections and retitled some
* more content, tweaks
* dewis edits
* added Dewi ideas, more content, tweaks
* more content, green tips, other fixes
* Optimised images with calibre/image-actions
* Optimised images with calibre/image-actions
* Optimised images with calibre/image-actions
* conflicts?
* dominic's eedits, more content
* another fine Dominic edit
* more dewi and dominic edits, links
* a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* tweaks
* thanks Teffen
* new styles, more content
* few more dominic edits, tweaks
* formatting fights on tips
* fix some alignments
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* changes from Jens
* work on bindings docs that was needed for the first steps docs
* links, more tweaks
* more edits, more TODOs done
* add mermaid diagram, more links, more content
* fix sidebar, tweaks
* tweak
* more link fixing
* fix heading size
* more dewi and dominic edits
* more dewi and dominic edits
* teffen enhancements yay and more bindings rearchitecting
* added note about stage bindings being the only type of binding that you can bind to yeehaw
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* website/docs: add jellyseer integration doc
* Slight tweaks
* Apply suggestions from code review
Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Update website/integrations/media/jellyseerr/index.md
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: dewi-tik <dewi@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
Change exchange key generation to 64 bytes
Updated the command to generate an exchange key from 32 to 64 bytes. as of wazuh 4.9 the exchange key needs to be 64 characters long
Signed-off-by: Sirofwalls <58705178+sirofwalls@users.noreply.github.com>
Remove appendix on OpenID-Connect User admin setup
Removed the appendix section detailing how to make an OpenID-Connect User an admin. Roles are now managed in the UI when you invite a user or afterwards in the Roles tab. There is no need for database edits.
Signed-off-by: Jake Nabasny, PhD <jake.nabasny@canonical.com>
Dominic R
Connor Peshek
frankvoelker
Dewi Roberts
NiceDevil
Teffen Ellis
Tana M Berry
tawfekk
jhuesser
Matthew
Dominic R
Webstijlen
Kofl
kgoode517
Jens L.
Lukas
Roi Gabay
Sirofwalls
Jake Nabasny, PhD
Sylvain E
Javier Díaz Bustamante
authentik-automation[bot]