mirror of
https://github.com/goauthentik/authentik.git
synced 2026-06-17 19:09:11 +03:00
Teffen Ellis
9543b3c9f6
* core: add .npmrc baseline to block dependency lifecycle scripts Set ignore-scripts=true at the repo root, plus engine-strict, save-exact, audit, and prefer-offline. This neutralizes the dominant npm supply-chain attack vector — postinstall scripts in transitive dependencies — at the cost of requiring an explicit rebuild for the handful of packages that legitimately need install scripts (esbuild, chromedriver, tree-sitter, tree-sitter-json). The next commit wires that rebuild into the Makefile. Co-Authored-By: Playpen Agent <279763771+playpen-agent@users.noreply.github.com> * core: route node installs through make to retire website preinstall hook Make docs-install depend on a new root-node-install so the root deps are guaranteed before the website install runs, removing the need for the website/preinstall lifecycle script. Rebuild the small audited list of trusted packages (esbuild, chromedriver, tree-sitter, tree-sitter-json) after the web install so ignore-scripts=true remains the only path that needs maintenance. web/README documents the new workflow. Co-Authored-By: Playpen Agent <279763771+playpen-agent@users.noreply.github.com> * Clean up install scripts. * Track .npmrc in CODEOWNERS * Fix formatter config. Reformat. * Fix mounted references. * Flesh out node scripts. * Bump engines. * Prep containers. * Update makefile. * Flesh out github actions. * Clean up docs container. * lint. Bump. Lint. Bump NPM version. * Add limits. * collapse the composite's three setup-node calls to one cache restore * Add SHA. * Bump NPM range. * Run formatter. * Bump NPM. * Remove extra install. * Fix website deps. * Use local prettier. Fix drift in CI. * ci: build frontend in CI with node_env production Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Install docusaurus config. * Fix linter warning, order. * Add linter commands. * Add timeout. * Remove pre install check. --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Playpen Agent <279763771+playpen-agent@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
What is authentik?
authentik is an open-source Identity Provider (IdP) for modern SSO. It supports SAML, OAuth2/OIDC, LDAP, RADIUS, and more, designed for self-hosting from small labs to large production clusters.
Our enterprise offering is available for organizations to securely replace existing IdPs such as Okta, Auth0, Entra ID, and Ping Identity for robust, large-scale identity management.
Installation
- Docker Compose: recommended for small/test setups. See the documentation.
- Kubernetes (Helm Chart): recommended for larger setups. See the documentation and the Helm chart repository.
- AWS CloudFormation: deploy on AWS using our official templates. See the documentation.
- DigitalOcean Marketplace: one-click deployment via the official Marketplace app. See the app listing.
Screenshots
| Light | Dark |
|---|---|
 |
 |
 |
 |
Development and contributions
See the Developer Documentation for information about setting up local build environments, testing your contributions, and our contribution process.
Security
Please see SECURITY.md.
Adoption
Using authentik? We'd love to hear your story and feature your logo. Email us at hello@goauthentik.io or open a GitHub Issue/PR!
License
