Authentik

A repository to hold configs for the authentication solution we use: Authentik.

Groups

We have the following groups set up in Authentik:

Nexirift Staff
- Attributes: notes: "This is for staff related services, such as Galaxy, etc."
Nexirift Developers
- Parent: Nexirift Staff
- Attributes: notes: "This is for developer related services, such as: Sentry, etc."

Policies

To see the policies that we use, see the Policies directory.

Applications

To see the applications that we use, see the Applications directory.

Property Mappings

To see the property mappings that we use, see the Property Mappings directory.

Social Logins

We use the following social logins:

Discord
GitHub
GitLab
Google
Patreon
Proton via SimpleLogin
Reddit
Twitch
Twitter

NOTE

Ensure that ALL social logins follow this configuration:

User matching mode: Use the user's email address, but deny enrollment when the email address already exists
Authentication flow: default-source-authentication

Proton via SimpleLogin

The purpose of this policy is to allow users to login with their Proton account.

Setup

Login with a Proton account to SimpleLogin: https://simplelogin.com/developers.
Create a new developer application:
- Name: Nexirift
- Redirect URI: https://auth.nexirift.com/source/oauth/callback/simplelogin/
Create a new OpenID OAuth Source:
- Name: Proton via SimpleLogin
- Slug: simplelogin
- Consumer key: The Client ID from the previous step
- Consumer secret: The Client Secret from the previous step
- Authorization URL: https://app.simplelogin.io/oauth2/authorize
- Access token URL: https://app.simplelogin.io/oauth2/token
- Profile URL: https://app.simplelogin.io/oauth2/userinfo
- OIDC Well-Known URL: https://app.simplelogin.io/.well-known/openid-configuration
- OIDC JWKS URL: https://app.simplelogin.io/jwks

Brand Settings

Show display name in navigation bar

By default, Authentik will show the username in the navigation bar next to the profile picture. It would be a better design choice to show the display name instead of the username.

Go to System > Brands and edit the authentik-default brand.
Show Other global settings and put this in Attributes:

settings:
    navbar:
        userDisplay: name

Credits

Media upload expressions were taken from this discussion and edited to fit our needs.

Name		Name	Last commit message	Last commit date
Latest commit History 15 Commits
applications		applications
policies		policies
property-mappings		property-mappings
.gitignore		.gitignore
.prettierrc		.prettierrc
LICENSE		LICENSE
README.md		README.md
docker-compose.yml		docker-compose.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Authentik

Groups

Policies

Applications

Property Mappings

Social Logins

NOTE

Proton via SimpleLogin

Setup

Brand Settings

Show display name in navigation bar

Credits

About

Languages

License

Nexirift/authentik

Folders and files

Latest commit

History

Repository files navigation

Authentik

Groups

Policies

Applications

Property Mappings

Social Logins

NOTE

Proton via SimpleLogin

Setup

Brand Settings

Show display name in navigation bar

Credits

About

Topics

Resources

License

Stars

Watchers

Forks

Languages