Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Application Policy-driven authorization #12915

Open
chupacabra71 opened this issue Feb 1, 2025 · 0 comments
Open

Application Policy-driven authorization #12915

chupacabra71 opened this issue Feb 1, 2025 · 0 comments
Labels
bug Something isn't working

Comments

@chupacabra71
Copy link

Describe the bug
The documentation says that when multiple policies are attached to an Application, you have the option of configuring it to pass if ALL or ANY return True. I see where to set this in a stage, but it is not there for application bindings. If you add multiple policies, currently ANY of them returning True Passes the test. The solution i found was to combine my policies into a single Expression Policy and using that in the binding, but this could potentially have a side effect of having a ton of policies defined, making things overly complicated.

To Reproduce
Steps to reproduce the behavior:

  1. create application
  2. add more than one policy binding (e.g. Group Binding and local IP binding)
  3. application will still be visible if either is true

Expected behavior
Expected the application not to show unless both conditions were met.

Version and Deployment (please complete the following information):

  • authentik version: [e.g. 2024.12.3]
  • Deployment: docker-compose
@chupacabra71 chupacabra71 added the bug Something isn't working label Feb 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@chupacabra71