diff --git a/website/README.md b/website/README.md index 275a852207..7a1b8853a0 100644 --- a/website/README.md +++ b/website/README.md @@ -56,5 +56,5 @@ Deployment is handled by a combination of [Netlify](https://www.netlify.com/) an ## Additional Resources - [Documentation Setup](https://docs.goauthentik.io/developer-docs/setup/website-dev-environment?utm_source=github) -- [Writing Documentation](https://docs.goauthentik.io/developer-docs/docs/writing-documentation?utm_source=github) -- [Style Guide](https://docs.goauthentik.io/developer-docs/docs/style-guide?utm_source=github) +- [Writing Documentation](https://docs.goauthentik.io/developer-docs/writing-documentation?utm_source=github) +- [Style Guide](https://docs.goauthentik.io/developer-docs/style-guide?utm_source=github) diff --git a/website/api/clients/golang.md b/website/api/clients/golang.md index 6dcc961407..6db2358aae 100644 --- a/website/api/clients/golang.md +++ b/website/api/clients/golang.md @@ -4,7 +4,7 @@ sidebar_label: Golang description: A Golang client for the authentik API. --- -The [Go API client](https://pkg.go.dev/goauthentik.io/api/v3) is generated using the [OpenAPI Generator](https://openapi-generator.tech/) and the [OpenAPI v3 schema](https://docs.goauthentik.io/schema.yml). +The [Go API client](https://pkg.go.dev/goauthentik.io/api/v3) is generated using the [OpenAPI Generator](https://openapi-generator.tech/) and the OpenAPI v3 schema. ```shell go get goauthentik.io/api/v3 diff --git a/website/api/clients/node.md b/website/api/clients/node.md index 0366beeeef..397df1204e 100644 --- a/website/api/clients/node.md +++ b/website/api/clients/node.md @@ -4,7 +4,7 @@ sidebar_label: Node.js description: A TypeScript client for the authentik API. --- -The [Node.js API client](https://www.npmjs.com/package/@goauthentik/api) is generated using the [OpenAPI Generator](https://openapi-generator.tech/) and the [OpenAPI v3 schema](https://docs.goauthentik.io/schema.yml). +The [Node.js API client](https://www.npmjs.com/package/@goauthentik/api) is generated using the [OpenAPI Generator](https://openapi-generator.tech/) and the OpenAPI v3 schema. ```shell npm install @goauthentik/api diff --git a/website/api/clients/python.md b/website/api/clients/python.md index 897a21e1c5..79ed03b4df 100644 --- a/website/api/clients/python.md +++ b/website/api/clients/python.md @@ -4,7 +4,7 @@ sidebar_label: Python description: A Python client for the authentik API. --- -The [Python API client](https://pypi.org/project/authentik-client/) is generated using the [OpenAPI Generator](https://openapi-generator.tech/) and the [OpenAPI v3 schema](https://docs.goauthentik.io/schema.yml). +The [Python API client](https://pypi.org/project/authentik-client/) is generated using the [OpenAPI Generator](https://openapi-generator.tech/) and the OpenAPI v3 schema. ```shell pip install authentik-client diff --git a/website/api/docusaurus.config.esm.mjs b/website/api/docusaurus.config.esm.mjs index 108e2bd38c..34219e2ff7 100644 --- a/website/api/docusaurus.config.esm.mjs +++ b/website/api/docusaurus.config.esm.mjs @@ -57,7 +57,7 @@ await Promise.all( * Documentation site configuration for Docusaurus. */ export default createDocusaurusConfig({ - url: "https://api.goauthentik.io", + url: releaseEnvironment.apiReferenceOrigin, staticDirectories: [ // --- @@ -102,8 +102,8 @@ export default createDocusaurusConfig({ beforeDefaultRemarkPlugins: [ remarkLinkRewrite([ - ["/integrations/", "https://integrations.goauthentik.io/"], - ["/docs/", "https://docs.goauthentik.io/docs/"], + ["/integrations", releaseEnvironment.integrationsOrigin], + ["/docs", releaseEnvironment.currentReleaseOrigin], ]), ], }, diff --git a/website/api/index.md b/website/api/index.md index e5a7c5919f..9fc5fd0a08 100644 --- a/website/api/index.md +++ b/website/api/index.md @@ -3,7 +3,7 @@ title: API Overview sidebar_label: Overview --- -Our API reference documentation is generated from the [OpenAPI v3 schema](https://docs.goauthentik.io/schema.yml). +Our API reference documentation is generated from the OpenAPI v3 schema. You can also access your installation's own, instance-specific API Browser. Starting with 2021.3.5, every authentik instance has a built-in API browser, which can be accessed at https://authentik.company/api/v3/. diff --git a/website/api/static/_redirects b/website/api/static/_redirects index c42308392f..027c722067 100644 --- a/website/api/static/_redirects +++ b/website/api/static/_redirects @@ -5,6 +5,9 @@ # Note: The order of the rules defines the priority of the redirect. # i.e. The first rule that matches the URL will take precedence. +#region OpenAPI +/schema.yaml /schema.yml 301! +#endregion #region api prefix /api/* /:splat 301! diff --git a/website/docs/add-secure-apps/flows-stages/flow/executors/if-flow.md b/website/docs/add-secure-apps/flows-stages/flow/executors/if-flow.md index 0940159d61..bcb61593d3 100644 --- a/website/docs/add-secure-apps/flows-stages/flow/executors/if-flow.md +++ b/website/docs/add-secure-apps/flows-stages/flow/executors/if-flow.md @@ -5,7 +5,7 @@ title: Default This is the default, web-based environment that flows are executed in. All stages are compatible with this environment and no limitations are imposed. :::info -All flow executors use the same [API](/api/docs/flow-executor), which allows for the implementation of custom flow executors. +All flow executors use the same [API](/api/flow-executor), which allows for the implementation of custom flow executors. ::: ## Layouts diff --git a/website/docs/add-secure-apps/providers/ssf/index.md b/website/docs/add-secure-apps/providers/ssf/index.md index 289dcc3a56..798bbd8364 100644 --- a/website/docs/add-secure-apps/providers/ssf/index.md +++ b/website/docs/add-secure-apps/providers/ssf/index.md @@ -16,7 +16,7 @@ Events in authentik that are tracked via SSF include when an MFA device is added ## Example use cases -One important use case for SFF is to [integrate Apple Business Manager](https://integrations.goauthentik.io/device-management/apple/) or any of the Apple device management platforms with authentik, so that users can enroll their Apple devices using their authentik credentials. When a user signs in with their email address, Apple redirects them to authentik for authentication. Once authenticated, Apple enrolls the user's device and grants access to Apple services. +One important use case for SFF is to [integrate Apple Business Manager](/integrations/device-management/apple/) or any of the Apple device management platforms with authentik, so that users can enroll their Apple devices using their authentik credentials. When a user signs in with their email address, Apple redirects them to authentik for authentication. Once authenticated, Apple enrolls the user's device and grants access to Apple services. Another use case for SSF is when an Admin wants to know if a user logs out of authentik, so that the user is then also automatically logged out of all other work-focused applications. diff --git a/website/docs/developer-docs/contributing.md b/website/docs/developer-docs/contributing.md index 521b680bb5..7e9ce4815a 100644 --- a/website/docs/developer-docs/contributing.md +++ b/website/docs/developer-docs/contributing.md @@ -125,7 +125,7 @@ This is documented in the [developer docs](./setup/frontend-dev-environment.md). Contributions to the technical documentation are greatly appreciated. Open a PR if you have improvements to make or new content to add. If you have questions or suggestions about the documentation, open an Issue. No contribution is too small. -Please be sure to refer to our [Style Guide](../developer-docs/docs/style-guide.mdx) for the docs, and use a [template](./docs/templates/index.md) to make it easier for you. The style guidelines are also used for any Integrations documentation, and we have a template for Integrations as well, in our [Github repo](https://github.com/goauthentik/authentik) at `/website/integrations/template/service.md`. +Please be sure to refer to our [Style Guide](../developer-docs/style-guide.mdx) for the docs, and use a [template](./templates/index.md) to make it easier for you. The style guidelines are also used for any Integrations documentation, and we have a template for Integrations as well, in our [Github repo](https://github.com/goauthentik/authentik) at `/website/integrations/template/service.md`. ### Pull requests @@ -175,7 +175,7 @@ authentik runs on Python 3.13 at the time of writing this. ### Documentation Style Guide -Refer to the full [Style Guide](../developer-docs/docs/style-guide.mdx) for details, but here are some important highlights: +Refer to the full [Style Guide](../developer-docs/style-guide.mdx) for details, but here are some important highlights: - Our product name is authentik, with a lower-case "a" and a "k" on the end. Our company name is Authentik Security. diff --git a/website/docs/developer-docs/setup/index.mdx b/website/docs/developer-docs/setup/index.mdx deleted file mode 100644 index fd80f64bab..0000000000 --- a/website/docs/developer-docs/setup/index.mdx +++ /dev/null @@ -1,10 +0,0 @@ ---- -title: Development environment -description: Choose how you want to run and work on authentik. ---- - -import DocCardList from "@theme/DocCardList"; - -Pick the setup that fits your workflow: full stack, frontend-only, or just the docs and grab some debugging tips along the way. - - diff --git a/website/docs/developer-docs/docs/style-guide.mdx b/website/docs/developer-docs/style-guide.mdx similarity index 99% rename from website/docs/developer-docs/docs/style-guide.mdx rename to website/docs/developer-docs/style-guide.mdx index e1cfc62e57..2c9173d959 100644 --- a/website/docs/developer-docs/docs/style-guide.mdx +++ b/website/docs/developer-docs/style-guide.mdx @@ -343,8 +343,8 @@ When documenting errors, follow this structure: - **Heading hierarchy**: Use headings in order (H1 → H2 → H3) to support screen readers. - **Color usage**: Avoid using color as the sole method of conveying information (e.g., "Click the red button"). Instead, use descriptive labels to ensure accessibility. - **Descriptive link text**: Provide descriptive link text. Avoid using generic terms like "Click here". Be specific about where the link will take the user. - - **DON'T:** "Click here." - - **DO:** "See the [Authentication Settings](/) for more details." + - **DON'T:** `Click [here](/authentication-settings) for more details.` + - **DO:** `See [Authentication Settings](/authentication-settings) for more details.` --- diff --git a/website/docs/developer-docs/docs/templates/combo.md b/website/docs/developer-docs/templates/combo.md similarity index 94% rename from website/docs/developer-docs/docs/templates/combo.md rename to website/docs/developer-docs/templates/combo.md index e3e184badc..a380719233 100644 --- a/website/docs/developer-docs/docs/templates/combo.md +++ b/website/docs/developer-docs/templates/combo.md @@ -3,10 +3,10 @@ title: "Combination topic" --- :::info -**How to use this template**: start with the markdown version of the template, either by copying the [`combo.tmpl.md`](https://github.com/goauthentik/authentik/tree/main/website/docs/developer-docs/docs/templates) file from our GitHub repo or downloading the template file using the following command: +**How to use this template**: start with the markdown version of the template, either by copying the [`combo.tmpl.md`](https://github.com/goauthentik/authentik/tree/main/website/docs/developer-docs/templates) file from our GitHub repo or downloading the template file using the following command: ```shell -wget https://raw.githubusercontent.com/goauthentik/authentik/main/website/docs/developer-docs/docs/templates/combo.tmpl.md +wget https://raw.githubusercontent.com/goauthentik/authentik/main/website/docs/developer-docs/templates/combo.tmpl.md ``` Edit your markdown file as you work, reading this page for the descriptions of each section. You can build out a "stub file" with just headers, then gradually add content to each section. Use screenshots sparingly, only for complex UIs where it is difficult to describe a UI element with words. Refer to our [Style Guide](../style-guide.mdx) for writing tips and authentik-specific rules. diff --git a/website/docs/developer-docs/docs/templates/combo.tmpl.md b/website/docs/developer-docs/templates/combo.tmpl.md similarity index 100% rename from website/docs/developer-docs/docs/templates/combo.tmpl.md rename to website/docs/developer-docs/templates/combo.tmpl.md diff --git a/website/docs/developer-docs/docs/templates/conceptual.md b/website/docs/developer-docs/templates/conceptual.md similarity index 93% rename from website/docs/developer-docs/docs/templates/conceptual.md rename to website/docs/developer-docs/templates/conceptual.md index 4fe274783c..5d1997970c 100644 --- a/website/docs/developer-docs/docs/templates/conceptual.md +++ b/website/docs/developer-docs/templates/conceptual.md @@ -3,10 +3,10 @@ title: "Conceptual topic" --- :::info -**How to use this template**: start with the markdown version of the template, either by copying the [`conceptual.tmpl.md`](https://github.com/goauthentik/authentik/tree/main/website/docs/developer-docs/docs/templates) file from our GitHub repo or downloading the template file using the following command: +**How to use this template**: start with the markdown version of the template, either by copying the [`conceptual.tmpl.md`](https://github.com/goauthentik/authentik/tree/main/website/docs/developer-docs/templates) file from our GitHub repo or downloading the template file using the following command: ```shell -wget https://raw.githubusercontent.com/goauthentik/authentik/main/website/docs/developer-docs/docs/templates/conceptual.tmpl.md +wget https://raw.githubusercontent.com/goauthentik/authentik/main/website/docs/developer-docs/templates/conceptual.tmpl.md ``` Edit your markdown file as you work, reading this page for the descriptions of each section. You can build out a "stub file" with just headers, then gradually add content to each section. Use screenshots sparingly, only for complex UIs where it is difficult to describe a UI element with words. Refer to our [Style Guide](../style-guide.mdx) for writing tips and authentik-specific rules. diff --git a/website/docs/developer-docs/docs/templates/conceptual.tmpl.md b/website/docs/developer-docs/templates/conceptual.tmpl.md similarity index 100% rename from website/docs/developer-docs/docs/templates/conceptual.tmpl.md rename to website/docs/developer-docs/templates/conceptual.tmpl.md diff --git a/website/docs/developer-docs/docs/templates/index.md b/website/docs/developer-docs/templates/index.md similarity index 100% rename from website/docs/developer-docs/docs/templates/index.md rename to website/docs/developer-docs/templates/index.md diff --git a/website/docs/developer-docs/docs/templates/procedural.md b/website/docs/developer-docs/templates/procedural.md similarity index 94% rename from website/docs/developer-docs/docs/templates/procedural.md rename to website/docs/developer-docs/templates/procedural.md index 915791e7d3..b6b9f3f7f5 100644 --- a/website/docs/developer-docs/docs/templates/procedural.md +++ b/website/docs/developer-docs/templates/procedural.md @@ -3,10 +3,10 @@ title: "Procedural topic" --- :::info -**How to use this template**: start with the markdown version of the template, either by copying the [`procedural.tmpl.md`](https://github.com/goauthentik/authentik/tree/main/website/docs/developer-docs/docs/templates) file from our GitHub repo or downloading the template file using the following command: +**How to use this template**: start with the markdown version of the template, either by copying the [`procedural.tmpl.md`](https://github.com/goauthentik/authentik/tree/main/website/docs/developer-docs/templates) file from our GitHub repo or downloading the template file using the following command: ```shell -wget https://raw.githubusercontent.com/goauthentik/authentik/main/website/docs/developer-docs/docs/templates/procedural.tmpl.md +wget https://raw.githubusercontent.com/goauthentik/authentik/main/website/docs/developer-docs/templates/procedural.tmpl.md ``` Edit your markdown file as you work, reading this page for the descriptions of each section. You can build out a "stub file" with just headers, then gradually add content to each section. Use screenshots sparingly, only for complex UIs where it is difficult to describe a UI element with words. Refer to our [Style Guide](../style-guide.mdx) for writing tips and authentik-specific rules. diff --git a/website/docs/developer-docs/docs/templates/procedural.tmpl.md b/website/docs/developer-docs/templates/procedural.tmpl.md similarity index 100% rename from website/docs/developer-docs/docs/templates/procedural.tmpl.md rename to website/docs/developer-docs/templates/procedural.tmpl.md diff --git a/website/docs/developer-docs/docs/templates/reference.md b/website/docs/developer-docs/templates/reference.md similarity index 90% rename from website/docs/developer-docs/docs/templates/reference.md rename to website/docs/developer-docs/templates/reference.md index 33f40e5a82..0729250628 100644 --- a/website/docs/developer-docs/docs/templates/reference.md +++ b/website/docs/developer-docs/templates/reference.md @@ -3,10 +3,10 @@ title: "Reference topic" --- :::info -**How to use this template**: start with the markdown version of the template, either by copying the [`reference.tmpl.md`](https://github.com/goauthentik/authentik/tree/main/website/docs/developer-docs/docs/templates) file from our GitHub repo or downloading the template file using the following command: +**How to use this template**: start with the markdown version of the template, either by copying the [`reference.tmpl.md`](https://github.com/goauthentik/authentik/tree/main/website/docs/developer-docs/templates) file from our GitHub repo or downloading the template file using the following command: ```shell -wget https://raw.githubusercontent.com/goauthentik/authentik/main/website/docs/developer-docs/docs/templates/reference.tmpl.md +wget https://raw.githubusercontent.com/goauthentik/authentik/main/website/docs/developer-docs/templates/reference.tmpl.md ``` Edit your markdown file as you work, reading this page for the descriptions of each section. You can build out a "stub file" with just headers, then gradually add content to each section. Use screenshots sparingly, only for complex UIs where it is difficult to describe a UI element with words. Refer to our [Style Guide](../style-guide.mdx) for writing tips and authentik-specific rules. diff --git a/website/docs/developer-docs/docs/templates/reference.tmpl.md b/website/docs/developer-docs/templates/reference.tmpl.md similarity index 100% rename from website/docs/developer-docs/docs/templates/reference.tmpl.md rename to website/docs/developer-docs/templates/reference.tmpl.md diff --git a/website/docs/developer-docs/translation.md b/website/docs/developer-docs/translation.md index f0f4658c62..adbf794721 100644 --- a/website/docs/developer-docs/translation.md +++ b/website/docs/developer-docs/translation.md @@ -7,7 +7,7 @@ Translation in authentik is done in two places. Most of the text is defined in t The frontend uses [@lit/localize](https://lit.dev/docs/localization/overview/), and the backend uses the built-in django translation tools. :::info -Please review the [Writing documentation](./docs/writing-documentation.md) guidelines as they apply to documentation too. +Please review the [Writing documentation](./writing-documentation.md) guidelines as they apply to documentation too. ::: ## Online translation diff --git a/website/docs/developer-docs/docs/writing-documentation.md b/website/docs/developer-docs/writing-documentation.md similarity index 92% rename from website/docs/developer-docs/docs/writing-documentation.md rename to website/docs/developer-docs/writing-documentation.md index 19670edfb4..69678d8e30 100644 --- a/website/docs/developer-docs/docs/writing-documentation.md +++ b/website/docs/developer-docs/writing-documentation.md @@ -7,7 +7,7 @@ import Tabs from "@theme/Tabs"; Writing documentation for authentik is a great way for both new and experienced users to improve and contribute to the project. We appreciate contributions to our documentation; everything from fixing a typo to adding additional content to writing a completely new topic. -The technical documentation (https://docs.goauthentik.io/docs/) and our integration guides (https://integrations.goauthentik.io/) are built, formatted, and tested using npm. The commands to build the content locally are defined in the `Makefile` in the root of the repository. Each command is prefixed with `docs-` or `integrations-` and corresponds to an NPM script within the `website` directory. +Our technical documentation and integration guides are built, formatted, and tested using [NPM](https://www.npmjs.com/). The commands to build the content locally are defined in the `Makefile` in the root of the repository. Each command is prefixed with `docs-` or `integrations-` and corresponds to an NPM script within the `website` directory. ## Guidelines @@ -21,7 +21,7 @@ Adhering to the following guidelines will help us get your PRs merged much easie - Remember to use our templates when possible; they are already set up to follow our style guidelines, they make it a lot easier for you (no blank page frights!), and they keep the documentation structure and headings consistent. - [docs templates](./templates/index.md) - - [integration guide template](https://integrations.goauthentik.io/applications#add-a-new-application) + - [integration guide template](/integrations/applications#add-a-new-application) :::tip If you encounter build check fails, or issues you with your local build, you might need to run `make docs-install` in order to get the latest build tools and dependencies; we do occasionally update our build tools. @@ -76,14 +76,14 @@ Installs or updates the build dependencies such as Docusaurus, Prettier, and ESL ## Writing or modifying technical docs -In addition to following the [Style Guide](./style-guide.mdx) please review the following guidelines about our technical documentation (https://docs.goauthentik.io/docs/): +In addition to following the [Style Guide](./style-guide.mdx) please review the following guidelines about our technical documentation: - For new entries, make sure to add any new pages to the `/docs/sidebar.mjs` file. Otherwise, the new page will not appear in the table of contents to the left. - Always be sure to run the `make docs` command on your local branch _before_ pushing the PR to the authentik repo. This command does important linting, and the build check in our repo will fail if the linting has not been done. In general, check on the health of your build before pushing to the authentik repo, and also check on the build status of your PR after you create it. -For our technical documentation (https://docs.goauthentik.io/docs/), the following commands are used: +For our technical documentation, the following commands are used: ### Build locally @@ -103,7 +103,7 @@ Starts a local development server for the documentation site and opens a preview ## Writing or modifying integration guides -In addition to following the [Style Guide](./style-guide.mdx) please review the following guidelines about our integration guides (https://integrations.goauthentik.io/). +In addition to following the [Style Guide](./style-guide.mdx) please review the following guidelines about our integration guides (/integrations/). - For new integration documentation, please use the Integrations template in our [Github repo](https://github.com/goauthentik/authentik) at `/website/integrations/template/service.md`. @@ -139,10 +139,10 @@ Every documentation page you see on our website starts as a simple Markdown file ### Converting file paths to URLs -Let's take a look at the file path of the [Style Guide page](https://docs.goauthentik.io/developer-docs/docs/style-guide/): +Let's take a look at the file path of the [Style Guide page](./style-guide.mdx): ```text -/website/docs/developer-docs/docs/style-guide.mdx +/website/docs/developer-docs/style-guide.mdx ``` Compared to the URL path of this page, there are a few differences: @@ -154,7 +154,7 @@ Compared to the URL path of this page, there are a few differences: This results in the following URL path: ```text -https://docs.goauthentik.io/developer-docs/docs/style-guide/ +https://docs.goauthentik.io/developer-docs/style-guide/ ``` The final published URL is made possible with a combination of [Docusaurus's routing system](https://docusaurus.io/docs/advanced/routing) and [Netlify's redirects](https://docs.netlify.com/routing/redirects/). diff --git a/website/docs/docusaurus.config.esm.mjs b/website/docs/docusaurus.config.esm.mjs index b8c0668f5b..77bb64bfb6 100644 --- a/website/docs/docusaurus.config.esm.mjs +++ b/website/docs/docusaurus.config.esm.mjs @@ -59,7 +59,7 @@ export default createDocusaurusConfig( experimental_faster: true, }, - url: "https://docs.goauthentik.io", + url: releaseEnvironment.currentReleaseOrigin, //#region Preset presets: [ @@ -85,8 +85,8 @@ export default createDocusaurusConfig( beforeDefaultRemarkPlugins: [ remarkLinkRewrite([ - ["/api", "https://api.goauthentik.io"], - ["/integrations", "https://integrations.goauthentik.io"], + ["/api", releaseEnvironment.apiReferenceOrigin], + ["/integrations", releaseEnvironment.integrationsOrigin], ]), ], }, diff --git a/website/docs/install-config/reverse-proxy.md b/website/docs/install-config/reverse-proxy.md index c4d6260a3a..30c1b11967 100644 --- a/website/docs/install-config/reverse-proxy.md +++ b/website/docs/install-config/reverse-proxy.md @@ -54,7 +54,7 @@ server { # Proxy site # Location can be set to a subpath if desired, see documentation linked below: - # https://docs.goauthentik.io/docs/install-config/configuration/#authentik_web__path + # https://docs.goauthentik.io/install-config/configuration/#authentik_web__path location / { proxy_pass https://authentik; proxy_http_version 1.1; diff --git a/website/docs/releases/2025/v2025.4.md b/website/docs/releases/2025/v2025.4.md index 3b51350cfd..bae6dea850 100644 --- a/website/docs/releases/2025/v2025.4.md +++ b/website/docs/releases/2025/v2025.4.md @@ -63,7 +63,7 @@ Previously, sessions were stored by default in the cache. Now, they are stored i - **Reputation score limit** - Reputation scores now have a configurable numerical limit in addition to the [already existing temporal limit](https://docs.goauthentik.io/docs/install-config/configuration/#authentik_reputation_expiry). + Reputation scores now have a configurable numerical limit in addition to the [already existing temporal limit](../../install-config/configuration/configuration.mdx#authentik_reputation__expiry). diff --git a/website/docs/releases/2025/v2025.6.md b/website/docs/releases/2025/v2025.6.md index 118c74c1f8..3181dc6a52 100644 --- a/website/docs/releases/2025/v2025.6.md +++ b/website/docs/releases/2025/v2025.6.md @@ -30,7 +30,7 @@ slug: "/releases/2025.6" - **LDAP source sync forward deletions**: With this option enabled, users or groups created in authentik via LDAP sources will also be removed from authentik if they are deleted from the LDAP source. For more information, please refer to our [LDAP source documentation](../../users-sources/sources/protocols/ldap/index.md). - **Provider sync performance**: We have implemented parallel scheduling for outgoing syncs to provide faster synchronization. - **Branding**: Custom branding should now be more consistent on initial load, without flickering. -- **Remote Access Control (RAC) improved [documentation](https://docs.goauthentik.io/docs/add-secure-apps/providers/rac/)**: Added content about how to authenticate using a public key and improved the wording and formatting throughout the topic. +- **Remote Access Control (RAC) improved [documentation](../../add-secure-apps/providers/rac/index.md)**: Added content about how to authenticate using a public key and improved the wording and formatting throughout the topic. ## New integration guides diff --git a/website/docs/releases/2025/v2025.8.mdx b/website/docs/releases/2025/v2025.8.mdx index 899dd57452..6fec97bb08 100644 --- a/website/docs/releases/2025/v2025.8.mdx +++ b/website/docs/releases/2025/v2025.8.mdx @@ -148,13 +148,13 @@ From this point on, we recommend using the bundled PostgreSQL dependency for dem An integration is how authentik connects to third-party applications, directories, and other identity providers. The following integration guides were recently added. -- [1Password](https://integrations.goauthentik.io/security/1password/) -- [Bitwarden](https://integrations.goauthentik.io/security/bitwarden/) -- [Papra](https://integrations.goauthentik.io/documentation/papra/) -- [Planka](https://integrations.goauthentik.io/chat-communication-collaboration/planka/) -- [Seafile](https://integrations.goauthentik.io/media/seafile/) -- [Vaultwarden](https://integrations.goauthentik.io/security/vaultwarden/) -- [Zoho](https://integrations.goauthentik.io/platforms/zoho/) +- [1Password](/integrations/security/1password/) +- [Bitwarden](/integrations/security/bitwarden/) +- [Papra](/integrations/documentation/papra/) +- [Planka](/integrations/chat-communication-collaboration/planka/) +- [Seafile](/integrations/media/seafile/) +- [Vaultwarden](/integrations/security/vaultwarden/) +- [Zoho](/integrations/platforms/zoho/) ## Upgrading diff --git a/website/docs/security/audits-and-certs/2024-11-cobalt.md b/website/docs/security/audits-and-certs/2024-11-cobalt.md index c2b7889cad..6c07fa458b 100644 --- a/website/docs/security/audits-and-certs/2024-11-cobalt.md +++ b/website/docs/security/audits-and-certs/2024-11-cobalt.md @@ -14,7 +14,7 @@ Overall, we are pleased with the report's findings and grateful for the opportun > Cobalt reported "The pentesters found that the Authentik Security team implemented robust and up-to-date security practices throughout the application." -In total, there were 5 low-level and one info-level vulnerabilities reported. By early November 2024, all 6 vulnerabilities were addressed and released in the [2024.10.4 patch release](https://docs.goauthentik.io/docs/releases/2024.10#fixed-in-2024103). +In total, there were 5 low-level and one info-level vulnerabilities reported. By early November 2024, all 6 vulnerabilities were addressed and released in the [2024.10.4 patch release](../../releases/2024/v2024.10.md#fixed-in-2024103). ## Responses to specific findings @@ -54,10 +54,10 @@ The absence of Content Security Policy (CSP) headers means that the application **Issue**: Finally, the only informational level finding was the potential for the unauthenticated download of private key and certificate values via a direct URL. (Guessing the URL required the knowledge of the UUID of an object.) We had already fixed this issue in 2024.8.0, but the instance tested against was the immediately preceding version. -**Fix**: For more details, refer to [CVE-2024-42490](https://docs.goauthentik.io/docs/security/cves/CVE-2024-42490). +**Fix**: For more details, refer to [CVE-2024-42490](../cves/CVE-2024-42490.md). ## Retest results The subsequent retest conducted by Cobalt deemed all issues resolved. See page 17 of the [report](https://goauthentik.io/resources/fullReport_authentik-cobalt-test-instance-august-2024-pt26135.pdf) for the mitigation status ("fixed") for each of the issues discovered in September. -We are pleased to share this pentest and the final results of the retest. We encourage an open and ongoing communication with our users and community. For more information abut our security stance, read our [Security Policy](https://docs.goauthentik.io/docs/security/policy), [Hardening authentik](https://docs.goauthentik.io/docs/security/security-hardening), and our other [security-related documentation](https://docs.goauthentik.io/docs/security). If you have any questions or feedback you can reach us on [GitHub](https://github.com/goauthentik/authentik), [Discord](https://discord.com/channels/809154715984199690/809154716507963434), or via email to [hello@goauthentik.io](mailto:hello@goauthentik.io). +We are pleased to share this pentest and the final results of the retest. We encourage an open and ongoing communication with our users and community. For more information abut our security stance, read our [Security Policy](../policy.mdx), [Hardening authentik](../security-hardening.md), and our other [security-related documentation](../../). If you have any questions or feedback you can reach us on [GitHub](https://github.com/goauthentik/authentik), [Discord](https://discord.com/channels/809154715984199690/809154716507963434), or via email to [hello@goauthentik.io](mailto:hello@goauthentik.io). diff --git a/website/docs/sidebar.mjs b/website/docs/sidebar.mjs index be27c95358..c496ae327e 100644 --- a/website/docs/sidebar.mjs +++ b/website/docs/sidebar.mjs @@ -644,24 +644,16 @@ const items = [ { type: "link", href: releaseEnvironment.apiReferenceOrigin, - label: "API Overview", - className: "api-overview", - }, - { - type: "doc", - id: "developer-docs/contributing", - label: "Contributing", + label: "API Reference", + className: "api-reference", }, { - //#endregion - - //#region Development environment type: "category", - label: "Development environment", + label: "Development setup", link: { type: "doc", - id: "developer-docs/setup/index", + id: "developer-docs/setup/full-dev-environment", }, items: [ "developer-docs/setup/full-dev-environment", @@ -669,34 +661,52 @@ const items = [ "developer-docs/setup/debugging", ], }, - { - //#endregion - //#region Writing documentation + { type: "category", - label: "Writing documentation", + label: "Contributing", link: { type: "doc", - id: "developer-docs/docs/writing-documentation", + id: "developer-docs/contributing", }, items: [ - "developer-docs/docs/style-guide", + { + type: "doc", + id: "developer-docs/contributing", + label: "Overview", + }, + { + type: "doc", + id: "developer-docs/writing-documentation", + }, + { + type: "doc", + label: "Style guide", + id: "developer-docs/style-guide", + }, + { type: "category", label: "Templates", link: { type: "doc", - id: "developer-docs/docs/templates/index", + id: "developer-docs/templates/index", }, items: [ - "developer-docs/docs/templates/procedural", - "developer-docs/docs/templates/conceptual", - "developer-docs/docs/templates/reference", - "developer-docs/docs/templates/combo", + { + type: "doc", + id: "developer-docs/templates/index", + label: "Overview", + }, + "developer-docs/templates/procedural", + "developer-docs/templates/conceptual", + "developer-docs/templates/reference", + "developer-docs/templates/combo", ], }, ], }, + { type: "doc", id: "developer-docs/releases/index", diff --git a/website/docs/static/_redirects b/website/docs/static/_redirects index ff0fbd2efb..8fd6525b7c 100644 --- a/website/docs/static/_redirects +++ b/website/docs/static/_redirects @@ -6,13 +6,15 @@ # i.e. The first rule that matches the URL will take precedence. #region API -/api https://api.goauthentik.io 301! -/docs/api https://api.goauthentik.io 301! -/docs/developer-docs/api/ https://api.goauthentik.io 301! -/api/* https://api.goauthentik.io/:splat 301! -/docs/api/* https://api.goauthentik.io/:splat 301! -/docs/developer-docs/api/* https://api.goauthentik.io/:splat 301! -/developer-docs/api/* https://api.goauthentik.io/:splat 301! +/schema.yml https://api.goauthentik.io/schema.yml 301! +/schema.yaml https://api.goauthentik.io/schema.yml 301! +/api https://api.goauthentik.io 301! +/docs/api https://api.goauthentik.io 301! +/docs/developer-docs/api/ https://api.goauthentik.io 301! +/api/* https://api.goauthentik.io/:splat 301! +/docs/api/* https://api.goauthentik.io/:splat 301! +/docs/developer-docs/api/* https://api.goauthentik.io/:splat 301! +/developer-docs/api/* https://api.goauthentik.io/:splat 301! #endregion #region Applications @@ -74,5 +76,7 @@ #endregion #region Docs prefix +/developer-docs/docs/* /developer-docs/:splat 301! +/docs/developer-docs/docs/* /developer-docs/:splat 301! /docs/* /:splat 301! #endregion diff --git a/website/docs/users-sources/sources/social-logins/discord/index.md b/website/docs/users-sources/sources/social-logins/discord/index.md index 8f44811e98..47f0b28912 100644 --- a/website/docs/users-sources/sources/social-logins/discord/index.md +++ b/website/docs/users-sources/sources/social-logins/discord/index.md @@ -314,10 +314,8 @@ Now bind this policy to the chosen authentication flows for the Discord OAuth so :::info Ensure that the Discord OAuth source in **Federation & Social login** has the additional `guilds.members.read` scopes added under **Protocol settings**. -::: -:::info -In order to use the created attribute in authentik you will have to set authentik configuration arguments found at: https://docs.goauthentik.io/docs/core/settings#avatars +In order to use the created attribute in authentik you will also have to configure authentik's [avatar settings](../../../../sys-mgmt/settings.md#avatars). ::: Create a new **Expression Policy** with the content below, adjusting the variables where required: diff --git a/website/docusaurus-theme/releases/node.mjs b/website/docusaurus-theme/releases/node.mjs index 09619e5016..aca3eccb6f 100644 --- a/website/docusaurus-theme/releases/node.mjs +++ b/website/docusaurus-theme/releases/node.mjs @@ -77,6 +77,7 @@ export function createReleaseSidebarEntries(releaseFiles) { * @property {string} currentReleaseOrigin The URL to the current release documentation. * @property {string} preReleaseOrigin The URL to the pre-release documentation. * @property {string} apiReferenceOrigin The URL to the API reference documentation. + * @property {string} integrationsOrigin The URL to the integrations documentation. */ /** @@ -90,5 +91,7 @@ export function prepareReleaseEnvironment() { currentReleaseOrigin: process.env.CURRENT_RELEASE_ORIGIN || "https://docs.goauthentik.io", preReleaseOrigin: process.env.PRE_RELEASE_ORIGIN || "https://next.goauthentik.io", apiReferenceOrigin: process.env.API_REFERENCE_ORIGIN || "https://api.goauthentik.io", + integrationsOrigin: + process.env.INTEGRATIONS_ORIGIN || "https://integrations.goauthentik.io", }; } diff --git a/website/docusaurus-theme/theme/EditMetaRow/index.tsx b/website/docusaurus-theme/theme/EditMetaRow/index.tsx index 24fe17142b..806fa66cef 100644 --- a/website/docusaurus-theme/theme/EditMetaRow/index.tsx +++ b/website/docusaurus-theme/theme/EditMetaRow/index.tsx @@ -1,5 +1,7 @@ import styles from "./styles.module.css"; +import { useCachedVersionPluginData } from "@goauthentik/docusaurus-theme/components/VersionPicker/utils.ts"; + import Translate from "@docusaurus/Translate"; import Admonition from "@theme/Admonition"; import type { Props } from "@theme/EditMetaRow"; @@ -14,6 +16,12 @@ const EditMetaRow: React.FC = ({ lastUpdatedAt, lastUpdatedBy, }: Props) => { + const versionPluginData = useCachedVersionPluginData(); + const currentReleaseOrigin = + versionPluginData?.env.currentReleaseOrigin ?? "https://docs.goauthentik.io"; + + const contributorURL = new URL("/developer-docs/contributing/", currentReleaseOrigin); + return ( <>
@@ -56,7 +64,7 @@ const EditMetaRow: React.FC = ({
  • diff --git a/website/integrations/chat-communication-collaboration/mastodon/index.md b/website/integrations/chat-communication-collaboration/mastodon/index.md index 36a43f649f..967a06c955 100644 --- a/website/integrations/chat-communication-collaboration/mastodon/index.md +++ b/website/integrations/chat-communication-collaboration/mastodon/index.md @@ -45,7 +45,7 @@ To support the integration of Mastodon with authentik, you need to create an app Configure Mastodon `OIDC_` settings by editing the `.env.production` and add the following: :::warning -When using `preferred_username` as the user identifier, ensure that the [Allow users to change username setting](https://docs.goauthentik.io/docs/sys-mgmt/settings#allow-users-to-change-username) is disabled to prevent authentication issues. +When using `preferred_username` as the user identifier, ensure that the [Allow users to change username setting](/docs/sys-mgmt/settings#allow-users-to-change-username) is disabled to prevent authentication issues. ::: :::info diff --git a/website/integrations/chat-communication-collaboration/owncloud/index.md b/website/integrations/chat-communication-collaboration/owncloud/index.md index b6ce2944e2..da8398dae6 100644 --- a/website/integrations/chat-communication-collaboration/owncloud/index.md +++ b/website/integrations/chat-communication-collaboration/owncloud/index.md @@ -116,7 +116,7 @@ To enable OIDC functionality in ownCloud, follow these steps: Add the necessary configuration settings to this file. Ensure it includes at least the minimal requirements for your setup: :::warning - You can configure ownCloud to use either the `sub` or `preferred_username` as the UID field under `search-attribute`. When using `preferred_username` as the user identifier, ensure that the [**Allow users to change username** setting](https://docs.goauthentik.io/docs/sys-mgmt/settings#allow-users-to-change-username) is disabled to prevent authentication issues. The `sub` option uses a unique, stable identifier for the user, while `preferred_username` uses the username configured in authentik. + You can configure ownCloud to use either the `sub` or `preferred_username` as the UID field under `search-attribute`. When using `preferred_username` as the user identifier, ensure that the [**Allow users to change username** setting](/docs/sys-mgmt/settings#allow-users-to-change-username) is disabled to prevent authentication issues. The `sub` option uses a unique, stable identifier for the user, while `preferred_username` uses the username configured in authentik. ::: ```php diff --git a/website/integrations/chat-communication-collaboration/thelounge/index.md b/website/integrations/chat-communication-collaboration/thelounge/index.md index 674eeb2121..3b426c28df 100644 --- a/website/integrations/chat-communication-collaboration/thelounge/index.md +++ b/website/integrations/chat-communication-collaboration/thelounge/index.md @@ -11,7 +11,7 @@ support_level: community > -- https://thelounge.chat/ :::note -This guide assumes you already deployed an LDAP Provider, if not check [here](https://docs.goauthentik.io/docs/add-secure-apps/providers/ldap/generic_setup). +This guide assumes you already deployed an LDAP Provider, if not check [here](/docs/add-secure-apps/providers/ldap/generic_setup). If you made any changes, e.g. using a different name for the user, make sure to apply them here as well. ::: diff --git a/website/integrations/dashboards/organizr/index.md b/website/integrations/dashboards/organizr/index.md index 1e7dcec509..895d783264 100644 --- a/website/integrations/dashboards/organizr/index.md +++ b/website/integrations/dashboards/organizr/index.md @@ -10,7 +10,7 @@ support_level: community > > -- https://github.com/causefx/Organizr -This integration leverages authentik's LDAP for the identity provider to achieve an SSO experience. See [ldap provider generic setup](https://docs.goauthentik.io/docs/add-secure-apps/providers/ldap/generic_setup) for setting up the LDAP provider. +This integration leverages authentik's LDAP for the identity provider to achieve an SSO experience. See [ldap provider generic setup](/docs/add-secure-apps/providers/ldap/generic_setup) for setting up the LDAP provider. ## Preparation @@ -78,5 +78,5 @@ LDAP Backend Type: `OpenLDAP` Access for authentik users is managed locally within organizr under _User Management_. By default, new users are assigned the `User` group. ::: :::tip -Consider front-ending your application with a [forward auth provider](https://docs.goauthentik.io/docs/add-secure-apps/providers/proxy/forward_auth) for an SSO experience. +Consider front-ending your application with a [forward auth provider](/docs/add-secure-apps/providers/proxy/forward_auth) for an SSO experience. ::: diff --git a/website/integrations/documentation/dokuwiki/index.md b/website/integrations/documentation/dokuwiki/index.md index bb5204eff7..cbc884b721 100644 --- a/website/integrations/documentation/dokuwiki/index.md +++ b/website/integrations/documentation/dokuwiki/index.md @@ -53,7 +53,7 @@ Then, under the **Configuration Settings** section, update the **oauth** and **o For **oauth**: - Select the following option: `plugin»oauth»register-on-auth` :::warning -When using `preferred_username` as the user identifier, ensure that the [Allow users to change username setting](https://docs.goauthentik.io/docs/sys-mgmt/settings#allow-users-to-change-username) is disabled to prevent authentication issues. You can configure DocuWiki to use either the `sub` or `preferred_username` as the UID field under `plugin»oauthgeneric»json-user`. The `sub` option uses a unique, stable identifier for the user, while `preferred_username` uses the username configured in authentik. +When using `preferred_username` as the user identifier, ensure that the [Allow users to change username setting](/docs/sys-mgmt/settings#allow-users-to-change-username) is disabled to prevent authentication issues. You can configure DocuWiki to use either the `sub` or `preferred_username` as the UID field under `plugin»oauthgeneric»json-user`. The `sub` option uses a unique, stable identifier for the user, while `preferred_username` uses the username configured in authentik. ::: For **oauthgeneric**: diff --git a/website/integrations/documentation/paperless-ng/index.md b/website/integrations/documentation/paperless-ng/index.md index 255e02e3ed..a4a3a97bd7 100644 --- a/website/integrations/documentation/paperless-ng/index.md +++ b/website/integrations/documentation/paperless-ng/index.md @@ -26,7 +26,7 @@ The following placeholders are used in this guide: This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application. ::: -Also set up your proxy server to use forward auth with paperless.company: https://docs.goauthentik.io/docs/add-secure-apps/providers/proxy/forward_auth/ +Also set up your proxy server to use forward auth with paperless.company: /docs/add-secure-apps/providers/proxy/forward_auth/ ## Paperless diff --git a/website/integrations/documentation/youtrack/index.md b/website/integrations/documentation/youtrack/index.md index 3d1e494ea9..6ecea1ac4d 100644 --- a/website/integrations/documentation/youtrack/index.md +++ b/website/integrations/documentation/youtrack/index.md @@ -38,7 +38,7 @@ To support the integration of YouTrack with authentik, you need to create an app - Set the **Entity ID** to `https://youtrack.company/admin/hub/`. - Set the **Service Provider Binding** to `Post`. - Under **Advanced protocol settings**, set an available signing key and make sure **Sign assertions** is toggled. - - Then, also under **Advanced protocol settings**, make sure **NameID Property Mapping** is set to `authentik default SAML Mapping: username`. Make sure the [Allow users to change username](https://docs.goauthentik.io/docs/sys-mgmt/settings#allow-users-to-change-username) setting is disabled to prevent authentication issues. + - Then, also under **Advanced protocol settings**, make sure **NameID Property Mapping** is set to `authentik default SAML Mapping: username`. Make sure the [Allow users to change username](/docs/sys-mgmt/settings#allow-users-to-change-username) setting is disabled to prevent authentication issues. - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page. 3. Click **Submit** to save the new application and provider. diff --git a/website/integrations/docusaurus.config.esm.mjs b/website/integrations/docusaurus.config.esm.mjs index ce10c5aabe..8184ed473b 100644 --- a/website/integrations/docusaurus.config.esm.mjs +++ b/website/integrations/docusaurus.config.esm.mjs @@ -1,6 +1,7 @@ /** * @file Docusaurus Integrations config. * + * @import { AKReleasesPluginOptions } from "@goauthentik/docusaurus-theme/releases/plugin" * @import { UserThemeConfig, UserThemeConfigExtra } from "@goauthentik/docusaurus-config"; * @import { Options as RedirectsPluginOptions } from "@docusaurus/plugin-client-redirects"; * @import { AKRedirectsPluginOptions } from "@goauthentik/docusaurus-theme/redirects/plugin" @@ -17,8 +18,11 @@ import { } from "@goauthentik/docusaurus-theme/config"; import { RewriteIndex } from "@goauthentik/docusaurus-theme/redirects"; import { parse } from "@goauthentik/docusaurus-theme/redirects/node"; +import { prepareReleaseEnvironment } from "@goauthentik/docusaurus-theme/releases/node"; import { remarkLinkRewrite } from "@goauthentik/docusaurus-theme/remark"; +const releaseEnvironment = prepareReleaseEnvironment(); + const __dirname = fileURLToPath(new URL(".", import.meta.url)); const packageStaticDirectory = resolve(__dirname, "static"); @@ -35,7 +39,7 @@ export default createDocusaurusConfig( experimental_faster: true, }, - url: "https://integrations.goauthentik.io", + url: releaseEnvironment.integrationsOrigin, //#region Preset @@ -50,9 +54,8 @@ export default createDocusaurusConfig( beforeDefaultRemarkPlugins: [ remarkLinkRewrite([ - // --- - ["/api", "https://api.goauthentik.io"], - ["/docs", "https://docs.goauthentik.io"], + ["/api", releaseEnvironment.apiReferenceOrigin], + ["/docs", releaseEnvironment.currentReleaseOrigin], ]), ], }, @@ -64,6 +67,14 @@ export default createDocusaurusConfig( //#region Plugins plugins: [ + [ + "@goauthentik/docusaurus-theme/releases/plugin", + /** @type {AKReleasesPluginOptions} */ ({ + docsDirectory: __dirname, + environment: releaseEnvironment, + }), + ], + // Inject redirects for later use during runtime, // such as navigating to non-existent page with the client-side router. diff --git a/website/integrations/infrastructure/apache-guacamole/index.mdx b/website/integrations/infrastructure/apache-guacamole/index.mdx index ee90d1f198..486a908e8a 100644 --- a/website/integrations/infrastructure/apache-guacamole/index.mdx +++ b/website/integrations/infrastructure/apache-guacamole/index.mdx @@ -49,7 +49,7 @@ To support the integration of Apache Guacamole with authentik, you need to creat It is recommended to create an admin account in Guacamole before configuring Single Sign-On to simplify the process. Create a user in Guacamole using the same username as in authentik and grant them admin permissions. This step is important to avoid losing access to the Guacamole admin settings, as you may need to revert your changes without it. :::warning -You can configure Apache Guacamole to use either the `sub` or `preferred_username` as the UID field under `user-name-attribute`. When using `preferred_username` as the user identifier, ensure that the [**Allow users to change username** setting](https://docs.goauthentik.io/docs/sys-mgmt/settings#allow-users-to-change-username) is disabled to prevent authentication issues. The `sub` option uses a unique, stable identifier for the user, while `preferred_username` uses the username configured in authentik. +You can configure Apache Guacamole to use either the `sub` or `preferred_username` as the UID field under `user-name-attribute`. When using `preferred_username` as the user identifier, ensure that the [**Allow users to change username** setting](/docs/sys-mgmt/settings#allow-users-to-change-username) is disabled to prevent authentication issues. The `sub` option uses a unique, stable identifier for the user, while `preferred_username` uses the username configured in authentik. ::: > -- From http://www.proftpd.org -This integration leverages authentik's LDAP for the identity provider to achieve an SSO experience. See [ldap provider generic setup](https://docs.goauthentik.io/docs/add-secure-apps/providers/ldap/generic_setup) for setting up the LDAP provider. +This integration leverages authentik's LDAP for the identity provider to achieve an SSO experience. See [ldap provider generic setup](/docs/add-secure-apps/providers/ldap/generic_setup) for setting up the LDAP provider. ## Preparation @@ -109,7 +109,7 @@ In this example, every user shares a single folder. If you want to have separate Additionally, note that each file will have Linux user and group ID `1000`. Beforehand, make sure that the respective Linux user exists (usually the first Linux user created receives ID `1000`). Check `/etc/passwd` and create a user if necessary. -If you do not set `LDAPForceDefaultUID`/`LDAPForceDefaultGID`, Authentik's `uidNumber` field will be used. If you do not set `LDAPGenerateHomedir`, Authentik's `homeDirectory` field will be used (`/home/$username`). For more information about default attributes provided by Authentik, refer to the [LDAP Provider documentation](https://docs.goauthentik.io/docs/add-secure-apps/providers/ldap). +If you do not set `LDAPForceDefaultUID`/`LDAPForceDefaultGID`, Authentik's `uidNumber` field will be used. If you do not set `LDAPGenerateHomedir`, Authentik's `homeDirectory` field will be used (`/home/$username`). For more information about default attributes provided by Authentik, refer to the [LDAP Provider documentation](/docs/add-secure-apps/providers/ldap). Make sure to read ProFTPD's [available LDAP options](http://www.proftpd.org/docs/contrib/mod_ldap.html). diff --git a/website/integrations/infrastructure/qnap-nas/index.md b/website/integrations/infrastructure/qnap-nas/index.md index 01299eaf61..f0f100f6d0 100644 --- a/website/integrations/infrastructure/qnap-nas/index.md +++ b/website/integrations/infrastructure/qnap-nas/index.md @@ -31,7 +31,7 @@ This documentation lists only the settings that you need to change from their de ::: Create an LDAP Provider if you don't already have one setup. -This guide assumes you will be running with TLS. See the [ldap provider docs](https://docs.goauthentik.io/docs/add-secure-apps/providers/ldap) for setting up SSL on the authentik side. +This guide assumes you will be running with TLS. See the [ldap provider docs](/docs/add-secure-apps/providers/ldap) for setting up SSL on the authentik side. Remember the `ldap.baseDN` you have configured for the provider as you'll need it in the sssd configuration. @@ -47,7 +47,7 @@ Max password length \<= 66 characters. ## Deployment -Create an outpost deployment for the provider you've created above, as described [here](https://docs.goauthentik.io/docs/add-secure-apps/outposts/). Deploy this Outpost either on the same host or a different host that your QNAP NAS can access. +Create an outpost deployment for the provider you've created above, as described [here](/docs/add-secure-apps/outposts/). Deploy this Outpost either on the same host or a different host that your QNAP NAS can access. The outpost will connect to authentik and configure itself. diff --git a/website/integrations/media/komga/index.md b/website/integrations/media/komga/index.md index c4b4e74dae..b77dbcce4a 100644 --- a/website/integrations/media/komga/index.md +++ b/website/integrations/media/komga/index.md @@ -49,7 +49,7 @@ All configuration options can be found in [Komga's OAuth2 Advanced configuration ::: :::warning -You can configure Komga to use either the `sub` or `preferred_username` as the UID field under `user-name-attribute`. When using `preferred_username` as the user identifier, ensure that the [**Allow users to change username** setting](https://docs.goauthentik.io/docs/sys-mgmt/settings#allow-users-to-change-username) is disabled to prevent authentication issues. The `sub` option uses a unique, stable identifier for the user, while `preferred_username` uses the username configured in authentik. +You can configure Komga to use either the `sub` or `preferred_username` as the UID field under `user-name-attribute`. When using `preferred_username` as the user identifier, ensure that the [**Allow users to change username** setting](/docs/sys-mgmt/settings#allow-users-to-change-username) is disabled to prevent authentication issues. The `sub` option uses a unique, stable identifier for the user, while `preferred_username` uses the username configured in authentik. ::: ```yml diff --git a/website/integrations/media/sonarr/index.md b/website/integrations/media/sonarr/index.md index a76492e182..6b41a73fa7 100644 --- a/website/integrations/media/sonarr/index.md +++ b/website/integrations/media/sonarr/index.md @@ -41,7 +41,7 @@ Create an application in authentik and select the provider you've created above. ## Deployment -Create an outpost deployment for the provider you've created above, as described [here](https://docs.goauthentik.io/docs/add-secure-apps/outposts/). Deploy this Outpost either on the same host or a different host that can access Sonarr. +Create an outpost deployment for the provider you've created above, as described [here](/docs/add-secure-apps/outposts/). Deploy this Outpost either on the same host or a different host that can access Sonarr. The outpost will connect to authentik and configure itself. diff --git a/website/integrations/miscellaneous/home-assistant/index.md b/website/integrations/miscellaneous/home-assistant/index.md index 3f25fcaa51..a1070a9bd7 100644 --- a/website/integrations/miscellaneous/home-assistant/index.md +++ b/website/integrations/miscellaneous/home-assistant/index.md @@ -113,7 +113,7 @@ To support the integration of Home Assistant using `hass-auth-headers` with auth 3. Click **Submit** to save the new application and provider. -4. Create an outpost deployment for the provider you've created above, as described [here](https://docs.goauthentik.io/docs/add-secure-apps/outposts/). Deploy this Outpost either on the same host or a different host that can access Home Assistant. The outpost will connect to authentik and configure itself. +4. Create an outpost deployment for the provider you've created above, as described [here](/docs/add-secure-apps/outposts/). Deploy this Outpost either on the same host or a different host that can access Home Assistant. The outpost will connect to authentik and configure itself. ## Home Assistant configuration diff --git a/website/integrations/monitoring/beszel/index.mdx b/website/integrations/monitoring/beszel/index.mdx index 804eb75b6e..92e5a74329 100644 --- a/website/integrations/monitoring/beszel/index.mdx +++ b/website/integrations/monitoring/beszel/index.mdx @@ -38,7 +38,7 @@ The steps to configure authentik include creating an application and provider pa - Note the **Client ID**, **Client Secret**, and **slug** values because they will be required later. - Set a `Strict` redirect URI to `https://beszel.company/api/oauth2-redirect`. - Select any available signing key. -- **Configure Bindings** _(optional):_ you can create a [binding](https://docs.goauthentik.io/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user’s \***\*My applications** \*_page_.\* +- **Configure Bindings** _(optional):_ you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user’s \***\*My applications** \*_page_.\* 3. Click **Submit** to save the new application and provider.