website: Use Docusaurus Frontmatter for badges (#12893)

website/docs: Reduce redundant usage of badges. Move badge logic to components.

- Fix JSX class name warning.
- Remove duplicate titles.
- Flesh out `support_level` frontmatter.

website/docs/users-sources/groups/group_ref.md

@@ -13,4 +13,4 @@ The Group object has the following properties:
 
 ## Attributes
 
-See [the user reference](../user/user_ref.md#attributes) for well-known attributes.
+See [the user reference](../user/user_ref.mdx#attributes) for well-known attributes.

website/docs/users-sources/groups/index.mdx

@@ -3,7 +3,7 @@ title: About groups
 description: Learn about groups in authentik
 ---
 
-For information about creating and editing groups refer to [Manage groups](./manage_groups.md).
+For information about creating and editing groups refer to [Manage groups](./manage_groups.mdx).
 
 ## Hierarchy
 

website/docs/users-sources/groups/manage_groups.mdx

@@ -43,7 +43,7 @@ To delete a group, follow these steps:
 
 You can assign a role to a group, and then all users in the group inherit the permissions assigned to that role. For instructions and more information, see [Assign a role to a group](../roles/manage_roles.md#assign-a-role-to-a-group).
 
-## Delegating group member management <span class="badge badge--version">authentik 2024.4+</span>
+## Delegating group member management:ak-version[2024.4]
 
 To give a specific Role or User the ability to manage group members, the following permissions need to be granted on the matching Group object:
 

website/docs/users-sources/sources/directory-sync/active-directory/index.md

@@ -1,9 +1,8 @@
 ---
 title: Active Directory
+support_level: community
 ---
 
-<span class="badge badge--secondary">Support level: Community</span>
-
 ## Preparation
 
 The following placeholders are used in this guide:

website/docs/users-sources/sources/directory-sync/freeipa/index.md

@@ -1,9 +1,8 @@
 ---
 title: FreeIPA
+support_level: community
 ---
 
-<span class="badge badge--secondary">Support level: Community</span>
-
 ## Preparation
 
 The following placeholders are used in this guide:

website/docs/users-sources/sources/index.md

@@ -8,7 +8,7 @@ Sources allow you to connect authentik to an external user directory. Sources ca
 
 Sources are in the following general categories:
 
-- **Protocols** ([Kerberos](./protocols/kerberos/index.md), [LDAP](./protocols/ldap/index.md), [OAuth](./protocols/oauth/index.md), [SAML](./protocols/saml/index.md), and [SCIM](./protocols/scim/index.md))
+- **Protocols** ([Kerberos](./protocols/kerberos/index.md), [LDAP](./protocols/ldap/index.md), [OAuth](./protocols/oauth/index.mdx), [SAML](./protocols/saml/index.md), and [SCIM](./protocols/scim/index.md))
 - [**Property mappings**](./property-mappings/index.md) or how to import data from a source
 - **Directory synchronization** (Active Directory, FreeIPA)
 - **Social logins** (Apple, Discord, Twitch, Twitter, and many others)

website/docs/users-sources/sources/property-mappings/expressions.md

@@ -16,6 +16,6 @@ import Objects from "../../../expressions/\_objects.md";
 
 ## Available Functions
 
-import Functions from "../../../expressions/\_functions.md";
+import Functions from "../../../expressions/\_functions.mdx";
 
 <Functions />

website/docs/users-sources/sources/property-mappings/index.md

@@ -8,7 +8,7 @@ This page is an overview of how property mappings work. For information about sp
 
 - [Kerberos](../protocols/kerberos/#kerberos-source-property-mappings)
 - [LDAP](../protocols/ldap/index.md#ldap-source-property-mappings)
-- [OAuth](../protocols/oauth/index.md#oauth-source-property-mappings)
+- [OAuth](../protocols/oauth/index.mdx#oauth-source-property-mappings)
 - [SAML](../protocols/saml/index.md#saml-source-property-mappings)
 - [SCIM](../protocols/scim/index.md#scim-source-property-mappings)
 
@@ -36,7 +36,7 @@ return {
 }
 ```
 
-You can see that the expression returns a Python dictionary. The dictionary keys must match [User properties](../../user/user_ref.md#object-properties) or [Group properties](../../groups/group_ref.md#object-properties). Note that for users, `ak_groups` and `group_attributes` cannot be set.
+You can see that the expression returns a Python dictionary. The dictionary keys must match [User properties](../../user/user_ref.mdx#object-properties) or [Group properties](../../groups/group_ref.md#object-properties). Note that for users, `ak_groups` and `group_attributes` cannot be set.
 
 See each source documentation for a reference of the available data. See the authentik [expressions documentation](./expressions.md) for available data and functions.
 

website/docs/users-sources/sources/protocols/kerberos/index.md

@@ -1,10 +1,7 @@
 ---
 title: Kerberos
----
-
-<span class="badge badge--preview">Preview</span>
-<span class="badge badge--version">authentik 2024.10+</span>
-
+authentik_preview: true
+authentik_version: "2024.10"
 ---
 
 This source allows users to enroll themselves with an existing Kerberos identity.

website/docs/users-sources/sources/protocols/oauth/index.mdx

@@ -14,7 +14,7 @@ This source allows users to enroll themselves with an external OAuth-based Ident
 
     Starting with authentik 2022.10, the default scopes can be replaced by prefix the value for scopes with `*`.
 
-### OpenID Connect <span class="badge badge--version">authentik 2022.6+</span>
+### OpenID Connect
 
 #### Well-known
 

website/docs/users-sources/sources/social-logins/apple/index.md

@@ -1,9 +1,8 @@
 ---
 title: Apple
+support_level: authentik
 ---
 
-<span class="badge badge--primary">Support level: authentik</span>
-
 Allows users to authenticate using their Apple ID.
 
 ## Preparation

website/docs/users-sources/sources/social-logins/azure-ad/index.mdx

@@ -1,9 +1,8 @@
 ---
 title: Azure AD
+support_level: community
 ---
 
-<span class="badge badge--secondary">Support level: Community</span>
-
 ## Preparation
 
 The following placeholders are used in this guide:
@@ -112,9 +111,9 @@ return True
 
 Try to login with a **_new_** user. You should see no prompts and the user should have the correct information.
 
-### Machine-to-machine authentication <span class="badge badge--version">authentik 2024.12+</span>
+### Machine-to-machine authentication:ak-version[2024.12]
 
-If using [Machine-to-Machine](../../../../add-secure-apps/providers/oauth2/client_credentials.md#jwt-authentication) authentication, some specific steps need to be considered.
+If using [Machine-to-Machine](../../../../add-secure-apps/providers/oauth2/client_credentials.mdx#jwt-authentication) authentication, some specific steps need to be considered.
 
 When getting the JWT token from Azure AD, set the scope to the Application ID URI, and _not_ the Graph URL; otherwise the JWT will be in an invalid format.
 

website/docs/users-sources/sources/social-logins/discord/index.md

@@ -1,9 +1,8 @@
 ---
 title: Discord
+support_level: authentik
 ---
 
-<span class="badge badge--primary">Support level: authentik</span>
-
 Allows users to authenticate using their Discord credentials
 
 ## Preparation
@@ -162,13 +161,13 @@ Ensure that the Discord OAuth source in **Federation & Social login** has the ad
 :::
 
 :::info
-Any authentik role that you want to sync with a Discord role needs to have the **attribute** `discord_role_id` with a value of the Discord role's ID set.  
-This setting can be found under `Authentik > Admin Interface > Directory > Groups > YOUR_GROUP > Attributes`  
+Any authentik role that you want to sync with a Discord role needs to have the **attribute** `discord_role_id` with a value of the Discord role's ID set.
+This setting can be found under `Authentik > Admin Interface > Directory > Groups > YOUR_GROUP > Attributes`
 Example: `discord_role_id: "<ROLE ID>"`
 :::
 
-The following two policies allow you to synchronize roles in a Discord guild with roles in authentik.  
-Whenever a user enrolls or signs in to authentik via a Discord source, these policies will check the user's Discord roles and apply the user's authentik roles accordingly.  
+The following two policies allow you to synchronize roles in a Discord guild with roles in authentik.
+Whenever a user enrolls or signs in to authentik via a Discord source, these policies will check the user's Discord roles and apply the user's authentik roles accordingly.
 All roles with the attribute `discord_role_id` defined will be added or removed depending on whether the user is a member of the defined Discord role.
 
 Create a new **Expression Policy** with the content below, adjusting the variables where required.

website/docs/users-sources/sources/social-logins/facebook/index.md

@@ -1,9 +1,8 @@
 ---
 title: Facebook
+support_level: community
 ---
 
-<span class="badge badge--secondary">Support level: Community</span>
-
 Adding Facebook as a source allows users to authenticate through authentik using their Facebook credentials.
 
 ## Preparation

website/docs/users-sources/sources/social-logins/github/index.mdx

@@ -1,9 +1,8 @@
 ---
 title: Github
+support_level: authentik
 ---
 
-<span class="badge badge--primary">Support level: authentik</span>
-
 Allows users to authenticate using their Github credentials
 
 ## Preparation
@@ -50,7 +49,7 @@ Save, and you now have Github as a source.
 For more details on how-to have the new source display on the Login Page see [here](../../index.md#add-sources-to-default-login-page).
 :::
 
-### Checking for membership of a GitHub Organisation <span class="badge badge--version">authentik 2021.12.5.+</span>
+### Checking for membership of a GitHub Organisation
 
 To check if the user is member of an organisation, you can use the following policy on your flows:
 

website/docs/users-sources/sources/social-logins/google/cloud/index.md

@@ -2,10 +2,9 @@
 title: Google Cloud (with OAuth)
 sidebar_label: Google Cloud (OAuth)
 tags: [integration, oauth, google]
+support_level: community
 ---
 
-<span class="badge badge--secondary">Support level: Community</span>
-
 Allows users to authenticate using their Google credentials
 
 ## Preparation

website/docs/users-sources/sources/social-logins/google/workspace/index.md

@@ -2,10 +2,9 @@
 title: Google Workspace (with SAML)
 sidebar_label: Google Workspace (SAML)
 tags: [integration, saml, google]
+support_level: authentik
 ---
 
-<span className="badge badge--primary">Support level: authentik</span>
-
 This topic covers configuring authentik to authenticate users with their Google Workspace credentials.
 
 ## What is Google Workspace?

website/docs/users-sources/sources/social-logins/mailcow/index.md

@@ -1,9 +1,8 @@
 ---
 title: Mailcow
+support_level: community
 ---
 
-<span class="badge badge--secondary">Support level: Community</span>
-
 Allows users to authenticate using their Mailcow credentials
 
 ## Preparation

website/docs/users-sources/sources/social-logins/plex/index.md

@@ -1,9 +1,8 @@
 ---
 title: Plex
+support_level: community
 ---
 
-<span class="badge badge--secondary">Support level: Community</span>
-
 Allows users to authenticate using their Plex credentials
 
 ## Preparation

website/docs/users-sources/sources/social-logins/twitch/index.md

@@ -1,9 +1,8 @@
 ---
 title: Twitch
+support_level: community
 ---
 
-<span class="badge badge--secondary">Support level: Community</span>
-
 Allows users to authenticate using their Twitch credentials
 
 ## Preparation

website/docs/users-sources/sources/social-logins/twitter/index.md

@@ -1,9 +1,8 @@
 ---
 title: Twitter
+support_level: authentik
 ---
 
-<span class="badge badge--primary">Support level: authentik</span>
-
 Allows users to authenticate using their twitter credentials
 
 ## Preparation

website/docs/users-sources/user/index.mdx

@@ -6,7 +6,7 @@ import DocCardList from "@theme/DocCardList";
 
 In authentik you can create and manage users with fine-tuned access control, session and event details, group membership, super-user rights, impersonation, and password management and recovery.
 
-To learn more about Enterprise licenses with internal and external users, refer to our [Enterprise documentation](../../enterprise/manage-enterprise.md#about-users-and-licenses).
+To learn more about Enterprise licenses with internal and external users, refer to our [Enterprise documentation](../../enterprise/manage-enterprise.mdx#about-users-and-licenses).
 
 To learn more about working with users in authentik, refer to the following topics:
 

website/docs/users-sources/user/user_basic_operations.md

@@ -30,7 +30,7 @@ The following topics are for the basic management of users: how to create, modif
 You should see a confirmation pop-up on the top-right of the screen that the user has been created, and see the new user in the user list. You can directly click the username if you want to [modify your user](./user_basic_operations#modify-a-user).
 
 :::info
-To create a super-user, you need to add the user to a group that has super-user permissions. For more information, refer to [Create a Group](../groups/manage_groups.md#create-a-group).
+To create a super-user, you need to add the user to a group that has super-user permissions. For more information, refer to [Create a Group](../groups/manage_groups.mdx#create-a-group).
 :::
 
 ### View user details
@@ -48,7 +48,7 @@ To view details about a specific user:
 - **Session** shows the active sessions established by the user. If there is any need, you can clean up the connected devices for a user by selecting the device(s) and then clicking **Delete**. This forces the user to authenticate again on the deleted devices.
 - **Groups** allows you to manage the group membership of the user. You can find more details on [groups](../groups/index.mdx).
 - **User events** displays all the events generated by the user during a session, such as login, logout, application authorisation, password reset, user info update, etc.
-- **Explicit consent** lists all the permissions the user has given explicitly to an application. Entries will only appear if the user is validating an [explicit consent flow in an OAuth2 provider](../../add-secure-apps/providers/oauth2/index.md). If you want to delete the explicit consent (because the application is requiring new permissions, or the user has explicitly asked to reset his consent on third-party apps), select the applications and click **Delete**. The user will be asked to again give explicit consent to share information with the application.
+- **Explicit consent** lists all the permissions the user has given explicitly to an application. Entries will only appear if the user is validating an [explicit consent flow in an OAuth2 provider](../../add-secure-apps/providers/oauth2/index.mdx). If you want to delete the explicit consent (because the application is requiring new permissions, or the user has explicitly asked to reset his consent on third-party apps), select the applications and click **Delete**. The user will be asked to again give explicit consent to share information with the application.
 - **OAuth Refresh Tokens** lists all the OAuth tokens currently distributed. You can remove the tokens by selecting the applications and then clicking **Delete**.
 - **MFA Authenticators** shows all the authentications that the user has registered to their user profile. You can remove the tokens if the user has lost their authenticator and want to enroll a new one.
 

website/docs/users-sources/user/user_ref.mdx

@@ -14,7 +14,7 @@ The User object has the following properties:
 - `is_active` Boolean field if user is active.
 - `date_joined` Date user joined/was created.
 - `password_change_date` Date password was last changed.
-- `path` User's path, see [Path](#path-authentik-20227)
+- `path` User's path, see [Path](#path)
 - `attributes` Dynamic attributes, see [Attributes](#attributes)
 - `group_attributes()` Merged attributes of all groups the user is member of and the user's own attributes.
 - `ak_groups` This is a queryset of all the user's groups.
@@ -42,7 +42,7 @@ for group in user.ak_groups.all():
     yield group.name
 ```
 
-## Path <span class="badge badge--version">authentik 2022.7+</span>
+## Path
 
 Paths can be used to organize users into folders depending on which source created them or organizational structure. Paths may not start or end with a slash, but they can contain any other character as path segments. The paths are currently purely used for organization, it does not affect their permissions, group memberships, or anything else.