Clarify that the OAuth2 provider Signing Key field is optional and that authentik signs JWTs with the provider Client secret when no signing key is set.
Closes: https://github.com/goauthentik/authentik/issues/4824
Refine the machine-to-machine authentication page, align examples and inline formatting with the docs style guide, and replace the small event logging table with a list.
* rough draft
* more content, still drafty
* wow the Consent stage is interesting
* figured out consent policy binding
* more content
* tweak
* add steps to create Consent stage
* add to sidebar, more procedural content
* tested steps, more polish
* fixed mangled section
* work on user interface doc
* tweak to App paassword section
* tweaks about App passwords
* more mfa content
* tweaks
* website/docs/add-secure-apps/flows-stages/stages/consent/index.md
* fix link
* add info about recovery flow, tweaks
* removed/reworded talk of custom flows
* dominic edits
* rest of dominic's edits
* more excellent edits by dominic
* more dominc edits
* another edit
* more edits, restored unwanted files
* tweaks
* tweak to a preposition
* jens edits
* removed unrelated change to cspell file
* Apply suggestion from @BeryJu
Signed-off-by: Jens L. <jens@beryju.org>
* Jens edits
* two missed edits
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Jens L. <jens@goauthentik.io>
* Use `extract_client_auth` which can get client id from either HTTP
Authorization header or POST body
* Update documentation to reflect allow sending client id via header
* Add tests for using HTTP Basic Auth to pass in client id
* website/docs: Custom CSS
* Revise.
* Fix paths.
* Update links.
* Update header capitalization
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
* first draft
* add table of parms
* tweak
* add section about certs
* a little more content
* more info on wa
* new procedurla file and edit sidebar
* tweaks
* dewi and jens edits
* tweak to remove bullet
* add docs link to the Rel Notes
* dewi edits thx
* ooops missed that last edit
* new first steps docs
* moved email config up to match Docker
* first draft
* moved sections and retitled some
* more content, tweaks
* dewis edits
* added Dewi ideas, more content, tweaks
* more content, green tips, other fixes
* Optimised images with calibre/image-actions
* Optimised images with calibre/image-actions
* Optimised images with calibre/image-actions
* conflicts?
* dominic's eedits, more content
* another fine Dominic edit
* more dewi and dominic edits, links
* a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* tweaks
* thanks Teffen
* new styles, more content
* few more dominic edits, tweaks
* formatting fights on tips
* fix some alignments
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* changes from Jens
* work on bindings docs that was needed for the first steps docs
* links, more tweaks
* more edits, more TODOs done
* add mermaid diagram, more links, more content
* fix sidebar, tweaks
* tweak
* more link fixing
* fix heading size
* more dewi and dominic edits
* more dewi and dominic edits
* teffen enhancements yay and more bindings rearchitecting
* added note about stage bindings being the only type of binding that you can bind to yeehaw
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* website/docs: Update location of media storage and outdated references
* lint
* Add content-type header info
* Apply suggestion from @dominic-r
Signed-off-by: Dominic R <dominic@sdko.org>
---------
Signed-off-by: Dominic R <dominic@sdko.org>
Co-authored-by: dewi-tik <dewi@goauthentik.io>
* providers/scim: modify user- and group syncing behavior
rename filtergroup to groupfilters and allow multiple values
only sync groups which are in the scimprovider's attribute \"group_filters\"
only sync users which are entitled to view the scimprovider's application
* Update authentik/providers/scim/api/providers.py
Signed-off-by: Immanuel von Neumann <45020096+ImmanuelVonNeumann@users.noreply.github.com>
* fix(authentik/scim): update schema.yml and test name
* merge migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* providers/scim: fix linting
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* filter eagerly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Immanuel von Neumann <45020096+ImmanuelVonNeumann@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* Update filenames, sidebar and redirect. Rework overview doc
* WIP
* Spelling
* Move info box
* WIP
* Update create-gws-provider.md
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Small tweaks
* Add note about key creation
* Update website/docs/add-secure-apps/providers/gws/configure-gws.md
Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Add delegated user permissions
* Update configure-gws.md
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Fix link and section naming
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Update configure-gws.md
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Update website/docs/add-secure-apps/providers/gws/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Update website/docs/add-secure-apps/providers/gws/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Headers
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
* Update docs, remove all images
* Move service account step
* Remove commas
* Minor improvements
* Table language improved
* Group table language improvements
* Fix stage capitalization
* Language
* Update file name, sidebar and redirect
* Add links
* Swap headers
* Update file to mdx
* Apply suggestions from code review
Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
Fix example for `app_entitlements_attributes`.
Fix example Python code for `app_entitlements_attributes`.
Signed-off-by: Sebastian Wiesinger <sebastian@karotte.org>
* Updates m2m doc, add mention to proxy provider about finding logs, updates filename/links/redirects
* Apply suggestions from code review
Co-authored-by: Jens L. <jens@goauthentik.io>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Prettier
* wip
* Removed section and changed some wording
* Add section
* Update website/docs/add-secure-apps/providers/proxy/index.md
Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
