mirror of
https://github.com/goauthentik/authentik
synced 2026-04-25 17:15:26 +02:00
f1c09992bf
* website/docs: Add device group steps * Add windows and local device pages updates * Update website/docs/endpoint-devices/authentik-agent/device-authentication/device-access-groups.mdx Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update website/docs/endpoint-devices/authentik-agent/device-authentication/local-device-login/linux.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update website/docs/endpoint-devices/authentik-agent/device-authentication/local-device-login/linux.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update website/docs/endpoint-devices/authentik-agent/device-authentication/local-device-login/linux.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update website/docs/endpoint-devices/authentik-agent/device-authentication/local-device-login/linux.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update website/docs/endpoint-devices/authentik-agent/device-authentication/local-device-login/windows.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update website/docs/endpoint-devices/authentik-agent/device-authentication/local-device-login/windows.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update website/docs/endpoint-devices/authentik-agent/device-authentication/local-device-login/windows.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update website/docs/endpoint-devices/authentik-agent/device-authentication/local-device-login/windows.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * update --------- Signed-off-by: Connor Peshek <connor@connorpeshek.me> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
31 lines
1.6 KiB
Plaintext
31 lines
1.6 KiB
Plaintext
---
|
|
title: Device access groups
|
|
sidebar_label: Device access groups
|
|
tags: [authentik Agent, device authentication, device login, device groups]
|
|
authentik_version: "2025.12.0"
|
|
---
|
|
|
|
Device access groups control access to endpoint devices. You can organize devices into groups and bind users, user groups, and policies to determine which users can access the device.
|
|
|
|
:::warning
|
|
Device access groups are **required** for [local device login](./local-device-login/index.mdx) to work. If a device is not assigned to an access group with the appropriate bindings, all login attempts to that device will be denied.
|
|
:::
|
|
|
|
## Creating a device access group
|
|
|
|
To create a device access group, follow these steps:
|
|
|
|
1. Log in to authentik as an administrator and open the authentik Admin interface.
|
|
2. Navigate to **Endpoint Devices** > **Device Access Groups** and click **Create**.
|
|
3. Provide a **Group name** and click **Create**.
|
|
4. Expand the newly created device access group.
|
|
5. Click either **Create and bind Policy** or **Bind existing Policy / Group / User**.
|
|
6. Once you've configured the desired access for the device access group, click **Finish**.
|
|
|
|
## Assigning devices to an access group
|
|
|
|
After creating a device access group, you need to assign devices to it. There are two ways to do this:
|
|
|
|
- **During enrollment**: When creating an enrollment token, select the device access group in the **Device group** field. Any device that enrolls with this token is automatically added to the group.
|
|
- **After enrollment**: Navigate to **Endpoint Devices** > **Devices**, edit the device, and set the **Access group** field to the desired device access group.
|