eliott/authentik
1
0
Fork 0
mirror of https://github.com/goauthentik/authentik synced 2026-04-27 09:57:31 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e7fcfb7e67d5df3e8a8a5da170f18fa4c6b98731
authentik/website/docs/endpoint-devices/authentik-agent/configuration.md
Teffen Ellis 6ed5cb5249 website/docs: Modal and wizard button labels (#21549) 
* website/integrations: rename "Create with Provider" to "New Application"

The application list page now uses a split-button labeled
"New Application" instead of the old "Create with Provider" dropdown.
Update all 113 integration guides to match.

* website/docs: update flow, stage, and policy button labels

- "Create" → "New Flow", "New Stage", "New Policy" for trigger buttons
- "Finish" → "Create Flow", "Create Stage", "Create Policy" for submit
- "Create and bind stage" → "New Stage" / "Bind Existing Stage"
- "Create" (binding submit) → "Create Stage Binding"

* website/docs: update provider button labels

- "Create" → "New Provider" for trigger buttons
- "Create with Provider" → "New Application" in RAC docs
- "Create" → "New Property Mapping", "New RAC Endpoint", "New Prompt"
  for related entity creation

* website/docs: update directory button labels

- "Create" → "New Source" for federation/social login pages
- "Create" → "New Role", submit → "Create Role"
- "Create" → "New Invitation"
- Policy binding submit → "Create Policy Binding"

* website/docs: update endpoint device and system management button labels

- "Create" → "New Endpoint Connector", "New Enrollment Token",
  "New Device Access Group", "New Flow"
- Submit → "Create Device Access Group"
- "Create" → "New Notification Rule", "New Notification Transport"
- Binding submit → "Create Policy Binding"

* Reorganize policy documentation

* website/docs: address policy docs review feedback

* post-rebase

* website/docs: Reorganize policy documentation -- Revisions (#21601)

* apply suggestions

* Fix escaped.

* Fix whitespace.

* Update button label.

* Fix phrasing.

* Fix phrasing.

* Clean up stragglers.

* Format.

---------

Co-authored-by: Dominic R <dominic@sdko.org>
2026-04-16 17:35:38 +00:00

3.8 KiB
Raw Blame History

title, sidebar_label, tags, authentik_version
title sidebar_label tags authentik_version
Configuration Configuration
authentik Agent
connector
configure
configuration
2025.12.0

Before deploying the authentik Agent, configure your authentik deployment. This involves:

Create and apply an OAuth device code flow

The OAuth device code flow enables secure authentication for input-limited clients like CLI tools and is required for the authentik Agent to function.

If you have already deployed the authentik OAuth device code flow, skip to the next section.

  1. Log in to authentik as an administrator and open the authentik Admin interface.
  2. Navigate to Flows and Stages > Flows and click New Flow.
  3. Set the following required configurations:
    • Name: provide a name (e.g. default-device-code-flow)
    • Title: provide a title (e.g. Device code flow)
    • Slug: provide a slug (e.g default-device-code-flow)
    • Designation: Stage Configuration
    • Authentication: Require authentication
  4. Click Create.
  5. Navigate to System > Brands and click the Edit icon on the default brand.
  6. Set Default code flow to the newly created device code flow and click Update.

Create an application and provider in authentik for CLI

The authentik Agent requires an OAuth application/provider pair to handle authentication.

  1. Log in to authentik as an administrator and open the authentik Admin interface.

  2. Navigate to Applications > Applications and click New Application to open the application wizard. Alternatively, you can first create a provider separately, then create the application and connect it to the provider.

    • Application: set the Name and Slug to authentik-cli, and provide an optional group for the type of application, the policy engine mode, and optional UI settings.
    • Choose a Provider type: select OAuth2/OpenID Connect as the provider type.
    • Configure the Provider: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
      • Set the Client type to Public.
      • Set the Client ID to authentik-cli.
      • Select any available signing key.
      • Under Advanced protocol settings:
        • In addition to the three default Selected Scopes, add the authentik default OAuth Mapping: OpenID 'offline_access' scope.
    • Configure Bindings (optional): you can create a binding (policy, group, or user) to manage access to the application.

  3. Click Submit to save the new application and provider.

Create the authentik Agent connector

The authentik Agent Connector allows device information to be reported to authentik.

  1. Log in to authentik as an administrator and open the authentik Admin interface.
  2. Navigate to Endpoint Devices > Connectors and click New Endpoint Connector.
  3. Select Agent Connector as the agent type and click Next.
  4. Configure the following required settings:
    • Connector name: provide a descriptive name (e.g. authentik Agent)
    • Refresh interval: select how often the agent will attempt to update its configuration.
    • Enabled: toggle to enable the connector.
    • Under Authentication settings:
      • Federated OIDC Providers: add the authentik-cli provider that you created in the previous section.
  5. Click Finish.
Reference in New Issue View Git Blame Copy Permalink