eliott/authentik
1
0
Fork 0
mirror of https://github.com/goauthentik/authentik synced 2026-04-28 02:18:11 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e7fcfb7e67d5df3e8a8a5da170f18fa4c6b98731
authentik/website/docs/sys-mgmt/brands/index.md
Teffen Ellis 6ed5cb5249 website/docs: Modal and wizard button labels (#21549) 
* website/integrations: rename "Create with Provider" to "New Application"

The application list page now uses a split-button labeled
"New Application" instead of the old "Create with Provider" dropdown.
Update all 113 integration guides to match.

* website/docs: update flow, stage, and policy button labels

- "Create" → "New Flow", "New Stage", "New Policy" for trigger buttons
- "Finish" → "Create Flow", "Create Stage", "Create Policy" for submit
- "Create and bind stage" → "New Stage" / "Bind Existing Stage"
- "Create" (binding submit) → "Create Stage Binding"

* website/docs: update provider button labels

- "Create" → "New Provider" for trigger buttons
- "Create with Provider" → "New Application" in RAC docs
- "Create" → "New Property Mapping", "New RAC Endpoint", "New Prompt"
  for related entity creation

* website/docs: update directory button labels

- "Create" → "New Source" for federation/social login pages
- "Create" → "New Role", submit → "Create Role"
- "Create" → "New Invitation"
- Policy binding submit → "Create Policy Binding"

* website/docs: update endpoint device and system management button labels

- "Create" → "New Endpoint Connector", "New Enrollment Token",
  "New Device Access Group", "New Flow"
- Submit → "Create Device Access Group"
- "Create" → "New Notification Rule", "New Notification Transport"
- Binding submit → "Create Policy Binding"

* Reorganize policy documentation

* website/docs: address policy docs review feedback

* post-rebase

* website/docs: Reorganize policy documentation -- Revisions (#21601)

* apply suggestions

* Fix escaped.

* Fix whitespace.

* Update button label.

* Fix phrasing.

* Fix phrasing.

* Clean up stragglers.

* Format.

---------

Co-authored-by: Dominic R <dominic@sdko.org>
2026-04-16 17:35:38 +00:00

93 lines
5.0 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
title: Brands
slug: /brands
sidebar_label: Overview
---
As an authentik administrator, you can customize your instance's appearance and behavior using brands. Brands apply to a single domain, a domain wildcard, or can be set as default, in which case the brand will be applied when no other brand matches the domain.
For an overview of branding and other customization options in authentik refer to [Customize your instance](../../customize/index.md).
## Create or edit a brand
To create or edit a brand, follow these steps:
1. Log in as an administrator, open the authentik Admin interface, and navigate to **System** > **Brands**.
2. Click **Create** to add a new brand, or click the **Edit** icon next to an existing brand to modify it.
3. Define the configurations in the following settings:
### Branding settings
The brand settings define the visual identity of the brand, including:
- **Branding title**: Displayed in the browser tab (document title) and throughout the UI.
- **Logo**: Displayed in the upper-left corner.
- **Favicon**: Shown on the browser tab.
- **Default flow background** :ak-version[2025.4]: Default background image for the flow executor. See [Flow configuration options](../../add-secure-apps/flows-stages/flow/index.md#flow-configuration-options) to override this image on a per-flow basis.
- **Custom CSS** :ak-version[2025.4]: Add custom CSS to further customize the look of authentik. See [Custom CSS documentation](./custom-css.mdx) for more information.
Logo, favicon, and default flow background use the shared file picker. See [File picker values](../../customize/file-picker.md).
### External user settings
You can configure authentik to redirect external users to a default application after they log in (if they weren't originally redirected from a specific application). To do this:
1. Open the authentik Admin interface and navigate to **System** > **Brands**.
2. Click the **Edit** icon for the relevant brand.
3. Under **External user settings** select a **Default application**.
### Default flows
You can explicitly select, in your instance's Brand settings, the _default flows_ to use for the current brand. You can optionally configure these default flows ([learn more about each default flow](../../add-secure-apps/flows-stages/flow/examples/default_flows.md)):
- **Authentication** flow: the flow used to authenticate users. If left empty, the first applicable flow sorted by the slug is used.
- **Invalidation flow**: for typical use cases, select the `default-invalidation-flow` (Logout) flow. This flow logs the user out of authentik when the application session ends (user logs out of the app).
- **Recovery flow**: if set, the user can access an option to recover their login credentials.
- **Unenrollment flow**: if set, users are able to unenroll themselves using this flow. If no flow is set, option is not shown.
- **User settings flow**: if set, users are able to configure details of their profile.
- **Device code flow**: if set, the OAuth Device Code profile can be used, and the selected flow will be used to enter the code.
If a default flow is _not_ set in the brand, then authentik selects any flow that:
- matches the required designation
- comes first sorted by slug
- is allowed by policies
This means that if you want to select a default flow based on policy, you can leave the brand default empty.
## Other global settings
#### Web Certificate
The **Web Certificate** option can be used to configure which certificate authentik uses when its accessed directly via HTTPS (via port 9443).
#### Client Certificates:ak-version[2025.4]
When using the [Mutual TLS Stage](../../add-secure-apps/flows-stages/stages/mtls/index.md) and accessing authentik directly, this setting specifies which certificate authorities are trusted to issue client certificates.
#### Attributes
Attributes such as locale, theme settings (light/dark mode), and custom attributes can be set to a per-brand default value here. Any custom attributes can be retrieved via [`group_attributes()`](../../users-sources/user/user_ref.mdx#object-properties).
## Image optimization
When you use images and icons for a brand's logo, favicon, etc., be aware of the following optimization tips:
- Use an SVG version of the image.
- Trim excess whitespace from around the logo. You can use an SVG editor such as Inkscape, Sketch, or Adobe Illustrator.
- Adjust the viewBox: Ensure the SVGs `viewBox` attribute tightly wraps the actual logo content. This helps in scaling the logo appropriately.
- Remove fixed dimensions: delete any fixed width and height attributes from the SVG. This allows the logo to scale responsively within its container.
- Check if your SVG needs `preserveAspectRatio` to retain its shape when resized.
- Wordmark logos: aim for an aspect ratio of approximately 7:1 (width to height).
- Icon logos: use a 1:1 aspect ratio, ensuring the icon fills the entire viewBox and is centered.
- The SVG tool [SVGOMG](https://svgomg.net/) is useful for trimming any excess metadata that might affect how the browser rasterizes the image.
Reference in New Issue View Git Blame Copy Permalink