mirror of
https://github.com/goauthentik/authentik
synced 2026-04-27 09:57:31 +02:00
6ed5cb5249
* website/integrations: rename "Create with Provider" to "New Application" The application list page now uses a split-button labeled "New Application" instead of the old "Create with Provider" dropdown. Update all 113 integration guides to match. * website/docs: update flow, stage, and policy button labels - "Create" → "New Flow", "New Stage", "New Policy" for trigger buttons - "Finish" → "Create Flow", "Create Stage", "Create Policy" for submit - "Create and bind stage" → "New Stage" / "Bind Existing Stage" - "Create" (binding submit) → "Create Stage Binding" * website/docs: update provider button labels - "Create" → "New Provider" for trigger buttons - "Create with Provider" → "New Application" in RAC docs - "Create" → "New Property Mapping", "New RAC Endpoint", "New Prompt" for related entity creation * website/docs: update directory button labels - "Create" → "New Source" for federation/social login pages - "Create" → "New Role", submit → "Create Role" - "Create" → "New Invitation" - Policy binding submit → "Create Policy Binding" * website/docs: update endpoint device and system management button labels - "Create" → "New Endpoint Connector", "New Enrollment Token", "New Device Access Group", "New Flow" - Submit → "Create Device Access Group" - "Create" → "New Notification Rule", "New Notification Transport" - Binding submit → "Create Policy Binding" * Reorganize policy documentation * website/docs: address policy docs review feedback * post-rebase * website/docs: Reorganize policy documentation -- Revisions (#21601) * apply suggestions * Fix escaped. * Fix whitespace. * Update button label. * Fix phrasing. * Fix phrasing. * Clean up stragglers. * Format. --------- Co-authored-by: Dominic R <dominic@sdko.org>
94 lines
4.1 KiB
Markdown
94 lines
4.1 KiB
Markdown
---
|
|
title: Integrate with Frappe/ERPNext
|
|
sidebar_label: Frappe
|
|
support_level: community
|
|
---
|
|
|
|
:::info
|
|
These instructions apply to all projects in the Frappe Family, including ERPNext.
|
|
:::
|
|
|
|
## What is Frappe
|
|
|
|
> Frappe is a full stack, batteries-included, web framework written in Python and JavaScript.
|
|
>
|
|
> -- https://frappe.io/
|
|
|
|
## Preparation
|
|
|
|
The following placeholders are used in this guide:
|
|
|
|
- `frappe.company` is the FQDN of the Frappe installation.
|
|
- `authentik.company` is the FQDN of the authentik installation.
|
|
- `provider` is the name for the social login provider in Frappe.
|
|
|
|
:::info
|
|
This documentation only lists the settings that have been changed from their default values. Please verify your changes carefully to avoid any issues accessing your application.
|
|
:::
|
|
|
|
## authentik configuration
|
|
|
|
To support the integration of Frappe with authentik, you need to create an application/provider pair in authentik.
|
|
|
|
### Create an application and provider in authentik
|
|
|
|
1. Log in to authentik as an administrator and open the authentik Admin interface.
|
|
2. Navigate to **Applications** > **Applications** and click **New Application** to open the application wizard.
|
|
|
|
- **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings.
|
|
- **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
|
|
- **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
|
|
- Note the **Client ID**, **Client Secret**, and **slug** values because they will be required later.
|
|
- Set a `Strict` redirect URI to `https://frappe.company/api/method/frappe.integrations.oauth2_logins.custom/<provider-name>`. Replace `<provider-name>` with the name of the provider in Frappe.
|
|
- Select any available signing key.
|
|
- Under **Advanced protocol settings**, set **Subject mode** to be `Based on the Users's username`.
|
|
- **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/bindings-overview/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
|
|
|
|
3. Click **Submit** to save the new application and provider.
|
|
|
|
## Frappe configuration
|
|
|
|
1. **Navigate to Integrations**
|
|
- From the Frappe main menu, go to **Integrations** and then select **Social Login Key**.
|
|
|
|
2. **Add a New Social Login Key**
|
|
- Click the black **+ New** button in the top-right corner.
|
|
|
|
|
|
3. **Enter the Required Settings**
|
|
- **Client Credentials**
|
|
- **Enable Social Login**: Turn the toggle to the **on** position.
|
|
- **Client ID**: Enter the Client ID from authentik.
|
|
- **Client Secret**: Enter the Client Secret from authentik.
|
|
|
|
- **Configuration**
|
|
- **Sign-ups**: Set to **Allow**.
|
|
|
|
|
|
- **Identity Details**
|
|
- **Base URL**: `https://authentik.company/`
|
|
- **Client URLs**:
|
|
- **Authorize URL**: `/application/o/authorize/`
|
|
- **Access Token URL**: `/application/o/token/`
|
|
- **Redirect URL**: `https://frappe.company/api/method/frappe.integrations.oauth2_logins.custom/<provider-name>` (replace `<provider-name>` with the name of the provider in Frappe)
|
|
- **API Endpoint**: `/application/o/userinfo/`
|
|
|
|
|
|
- **Client Information**
|
|
- **Auth URL Data**:
|
|
```json
|
|
{ "response_type": "code", "scope": "email profile openid" }
|
|
```
|
|
|
|
|
|
4. **Save the Configuration**
|
|
- Click the black **Save** button in the top-right corner to complete the setup.
|
|
|
|
## Configuration verification
|
|
|
|
To verify that authentik is correctly set up with Frappe, navigate to your Frappe installation and click **Login with Provider**. A successful login should redirect you to the main page of your installation.
|
|
|
|
## Resources
|
|
|
|
- [Frappe's official OpenID Connect guide](https://docs.frappe.io/framework/user/en/guides/integration/openid_connect_and_frappe_social_login)
|