Init partial OAuth provisioning docs

2022-07-08 23:30:26 -07:00 · 2022-07-08 23:30:26 -07:00 · 540834c4d2
commit 540834c4d2
parent 76223a548a
1 changed files with 28 additions and 0 deletions
--- a/homelab/server/config/authentik/README.md
+++ b/homelab/server/config/authentik/README.md
@ -0,0 +1,28 @@
+# Add an OAuth2 Application
+1. Navigate to the Authentik Admin Interface. Open the Navigation pane and expand Applications. Click on [Providers](https://authentik.jafner.net/if/admin/#/core/providers).
+2. Create a new provider with the following parameters:
+
+| Parameter | Value |
+|:---------:|:-----:|
+| Provider type | OAuth2/OpenID Provider |
+| Name | *Name of new application (e.g. Grafana)* |
+| Authorization flow | Authorize Application (default-provider-authorization-explicit-consent) |
+| Client type | Confidential |
+| Client ID | *Copy this value for later use* |
+| Client Secret | *Copy this value for later use* |
+| Redirect URIs/Origins | *Leave blank* |
+| Signing Key | authentik Self-signed Certificate (RSA) |
+
+3. Leave Advanced protocol settings and Machine-to-Machine authentication settings as defaults. Save by clicking the Finish button.
+4. Navigate to Applications and create a new application with the following parameters:
+
+| Parameter | Value |
+|:---------:|:-----:|
+| Name | *Name of new application (e.g. Grafana)* |
+| Slug | *URL-compliant version of name (e.g. grafana)* |
+| Group | *Leave empty* |
+| Provider | *Select the provider created in step 2* |
+| Policy engine mode | ANY, any policy must match to grant access. |
+
+5. Leave UI settings as default, save by clicking the Create button.
+6. Open the OAuth2 configuration settings in the new application