1.8 KiB
1.8 KiB
Add an OAuth2 Application
- Navigate to the Authentik Admin Interface. Open the Navigation pane and expand Applications. Click on Providers.
- Create a new provider with the following parameters:
| Parameter | Value |
|---|---|
| Provider type | OAuth2/OpenID Provider |
| Name | Name of new application (e.g. Grafana) |
| Authorization flow | Authorize Application (default-provider-authorization-explicit-consent) |
| Client type | Confidential |
| Client ID | Copy this value for later use |
| Client Secret | Copy this value for later use |
| Redirect URIs/Origins | Leave blank |
| Signing Key | authentik Self-signed Certificate (RSA) |
- Leave Advanced protocol settings and Machine-to-Machine authentication settings as defaults. Save by clicking the Finish button.
- Navigate to Applications and create a new application with the following parameters:
| Parameter | Value |
|---|---|
| Name | Name of new application (e.g. Grafana) |
| Slug | URL-compliant version of name (e.g. grafana) |
| Group | Leave empty |
| Provider | Select the provider created in step 2 |
| Policy engine mode | ANY, any policy must match to grant access. |
- Leave UI settings as default, save by clicking the Create button.
- Open the OAuth2 configuration settings in the new application and apply settings as follows:
| Common Application Configuration Term | Value (or Authentik key) |
|---|---|
| Client Type | Confidential |
| Client ID | Client ID |
| Client Secret | Client Secret |
| Scopes | email openid profile |
| Auth URL | Authorize URL |
| Token URL | Token URL |
| API URl | Userinfo URL |
- Apply and restart the application.