From 65a4590108bb7e26c2deeb01523f2dd45732f54d Mon Sep 17 00:00:00 2001
From: Joey Hafner <jafner425@gmail.com>
Date: Fri, 8 Jul 2022 23:30:26 -0700
Subject: [PATCH] Init partial OAuth provisioning docs

---
 server/config/authentik/README.md | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/server/config/authentik/README.md b/server/config/authentik/README.md
index e69de29..fad326c 100644
--- a/server/config/authentik/README.md
+++ b/server/config/authentik/README.md
@@ -0,0 +1,28 @@
+# Add an OAuth2 Application
+1. Navigate to the Authentik Admin Interface. Open the Navigation pane and expand Applications. Click on [Providers](https://authentik.jafner.net/if/admin/#/core/providers).
+2. Create a new provider with the following parameters:
+
+| Parameter | Value |
+|:---------:|:-----:|
+| Provider type | OAuth2/OpenID Provider |
+| Name | *Name of new application (e.g. Grafana)* |
+| Authorization flow | Authorize Application (default-provider-authorization-explicit-consent) |
+| Client type | Confidential |
+| Client ID | *Copy this value for later use* |
+| Client Secret | *Copy this value for later use* |
+| Redirect URIs/Origins | *Leave blank* |
+| Signing Key | authentik Self-signed Certificate (RSA) |
+
+3. Leave Advanced protocol settings and Machine-to-Machine authentication settings as defaults. Save by clicking the Finish button.
+4. Navigate to Applications and create a new application with the following parameters:
+
+| Parameter | Value |
+|:---------:|:-----:|
+| Name | *Name of new application (e.g. Grafana)* |
+| Slug | *URL-compliant version of name (e.g. grafana)* |
+| Group | *Leave empty* |
+| Provider | *Select the provider created in step 2* |
+| Policy engine mode | ANY, any policy must match to grant access. |
+
+5. Leave UI settings as default, save by clicking the Create button.
+6. Open the OAuth2 configuration settings in the new application
\ No newline at end of file