authentik/docs/providers.md

1.2 KiB

Providers

Providers allow external applications to authenticate against passbook and use its user information.

OpenID Provider

This provider utilises the commonly used OpenID Connect variation of OAuth2.

OAuth2 Provider

This provider is slightly different than the OpenID Provider. While it uses the same basic OAuth2 Protocol, it provides a GitHub-compatible endpoint. This allows you to integrate applications which don't support custom OpenID providers. The API exposes username, email, name, and groups in a GitHub-compatible format. This provider currently supports the following scopes:

  • openid: Access OpenID Userinfo
  • userinfo: Access OpenID Userinfo
  • email: Access OpenID Email
  • user:email: GitHub Compatibility: User Email
  • read:org: GitHub Compatibility: User Groups

SAML Provider

This provider allows you to integrate enterprise software using the SAML2 Protocol. It supports signed requests and uses Property Mappings to determine which fields are exposed and what values they return. This makes it possible to expose vendor-specific fields. Default fields are exposed through auto-generated Property Mappings, which are prefixed with "Autogenerated".