authentik/docs/providers.md

25 lines
1.2 KiB
Markdown

# Providers
Providers allow external applications to authenticate against passbook and use its user information.
## OpenID Provider
This provider utilises the commonly used OpenID Connect variation of OAuth2.
## OAuth2 Provider
This provider is slightly different than the OpenID Provider. While it uses the same basic OAuth2 Protocol, it provides a GitHub-compatible endpoint. This allows you to integrate applications which don't support custom OpenID providers.
The API exposes username, email, name, and groups in a GitHub-compatible format.
This provider currently supports the following scopes:
- `openid`: Access OpenID Userinfo
- `userinfo`: Access OpenID Userinfo
- `email`: Access OpenID Email
- `user:email`: GitHub Compatibility: User Email
- `read:org`: GitHub Compatibility: User Groups
## SAML Provider
This provider allows you to integrate enterprise software using the SAML2 Protocol. It supports signed requests and uses [Property Mappings](property-mappings/index.md#saml-property-mapping) to determine which fields are exposed and what values they return. This makes it possible to expose vendor-specific fields.
Default fields are exposed through auto-generated Property Mappings, which are prefixed with "Autogenerated".