authentik/outpost
Jens Langhammer 32934fcd38 outpost/ldap: check access based on Group Membership
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 00:03:19 +02:00
..
cmd outposts/ldap: fix linting 2021-04-26 12:24:46 +02:00
pkg outpost/ldap: check access based on Group Membership 2021-05-05 00:03:19 +02:00
.dockerignore
.gitignore
Makefile outpost: forwardAuth mode (#790) 2021-04-29 18:17:10 +02:00
README.md *: fix more URLs for github org 2021-04-22 11:06:56 +02:00
azure-pipelines.yml outposts/ldap: add dockerfile 2021-04-26 15:35:56 +02:00
go.mod outposts/ldap: save user DN to determine who can search 2021-05-04 21:49:15 +02:00
go.sum outposts/ldap: save user DN to determine who can search 2021-05-04 21:49:15 +02:00
ldap.Dockerfile outposts/ldap: add dockerfile 2021-04-26 15:35:56 +02:00
proxy.Dockerfile outposts/ldap: use authorization_flow instead of separate field 2021-04-26 15:09:41 +02:00

README.md

authentik outpost

CI Build status Docker pulls (proxy)

Reverse Proxy based on oauth2_proxy, completely managed and monitored by authentik.

Usage

authentik Proxy is built to be configured by authentik itself, hence the only options you can directly give it are connection params.

The following environment variable are implemented:

AUTHENTIK_HOST: Full URL to the authentik instance with protocol, i.e. "https://authentik.company.tld"

AUTHENTIK_TOKEN: Token used to authenticate against authentik. This is generated after an Outpost instance is created.

AUTHENTIK_INSECURE: This environment variable can optionally be set to ignore the SSL Certificate of the authentik instance. Applies to both HTTP and WS connections.

Development

authentik Proxy uses an auto-generated API Client to communicate with authentik. This client is not kept in git. To generate the client locally, run make generate.

Afterwards you can build the proxy like any other Go project, using go build.