42 lines
1.4 KiB
YAML
42 lines
1.4 KiB
YAML
version: 1
|
|
metadata:
|
|
name: "Homepage Dashboard - OIDC Provisioning"
|
|
labels:
|
|
blueprints.goauthentik.io/instantiate: "true"
|
|
|
|
entries:
|
|
# 1. Create the OAuth2/OIDC Provider
|
|
- model: authentik_providers_oauth2.oauth2provider
|
|
identifiers:
|
|
slug: homepage-provider
|
|
attrs:
|
|
name: "Homepage Provider"
|
|
client_type: "confidential"
|
|
client_id: !Env AUTHENTIK_HOME_CID"
|
|
client_secret: !Env AUTHENTIK_HOME_CSEC"
|
|
authorization_flow:
|
|
!Find [authentik_flows.flow, [slug, default-authorization-flow]]
|
|
# Update this URI to match your dashboard's literal URL
|
|
redirect_uris:
|
|
- "https://@HOMEPAGE_DOMAIN@"
|
|
# Bind default OpenID scopes plus our custom groups scope
|
|
property_mappings:
|
|
- !Find [authentik_providers_oauth2.scopemapping, [scope_name, openid]]
|
|
- !Find [authentik_providers_oauth2.scopemapping, [scope_name, profile]]
|
|
- !Find [authentik_providers_oauth2.scopemapping, [scope_name, email]]
|
|
- !Find [authentik_providers_oauth2.scopemapping, [scope_name, group]]
|
|
|
|
# 2. Create the Application and link it to the Provider
|
|
- model: authentik_core.application
|
|
identifiers:
|
|
slug: homepage
|
|
attrs:
|
|
name: "Homepage"
|
|
launch_url: "@HOMEPAGE_DOMAIN@"
|
|
provider:
|
|
!Find [
|
|
authentik_providers_oauth2.oauth2provider,
|
|
[name, Homepage Provider],
|
|
]
|
|
open_in_new_tab: false
|