mirror of
https://github.com/grafana/grafana.git
synced 2024-12-22 15:13:38 -06:00
DevEnv: Add Support for SAML SLO in Authentik (#69147)
* Update Authentik Image Version in docker-compose.yaml Update Authentik Image Version in `docker-compose.yaml` to use the current version (as of writing) which is `2023.5.1` where this has been tested against. * DevEnv: update SLO support for Authentik
This commit is contained in:
parent
7039c398de
commit
711cedfe34
@ -44,8 +44,9 @@ active_sync_enabled = true
|
|||||||
|
|
||||||
Grafana expects SLO support to be communicated in the metadata
|
Grafana expects SLO support to be communicated in the metadata
|
||||||
|
|
||||||
Single Logout is not supported by authentik.
|
Single Logout is now supported by authentik in versions `2023.1` and higher;
|
||||||
https://github.com/goauthentik/authentik/issues/3321
|
|
||||||
|
Source: <https://goauthentik.io/docs/releases/2023.1#new-features>
|
||||||
|
|
||||||
**Warning** Client signature validation
|
**Warning** Client signature validation
|
||||||
|
|
||||||
@ -65,7 +66,7 @@ assertion_attribute_email = http://schemas.xmlsoap.org/ws/2005/05/identity/claim
|
|||||||
assertion_attribute_groups = http://schemas.xmlsoap.org/claims/Group
|
assertion_attribute_groups = http://schemas.xmlsoap.org/claims/Group
|
||||||
assertion_attribute_org = http://schemas.xmlsoap.org/claims/Group
|
assertion_attribute_org = http://schemas.xmlsoap.org/claims/Group
|
||||||
allow_sign_up = true
|
allow_sign_up = true
|
||||||
single_logout = false # not supported by authentik
|
single_logout = true # supported by authentik v2023.1 and newer
|
||||||
signature_algorithm = rsa-sha256
|
signature_algorithm = rsa-sha256
|
||||||
allow_idp_initiated = true
|
allow_idp_initiated = true
|
||||||
org_mapping = admin:1:Admin, editor:1:Editor, viewer:1:Viewer
|
org_mapping = admin:1:Admin, editor:1:Editor, viewer:1:Viewer
|
||||||
@ -115,4 +116,4 @@ In case you want to make changes to the devenv setup, you can dump keycloak's DB
|
|||||||
```bash
|
```bash
|
||||||
cd devenv;
|
cd devenv;
|
||||||
docker-compose exec -T authentikdb bash -c "pg_dump -U authentik authentik" > docker/blocks/auth/authentik/cloak.sql
|
docker-compose exec -T authentikdb bash -c "pg_dump -U authentik authentik" > docker/blocks/auth/authentik/cloak.sql
|
||||||
```
|
```
|
||||||
|
@ -39,7 +39,7 @@
|
|||||||
- "authentik:authentik"
|
- "authentik:authentik"
|
||||||
|
|
||||||
authentik:
|
authentik:
|
||||||
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.2.3}
|
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.5.1}
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
container_name: authentik
|
container_name: authentik
|
||||||
command: server
|
command: server
|
||||||
@ -66,7 +66,7 @@
|
|||||||
- "authentikredis:authentikredis"
|
- "authentikredis:authentikredis"
|
||||||
|
|
||||||
authentik-worker:
|
authentik-worker:
|
||||||
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.12.1}
|
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.5.1}
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
container_name: authentik-worker
|
container_name: authentik-worker
|
||||||
command: worker
|
command: worker
|
||||||
|
Loading…
Reference in New Issue
Block a user