mirror of
https://github.com/grafana/grafana.git
synced 2024-12-22 15:13:38 -06:00
DevEnv: Add Support for SAML SLO in Authentik (#69147)
* Update Authentik Image Version in docker-compose.yaml Update Authentik Image Version in `docker-compose.yaml` to use the current version (as of writing) which is `2023.5.1` where this has been tested against. * DevEnv: update SLO support for Authentik
This commit is contained in:
parent
7039c398de
commit
711cedfe34
@ -44,8 +44,9 @@ active_sync_enabled = true
|
||||
|
||||
Grafana expects SLO support to be communicated in the metadata
|
||||
|
||||
Single Logout is not supported by authentik.
|
||||
https://github.com/goauthentik/authentik/issues/3321
|
||||
Single Logout is now supported by authentik in versions `2023.1` and higher;
|
||||
|
||||
Source: <https://goauthentik.io/docs/releases/2023.1#new-features>
|
||||
|
||||
**Warning** Client signature validation
|
||||
|
||||
@ -65,7 +66,7 @@ assertion_attribute_email = http://schemas.xmlsoap.org/ws/2005/05/identity/claim
|
||||
assertion_attribute_groups = http://schemas.xmlsoap.org/claims/Group
|
||||
assertion_attribute_org = http://schemas.xmlsoap.org/claims/Group
|
||||
allow_sign_up = true
|
||||
single_logout = false # not supported by authentik
|
||||
single_logout = true # supported by authentik v2023.1 and newer
|
||||
signature_algorithm = rsa-sha256
|
||||
allow_idp_initiated = true
|
||||
org_mapping = admin:1:Admin, editor:1:Editor, viewer:1:Viewer
|
||||
@ -115,4 +116,4 @@ In case you want to make changes to the devenv setup, you can dump keycloak's DB
|
||||
```bash
|
||||
cd devenv;
|
||||
docker-compose exec -T authentikdb bash -c "pg_dump -U authentik authentik" > docker/blocks/auth/authentik/cloak.sql
|
||||
```
|
||||
```
|
||||
|
@ -39,7 +39,7 @@
|
||||
- "authentik:authentik"
|
||||
|
||||
authentik:
|
||||
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.2.3}
|
||||
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.5.1}
|
||||
restart: unless-stopped
|
||||
container_name: authentik
|
||||
command: server
|
||||
@ -66,7 +66,7 @@
|
||||
- "authentikredis:authentikredis"
|
||||
|
||||
authentik-worker:
|
||||
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.12.1}
|
||||
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.5.1}
|
||||
restart: unless-stopped
|
||||
container_name: authentik-worker
|
||||
command: worker
|
||||
|
Loading…
Reference in New Issue
Block a user