Support with django allauth provider

goauthentik / authentik

The authentication glue you need.

https://goauthentik.io

Other

12.81k stars 852 forks source link

Support with django allauth provider #3503

Closed gueldenstone closed 1 year ago

gueldenstone commented 2 years ago

I'm trying to use authentik with django-allauth provided by inventree (https://github.com/inventree/inventree)

I noticed that there are a lot of providers listed, but authentik is missing. I sadly do not have knowledge to implement one myself.

Sorry if I'm on the wrong track here and missed something, I'm still kind of new to all of this.

My goal would be to be able to Signup and Login with authentik into inventree. Is that even possible?

BeryJu commented 2 years ago

Since allauth doesn't seem to support generic OpenID Connect (they only support OpenID), you can use the GitHub compatibility layer (https://goauthentik.io/docs/providers/oauth2/#github-compatibility)

So for allauth you'd have to set GITHUB_URL set to your authentik domain and then create an OAuth2 Provider and application

gueldenstone commented 2 years ago

Oh wow I obviously did not knew about that feature! Thank you for the quick response! I'll give it a try.

Let me take the opportunity to also thank you for your work, we really like using authentik and you support is great!

Kaaybi commented 1 year ago

For information, OIDC has been implemented in django-allauth so once it gets merged we'll likely be able to use Authentik through this 👍 https://github.com/pennersr/django-allauth/pull/3165

benedikt-bartscher commented 1 year ago

I can confirm django-allauth now plays nice with authentik!

gueldenstone commented 1 year ago

Yes. This works now! I'll close this issue.

senbax-admin commented 1 year ago

@gueldenstone maybe we should keep the issue open until we added it to the docs?

talondnb commented 9 months ago

@benedikt-bartscher could you please elaborate on how you set this up? I'm currently implementing inventree and wouldn't mind adding OIDC from the get-go. Thanks in advance.

entnx-01 commented 9 months ago

@talondnb I had the same issue and was able to solve it.

You have to add the following lines to your .env file (if you are using docker compose) SOCIALACCOUNT_PROVIDERS={ "openid_connect": { "SERVERS": [{ "id": "authentik", "name": "Authentik", "server_url": "https://authentik.company/application/o/tandoor/.well-known/openid-configuration", "token_auth_method": "client_secret_basic", "APP": { "client_id": "ClientIdFromProvider", "secret": "SecretFromProvider" } } ] } }

Please replace server_url, client_id and secret.

You also have to enable the new provider by adding: SOCIAL_PROVIDERS = allauth.socialaccount.providers.openid_connect

btw. there is an open PR to add that to the documentation: https://github.com/goauthentik/authentik/pull/6609