What do you guys think of authentik? Let us know in the comments below! ➡Subscribe on our website if you want to support us: ibracorp.io ➡Join us on Discord: discord.gg/VWAG7rZ Please don't forget to like and subscribe to help us help you! 👍
loved it until i accidentally deleted a flow that prevents me from logging in. cannot get back in even if i delete all the contains and their corresponding appdata folders and start over. the if/admin pages doesnt exist anymore
Great work! Would love to see how you start using OIDC though. Like having Jellyfin, Calibre-web, and Authentik using the same credentials provided by LDAP to have true single sign-on.
nice i am not the only one who didn't spot the change password the first time. at one point i suspected we needed to create the invite system first in order to do so. but that was not the case. thx for highlighting it
Amazing video, this is what I have been waiting for to secure by setup. If I may make a suggestion for people like me watching from a mobile device, please zoom in on those sections where you are going over the configuration and files. Otherwise the text is hard to make out. Again great video. 👍
Astonishing work guys! Just a question cause I'm just starting to configure an authentication method. And I was planning (already started) to use : Authelia. Now, I just saw this video 😀 What do you think? Authelia or Authentik? Thanks a lot for you wonderful work!!
Thanks for videos, followed your videos on setting up authentik. But I can’t seem to get it to work. I click on the app and takes me to my normal app webpage, not showing my authentik page? I’m using Traefik. I only thing I’ve noticed that I haven’t got “local docker connection “ in the integration part (15:10) which mine is blank?
I had it working for the sonarr but it was getting late so I reverted back to not using Authentik until I could really test it. Now when I add the script back to NGINX advanced tab, I get error 500 regardless if I'm using the private IP or domain for Authentik. I have no idea what's wrong. Still trouble shooting it. 8-13 - I figured out the issue. Provider needs to be set to ForwardAuth (single application) not proxy. There is a mismatch between this video and the documentation on your site so I was a bit confused. Proxy seems to make Authentik act as the reverse proxy.
I would like to congratulate you on your excellent work, I really like your videos. I would like to ask if possible if you could record a video explaining how to run nginx-proxy-manager together with traefik inside portainer, honestly this is an extreme headache for me and I really need to learn, I believe this is the question of several followers. Thanks in advance.
Don’t know if you’ll see this. But how would the traefik route work with services that has built-in login screen like jellyfin? From their docs you’re supposed to use the LDAP feature together with the jellyfin LDAP plugin, but this applies if you run authentik by itself
Authelia is still a great authentication/authorization tool. Authentik at current can do that plus some other features such as OIDC and more. Swag can also be used however was not covered in this guide. Cloudflared can remain and still provides you a safe, tunneled connection. Some other have noted their use cases for both Authelia and Authentik so its really dependant on your tastes and needs.
Hi, what would happen if i use authentik for example on the Immich Docker or nextcloud and i use the apps on my iphone, how does this work for that? or does it not work?
Great video! Got one problem thou, cant get Outpost Integration to work. Have the right data in template but nothing appears in authentik. Tried to add manually in Authentik with "/var/run/docker.sock" and ticked Local but it goes Unhealthy State. Anyone with this problem? Followed these two videos to the letter :)
Hi, great video. I have a question though. Unlike Authelia, Authentik wont sign out of every service when you sign out of the dashboard/panel and you still can access all your apps unless your cookies expire or you manually delete them. Is there a way to change that? Like something to invalidate the cookies once you log out of the authentik dashboard. Thanks in advance
I just went back to Authelia. This is too big a security risk. If it was just myself I’d know, but to offer other people logins, who knows where they would log into to have services that can’t be logged out of.
Amazing video, but I still cant manage to make it work yet, it gives me "event":"no app for hostname" in logs. Would you consider making a video explaining how to integrate CrowdSec in this setup?
If you use the virtual machine for free ipa user management instead of adding users via the file in authelia, this can be handled by authentik's web UI, eliminating the need for an extra VM. That's why I switched, at least.
Found your video's on nginx proxy manager super helpful to start out! Would you like to do an in-depth comparison regarding nginx proxy manager vs cloudflare zero trust tunnel? I'm think of switching to the latter, but not sure if i should..
Thanks for the video. Been waiting for this since I saw the first one. Have to say the authentik doco’s on their site are not helpful even to me (sys admin by day) I’ve now got my forward auth with swag running and Plex source, and SSO for nextcloud. What I’m desperate to find out how to do is to pass basic credentials to services (like they list for sonarr) but more for SAB and Overseer (I have some local users) also a bit annoying that it seems to hate organizr s for login. Found it confusing to try and work out enforcement of 2FA (got there in the end) What’s next in the series? Can you look at using the basic credentials? Can you recommend a group or discord to join for help as guides are extremely limited.
Hi Daniel, Thank you for watching! Glad you enjoyed it. Future videos will entails using SSO and SAML/OIDC to give you single sign on to apps that support it. ( I believe that's you're asking for, too) As for a group, you can join the official Authentik discord and you can also join our Discord as we have many members who use it and may be able to help you. Here's our link: discord.gg/VWAG7rZ
Yes but also the HTTP basic auth for passing through basic passwords to things like photo prism or overseer/Ombi. I want to be able to use authentik to secure overseer for both local users and Plex users
When I go to set this up it isn't auto creating the "outpost integration" I can't seem to figure out how to connect to Unraids docker setup/how to setup outpost integration? Nothing was populated on it's own on my end as your video showed?
@@IBRACORP yes. I am past that now though. Now stuck on the 500 error. Some folks saying enter IP for proxy pass when pasting into NPM but that isn’t working either. Authentik appears to be fine; just need to sort out 500 error once logging in and attempting to be forwarded to service.
@@IBRACORP You don't go over it in the first video or this one. By default, at least for me after following part 1 of your guide, that field is empty with nothing to select in the dropdown
Thanks for the feedback Jackos.. honestly not sure why that is. Haven't had to set it up manually so not sure if it's possibly done in the compose file
I am also struggling with the 500 error. Outpost integrations are not present for me, in your video you have a Docker integration. Outpost I have selected the application as in your video but it seems that without the Outpost integrations, the Docker container can not be retrieved (have configured NPM as described in the video).
Hey! Thanks for the video! Love your vids - and was suprised to see what you looked like in your latest one - not what I expected haha. Anyways, I am having trouble with getting this all working. I think the problem is down to the integration which shows 'no integration active'. I have searched the web far and wide and checked comments on YT (some people having the same issue, but no resolution) but I can not figure out how to fix this. Everything else works as expected in setting up the application etc.. but when I go to the correct domain after setting everything else up I get a 500 error - assuming this is down to the integration issue? Any advice you (or anybody) can provide on this would be greatly appreciated :)
Thanks for another great video! Unfortunately I have a problem with Autentik, I can't change the backgrounds. When I edit a flow and want to upload the background, there is always an error. Via SSH I get the message "access denied" when I try to rename a file. Is there a trick here that I don't know or am I missing something?
This video comes just a bit too late for me since I have recently setup my Authentik server already. I do have a question for you @ibracorp, at the login screen I see your logo next to the username. I had already figured out how to change the logo and wallpaper of the different flows, but I was amazed to see that also that little user logo can be changed. Could you perhaps tell me/us how to do that? I can't find anything to change the user avatar anywhere.
Hi Jimz! Sorry we couldn't get to you on time then 😎 Of course, the avatar is actually being pulled from Gravatar. So it uses the email address of the account you're signed into and pulling it from Gravatar automatically (as long as emails match)
@@IBRACORP Np I watched the video regardless (your videos are great). Hm gravatar you say? So I would need to open an account on that website for that to work?
@@Gatorman3385 now by logging into my code server (error: WebSocket close with status code 1006) and nextcloud goes to my ip address instead of my domain
Unauthenticated api part isn't needed, just have the containers on the same docker network and they can communicate over that, no reason to go through authentik.
Hi Chris! Great points. Although one situation where this won't work is between two sites. For example, we have a website in the cloud that calls home to Sonarr, it would be challenged by Authentik as it comes in via http/s. Most should be fine with what you wrote though.
@@IBRACORP that makes sense. Theoretically you could vpn them and use docker swarm with an overlay network, but I've never tried that so I don't know how practical that would be. Swarm is probably overkill and a vpn might be enough.
VPN is definitely a viable option! Swarm I'm not sure about personally so can't answer that but yeah a VPN definitely is a valid option and of course is probably most secure. In which case would we even need Authentik 👀 Thanks for watching Chris!
Is there an easier alt choice for this? I mean Authentik or authelia is great option, but I'd like to have a simpler app, with less dependence( don't need redis or mariadb).
I would like to congratulate you on your excellent work, I really like your videos. I would like to ask if possible if you could record a video explaining how to run nginx-proxy-manager together with traefik inside portainer, honestly this is an extreme headache for me and I really need to learn, I believe this is the question of several followers. Thanks in advance.
