authentik

mirror of https://github.com/goauthentik/authentik.git synced 2026-01-27 15:02:04 +01:00

The authentication glue you need.

authentication authentik authorization kubernetes oauth2 oauth2-client oauth2-server oidc oidc-client oidc-provider proxy reverse-proxy saml saml-idp saml-sp security sso

Python 51.4%
TypeScript 32.1%
MDX 7.5%
Go 4.4%
JavaScript 2%
Other 2.5%

Find a file

Dominic R 33594c9cb4 Some checks are pending CI - API Docs / lint (prettier-check) (push) Waiting to run Details CI - API Docs / build (push) Waiting to run Details CI - API Docs / deploy (push) Blocked by required conditions Details CI - Source code docs / publish-source-docs (push) Waiting to run Details CI - Docs / lint (prettier-check) (push) Waiting to run Details CI - Docs / build-docs (push) Waiting to run Details CI - Docs / build-integrations (push) Waiting to run Details CI - Docs / build-container (push) Waiting to run Details CI - Docs / ci-website-mark (push) Blocked by required conditions Details QA - CodeQL / Analyze (push) Waiting to run Details QA - CodeQL / Analyze-1 (push) Waiting to run Details QA - CodeQL / Analyze-2 (push) Waiting to run Details admin/files: add centralized theme variable support for file URLs (#19657 ) * Revert "admin/files: support %(theme)s variable in media file paths (#19108)" This reverts commit `1a963d27c8`. * admin/files: add centralized theme variable support for file URLs Overview: Adds support for `%(theme)s` placeholder in file paths, which allows theme-specific assets (like logos, backgrounds, icons) to be served based on the user's current theme (light/dark). This replaces the previous implementation (reverted in this PR) which only handled theme substitution in the Go file backend and instead uses the new approach which centralizes theme logic and works across both backends. Testing: Try out the following for the file and s3 backend: * Ensure themed images load * Ensure non-themed images load Motivation: Internal * brands: fix tests * admin/files: s3 backend: fix tests .xyz is a known MIME type for chemical/molecular structure files * admin/files: api: fix tests * core: fix tests * admin/files: manager: fix tests * admin/files: Support themed urls for passthrough backend * admin/files: Create and use ThemedUrlsSerializer * root: Regenerate * core: Add read_only=True since it's a computed field from the model * root: Regenerate * web: Use the ThemedUrlsSerializer * web, core: Fix frontend build * core: Lint * admin/files: Fix tests following CodeQL * flows, providers: fix tests		2026-01-27 08:09:42 -05:00
.github	ci: bump actions/attest-build-provenance from 3.1.0 to 3.2.0 (#19783 )	2026-01-27 13:09:07 +01:00
.vscode	web/i18n: Locale Context Merge Branch (#18426 )	2025-12-03 06:30:07 +00:00
authentik	admin/files: add centralized theme variable support for file URLs (#19657 )	2026-01-27 08:09:42 -05:00
blueprints	endpoints: FleetDM connector (#18589 )	2026-01-23 21:40:28 +01:00
cmd	cmd/server/healthcheck: remove worker HTTP healthcheck (#18090 )	2025-11-12 14:42:30 +00:00
internal	admin/files: add centralized theme variable support for file URLs (#19657 )	2026-01-27 08:09:42 -05:00
lifecycle	lifecycle/aws: bump aws-cdk from 2.1102.0 to 2.1103.0 in /lifecycle/aws (#19744 )	2026-01-26 13:42:54 +01:00
locale	core, web: update translations (#19535 )	2026-01-21 13:52:25 +01:00
packages	core, web: bump lodash from 4.17.21 to 4.17.23 in /packages/docusaurus-config (#19655 )	2026-01-22 11:51:30 +01:00
schemas
scripts	core: bump openapitools/openapi-diff from 2.1.6 to 2.1.7 in /scripts/api (#19779 )	2026-01-27 13:12:43 +01:00
tests	web/sfe: downgrade bootstrap, add access denied test (#19763 )	2026-01-26 16:14:12 +01:00
web	admin/files: add centralized theme variable support for file URLs (#19657 )	2026-01-27 08:09:42 -05:00
website	website/docs: endpoint devices: fix local device login (#19698 )	2026-01-27 09:44:16 +00:00
.dockerignore
.editorconfig
.gitignore	providers/oauth2: Automated OpenID Conformance tests (#14785 )	2025-12-22 20:21:22 +01:00
.prettierignore	web: Update Deprecated NPM Packages (#18335 )	2025-11-24 13:31:42 -05:00
CODE_OF_CONDUCT.md
CODEOWNERS	web: Capitalize language display names, code owner fix (#19119 )	2025-12-30 18:04:36 -05:00
CONTRIBUTING.md	root: clean up README (#16286 )	2025-09-02 21:38:53 +00:00
go.mod	core: bump github.com/pires/go-proxyproto from 0.9.1 to 0.9.2 (#19778 )	2026-01-27 13:13:15 +01:00
go.sum	core: bump github.com/pires/go-proxyproto from 0.9.1 to 0.9.2 (#19778 )	2026-01-27 13:13:15 +01:00
LICENSE
Makefile	root: update client-go generation (#19762 )	2026-01-26 19:51:38 +01:00
manage.py
package-lock.json	root, web: Bump package-lock.json (#19501 )	2026-01-16 13:26:03 +01:00
package.json	root: bump version to 2026.2.0-rc1 (#18794 )	2025-12-12 20:59:47 +00:00
pyproject.toml	core: bump gssapi from 1.10.1 to 1.11.1 (#19781 )	2026-01-27 13:12:11 +01:00
README.md	root: Fix transifex link (#17696 )	2025-10-24 19:01:42 +02:00
schema.yml	admin/files: add centralized theme variable support for file URLs (#19657 )	2026-01-27 08:09:42 -05:00
SECURITY.md	core: Update supported versions in SECURITY.md (#19385 )	2026-01-14 05:14:10 +00:00
tsconfig.json	web: Update Deprecated NPM Packages (#18335 )	2025-11-24 13:31:42 -05:00
uv.lock	core: bump gssapi from 1.10.1 to 1.11.1 (#19781 )	2026-01-27 13:12:11 +01:00

README.md

authentik logo

What is authentik?

authentik is an open-source Identity Provider (IdP) for modern SSO. It supports SAML, OAuth2/OIDC, LDAP, RADIUS, and more, designed for self-hosting from small labs to large production clusters.

Our enterprise offering is available for organizations to securely replace existing IdPs such as Okta, Auth0, Entra ID, and Ping Identity for robust, large-scale identity management.

Installation

Docker Compose: recommended for small/test setups. See the documentation.
Kubernetes (Helm Chart): recommended for larger setups. See the documentation and the Helm chart repository.
AWS CloudFormation: deploy on AWS using our official templates. See the documentation.
DigitalOcean Marketplace: one-click deployment via the official Marketplace app. See the app listing.