mirrors
/
authentik
mirror of https://github.com/goauthentik/authentik.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
authentik/website/docs/customize/blueprints/v1/models.md

3.4 KiB
Raw Permalink Blame History

Models

Some models behave differently and allow for access to different API fields when created via blueprint.

authentik_core.token

key authentik 2023.4+

Via the standard API, a token's key cannot be changed, it can only be rotated. This is to ensure a high entropy in it's key, and to prevent insecure data from being used. However, when provisioning tokens via a blueprint, it may be required to set a token to an existing value.

With blueprints, the field key can be set, to set the token's key to any value.

For example:

# [...]
- model: authentik_core.token
  state: present
  identifiers:
      identifier: my-token
  attrs:
      key: this-should-be-a-long-value
      user: !KeyOf my-user
      intent: api

authentik_core.user

password authentik 2023.6+

Via the standard API, a user's password can only be set via the separate /api/v3/core/users/<id>/set_password/ endpoint. In blueprints, the password of a user can be set using the password field.

Keep in mind that if an LDAP Source is configured and the user maps to an LDAP user, this password change will be propagated to the LDAP server.

For example:

# [...]
- model: authentik_core.user
  state: present
  identifiers:
      username: test-user
  attrs:
      name: test user
      password: this-should-be-a-long-value

permissions authentik 2024.8+

The permissions field can be used to set global permissions for a user. A full list of possible permissions is included in the JSON schema for blueprints.

For example:

# [...]
- model: authentik_core.user
  identifiers:
      username: test-user
  attrs:
      permissions:
          - authentik_blueprints.view_blueprintinstance

authentik_core.application

icon authentik 2023.5+

Application icons can be directly set to URLs with the icon field.

For example:

# [...]
- model: authentik_core.application
  identifiers:
      slug: my-app
  attrs:
      name: My App
      icon: https://goauthentik.io/img/icon.png

authentik_sources_oauth.oauthsource, authentik_sources_saml.samlsource, authentik_sources_plex.plexsource

icon authentik 2023.5+

Source icons can be directly set to URLs with the icon field.

For example:

# [...]
- model: authentik_sources_oauth.oauthsource
  identifiers:
      slug: my-source
  attrs:
      name: My source
      icon: https://goauthentik.io/img/icon.png

authentik_flows.flow

icon authentik 2023.5+

Flow backgrounds can be directly set to URLs with the background field.

For example:

# [...]
- model: authentik_flows.flow
  identifiers:
      slug: my-flow
  attrs:
      name: my-flow
      title: My flow
      designation: authentication
      background: https://goauthentik.io/img/icon.png

authentik_rbac.role

permissions authentik 2024.8+

The permissions field can be used to set global permissions for a role. A full list of possible permissions is included in the JSON schema for blueprints.

For example:

# [...]
- model: authentik_rbac.role
  identifiers:
      name: test-role
  attrs:
      permissions:
          - authentik_blueprints.view_blueprintinstance