diff --git a/.env.sample b/.env.sample
index 2f4533c..59f9392 100644
--- a/.env.sample
+++ b/.env.sample
@@ -163,5 +163,12 @@ COPY_ASSETS="$COPY_ASSETS icon.png|app:/web/dist/assets/icons/"
 # APP_ICONS="$APP_ICONS mila:~/.abra/recipes/authentik/icons/mila.svg"
 # MILA_APPGROUP=""
 
+# COMPOSE_FILE="$COMPOSE_FILE:compose.writefreely.yml"
+# WRITEFREELY_DOMAIN=writefreely.example.com
+# SECRET_WRITEFREELY_ID_VERSION=v1
+# SECRET_WRITEFREELY_SECRET_VERSION=v1
+# APP_ICONS="nextcloud:~/.abra/recipes/authentik/icons/writefreely.png"
+# WRITEFREELY_APPGROUP="$GROUP_DOCUMENTATION"
+
 # APPLICATIONS='{"Calendar": {"url":"https://nextcloud.example.com/apps/calendar/", "group": ""}, "BBB": {"url":"https://nextcloud.example.com/apps/bbb/", "group":""}, "Pretix": {"url":"https://pretix.example.com/control/", "group":""}}'
 # EXTRA_ICONS={"Calendar": "~/.abra/recipes/authentik/icons/calendar.svg", "BBB": "~/.abra/recipes/authentik/icons/bbb.png", "Pretix": "~/.abra/recipes/authentik/icons/pretix.svg"}
diff --git a/abra.sh b/abra.sh
index aeae215..58e4ae7 100644
--- a/abra.sh
+++ b/abra.sh
@@ -16,6 +16,7 @@ export ZAMMAD_CONFIG_VERSION=v4
 export RALLLY_CONFIG_VERSION=v4
 export HEDGEDOC_CONFIG_VERSION=v3
 export MONITORING_CONFIG_VERSION=v4
+export WRITEFREELY_CONFIG_VERSION=v1
 export MILA_CONFIG_VERSION=v1
 export DB_ENTRYPOINT_VERSION=v1
 export PG_BACKUP_VERSION=v2
diff --git a/compose.writefreely.yml b/compose.writefreely.yml
new file mode 100644
index 0000000..837a455
--- /dev/null
+++ b/compose.writefreely.yml
@@ -0,0 +1,26 @@
+version: "3.8"
+services:
+  worker:
+    secrets:
+      - writefreely_id
+      - writefreely_secret
+    environment:
+      - WRITEFREELY_DOMAIN
+    configs:
+      - source: writefreely
+        target: /blueprints/writefreely.yaml
+
+secrets:
+  writefreely_id:
+    external: true
+    name: ${STACK_NAME}_writefreely_id_${SECRET_WRITEFREELY_ID_VERSION}
+  writefreely_secret:
+    external: true
+    name: ${STACK_NAME}_writefreely_secret_${SECRET_WRITEFREELY_SECRET_VERSION}
+
+
+configs:
+  writefreely:
+    name: ${STACK_NAME}_writefreely_${WRITEFREELY_CONFIG_VERSION}
+    file: writefreely.yaml.tmpl
+    template_driver: golang
diff --git a/icons/writefreely.png b/icons/writefreely.png
new file mode 100644
index 0000000..1136dc3
Binary files /dev/null and b/icons/writefreely.png differ
diff --git a/writefreely.yaml.tmpl b/writefreely.yaml.tmpl
new file mode 100644
index 0000000..6a64991
--- /dev/null
+++ b/writefreely.yaml.tmpl
@@ -0,0 +1,61 @@
+version: 1
+metadata:
+  labels:
+    blueprints.goauthentik.io/instantiate: "true"
+  name: Writefreely
+
+entries:
+- attrs:
+    description: writefreely
+    expression: 'return { "writefreely_groups": [{"gid": group.name, "displayName":
+      group.name} for group in request.user.ak_groups.all()], }'
+    managed: null
+    scope_name: writefreely
+  conditions: []
+  id: writefreely_group_mapping
+  identifiers:
+    name: writefreely
+  model: authentik_providers_oauth2.scopemapping
+  state: present
+
+- attrs:
+    access_code_validity: minutes=1
+    authentication_flow: !Find [authentik_flows.flow, [slug, default-authentication-flow]]
+    authorization_flow: !Find [authentik_flows.flow, [slug, default-provider-authorization-implicit-consent]]
+    invalidation_flow: !Find [authentik_flows.flow, [slug, default-provider-invalidation-flow]]
+    client_id: {{ secret  "writefreely_id" }}
+    client_secret: {{ secret  "writefreely_secret" }}
+    client_type: confidential
+    include_claims_in_id_token: true
+    issuer_mode: per_provider
+    redirect_uris:
+    - matching_mode: strict
+      url: https://{{ env  "WRITEFREELY_DOMAIN" }}/oauth/callback/generic
+    name: Writefreely
+    property_mappings:
+    - !Find [authentik_providers_oauth2.scopemapping, [scope_name, openid]]
+    - !Find [authentik_providers_oauth2.scopemapping, [scope_name, email]]
+    - !Find [authentik_providers_oauth2.scopemapping, [scope_name, profile]]
+    - !KeyOf writefreely_group_mapping
+    signing_key: !Find [authentik_crypto.certificatekeypair, [name, authentik Self-signed Certificate]]
+    sub_mode: user_username
+    token_validity: days=30
+  conditions: []
+  id: writefreely_provider
+  identifiers:
+    pk: 9988
+  model: authentik_providers_oauth2.oauth2provider
+  state: present
+
+- attrs:
+    meta_launch_url: https://{{ env  "WRITEFREELY_DOMAIN" }}
+    open_in_new_tab: true
+    policy_engine_mode: any
+    provider: !KeyOf writefreely_provider
+    slug: writefreely
+  conditions: []
+  id: writefreely_application
+  identifiers:
+    name: Writefreely
+  model: authentik_core.application
+  state: present