version: 1 metadata: labels: blueprints.goauthentik.io/instantiate: "true" name: wekan entries: - attrs: description: wekan expression: "groupsDict = {\"wekanGroups\": []}\nfor group in request.user.ak_groups.all():\n\ \ my_attributes = group.attributes\n my_attributes[\"displayName\"] = group.name\n\ \ my_attributes[\"isAdmin\"] = group.attributes[\"isAdmin\"] if 'isAdmin' in group.attributes else group.is_superuser\n\ \ my_attributes[\"isActive\"] = group.attributes[\"\ isActive\"] if 'isActive' in group.attributes else True\n my_attributes[\"\ forceCreate\"] = group.attributes[\"forceCreate\"] if 'forceCreate' in group.attributes\ \ else True\n groupsDict[\"wekanGroups\"].append(my_attributes)\nreturn groupsDict" managed: null scope_name: wekan conditions: [] id: wekan_group_mapping identifiers: name: wekan model: authentik_providers_oauth2.scopemapping state: present - attrs: access_code_validity: minutes=1 authorization_flow: !Find [authentik_flows.flow, [slug, default-provider-authorization-implicit-consent]] client_id: {{ secret "wekan_id" }} client_secret: {{ secret "wekan_secret" }} client_type: confidential include_claims_in_id_token: true issuer_mode: per_provider name: Wekan property_mappings: - !Find [authentik_providers_oauth2.scopemapping, [scope_name, openid]] - !Find [authentik_providers_oauth2.scopemapping, [scope_name, email]] - !Find [authentik_providers_oauth2.scopemapping, [scope_name, profile]] - !KeyOf wekan_group_mapping signing_key: !Find [authentik_crypto.certificatekeypair, [name, authentik Self-signed Certificate]] sub_mode: hashed_user_id token_validity: days=30 conditions: [] id: wekan_provider identifiers: pk: 9996 model: authentik_providers_oauth2.oauth2provider state: present - attrs: meta_launch_url: https://{{ env "WEKAN_DOMAIN" }} open_in_new_tab: true policy_engine_mode: any provider: !KeyOf wekan_provider slug: wekan conditions: [] id: wekan_application identifiers: name: Wekan model: authentik_core.application state: present