60 lines
1.6 KiB
Cheetah
60 lines
1.6 KiB
Cheetah
version: 1
|
|
metadata:
|
|
labels:
|
|
blueprints.goauthentik.io/instantiate: "true"
|
|
name: Wordpress
|
|
|
|
entries:
|
|
|
|
- attrs:
|
|
access_code_validity: minutes=1
|
|
authorization_flow: !Find [authentik_flows.flow, [slug, default-provider-authorization-implicit-consent]]
|
|
client_id: {{ secret "wordpress_id" }}
|
|
client_secret: {{ secret "wordpress_secret" }}
|
|
client_type: confidential
|
|
include_claims_in_id_token: true
|
|
issuer_mode: per_provider
|
|
name: Wordpress
|
|
property_mappings:
|
|
- !Find [authentik_providers_oauth2.scopemapping, [scope_name, openid]]
|
|
- !Find [authentik_providers_oauth2.scopemapping, [scope_name, email]]
|
|
- !Find [authentik_providers_oauth2.scopemapping, [scope_name, profile]]
|
|
signing_key: !Find [authentik_crypto.certificatekeypair, [name, authentik Self-signed Certificate]]
|
|
sub_mode: user_username
|
|
token_validity: days=30
|
|
conditions: []
|
|
id: wordpress_provider
|
|
identifiers:
|
|
pk: 9998
|
|
model: authentik_providers_oauth2.oauth2provider
|
|
state: present
|
|
|
|
- attrs:
|
|
meta_launch_url: https://{{ env "WORDPRESS_DOMAIN" }}/wp-login.php
|
|
open_in_new_tab: true
|
|
policy_engine_mode: any
|
|
provider: !KeyOf wordpress_provider
|
|
slug: wordpress
|
|
conditions: []
|
|
id: wordpress_application
|
|
identifiers:
|
|
name: Wordpress
|
|
model: authentik_core.application
|
|
state: present
|
|
|
|
{{ if ne (env "WORDPRESS_GROUP") "" }}
|
|
- identifiers:
|
|
name: {{ env "WORDPRESS_GROUP" }}
|
|
attrs:
|
|
users:
|
|
- 1
|
|
id: wordpress_group
|
|
model: authentik_core.group
|
|
|
|
- identifiers:
|
|
group: !KeyOf wordpress_group
|
|
target: !KeyOf wordpress_application
|
|
order: 0
|
|
model: authentik_policies.policybinding
|
|
{{ end }}
|