From be91a23909f5ad53039ee26e53acdb46493cdc0e Mon Sep 17 00:00:00 2001
From: NiceDevil <17103076+nicedevil007@users.noreply.github.com>
Date: Wed, 5 Feb 2025 16:58:38 +0100
Subject: [PATCH 01/10] initial release
---
.../integrations/services/open-webui/index.md | 55 +++++++++++++++++++
website/sidebarsIntegrations.js | 1 +
2 files changed, 56 insertions(+)
create mode 100644 website/integrations/services/open-webui/index.md
diff --git a/website/integrations/services/open-webui/index.md b/website/integrations/services/open-webui/index.md
new file mode 100644
index 000000000000..dc85ab5fd7e3
--- /dev/null
+++ b/website/integrations/services/open-webui/index.md
@@ -0,0 +1,55 @@
+---
+title: Integrate with Open WebUI
+sidebar_label: Open WebUI
+---
+
+# Integrate with Open WebUI
+
+Support level: Community
+
+## What is Open WebUI
+
+> Open WebUI is a simple, self-hosted AI platform that works entirely offline. It supports tools like Ollama and OpenAI-style APIs and has a built-in engine for RAG tasks.
+>
+> -- https://openwebui.com/
+
+## Preparation
+
+The following placeholders are used in this guide:
+
+- `openwebui.company` is the FQDN of the Service installation.
+- `authentik.company` is the FQDN of the authentik installation.
+
+:::note
+This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
+:::
+
+## authentik configuration
+
+[Create](https://docs.goauthentik.io/docs/add-secure-apps/applications/manage_apps#add-new-applications) an OAuth2/OpenID provider and an application in authentik using the wizard.
+
+Provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
+ - Note the **Client ID**, **Client Secret**, and **slug** values for later use.
+ - Set the redirect URI to https://openwebui.company/oauth/oidc/callback.
+ - Select any available signing key.
+
+## Open WebUI configuration
+
+You need to set the environment variables according to your deployment method—either via Docker or in the .env file.
+
+Enter the following details from the authentik provider:
+ - Set **OAUTH_CLIENT_ID** to the Client ID copied from authentik.
+ - Set **OAUTH_CLIENT_SECRET** to the Client Secret copied from authentik.
+ - Set **OAUTH_PROVIDER_NAME** to `authentik`.
+ - Set **OPENID_PROVIDER_URL** to https://authentik.company/o/slug/.well-known/openid-configuration.
+
+## Configuration verification
+
+- Open your web browser and go to: https://openwebui.company.
+- Click **Continue with authentik** to log in.
+- You should be redirected to authentik (following the login flow you configured). After logging in, authentik will redirect you back to https://openwebui.company.
+- If you successfully return to the Open WebUI, the login is working correctly.
+
+:::note
+Users are automatically created, but an administrator must update their role to at least "User" via the WebGUI.
+:::
diff --git a/website/sidebarsIntegrations.js b/website/sidebarsIntegrations.js
index cd1637da15a1..16df957bfb82 100644
--- a/website/sidebarsIntegrations.js
+++ b/website/sidebarsIntegrations.js
@@ -133,6 +133,7 @@ module.exports = {
"services/jellyfin/index",
"services/komga/index",
"services/node-red/index",
+ "services/open-webui/index",
"services/semaphore/index",
"services/sonar-qube/index",
"services/sonarr/index",
From cafe95260862a559cb556fccfdcf73686d6ebce8 Mon Sep 17 00:00:00 2001
From: nicedevil007
Date: Wed, 5 Feb 2025 16:09:02 +0000
Subject: [PATCH 02/10] Ready for PR
---
website/integrations/services/open-webui/index.md | 11 ++---------
1 file changed, 2 insertions(+), 9 deletions(-)
diff --git a/website/integrations/services/open-webui/index.md b/website/integrations/services/open-webui/index.md
index dc85ab5fd7e3..60db406c5ad0 100644
--- a/website/integrations/services/open-webui/index.md
+++ b/website/integrations/services/open-webui/index.md
@@ -28,20 +28,13 @@ This documentation lists only the settings that you need to change from their de
[Create](https://docs.goauthentik.io/docs/add-secure-apps/applications/manage_apps#add-new-applications) an OAuth2/OpenID provider and an application in authentik using the wizard.
-Provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
- - Note the **Client ID**, **Client Secret**, and **slug** values for later use.
- - Set the redirect URI to https://openwebui.company/oauth/oidc/callback.
- - Select any available signing key.
+Provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations. - Note the **Client ID**, **Client Secret**, and **slug** values for later use. - Set the redirect URI to https://openwebui.company/oauth/oidc/callback. - Select any available signing key.
## Open WebUI configuration
You need to set the environment variables according to your deployment method—either via Docker or in the .env file.
-Enter the following details from the authentik provider:
- - Set **OAUTH_CLIENT_ID** to the Client ID copied from authentik.
- - Set **OAUTH_CLIENT_SECRET** to the Client Secret copied from authentik.
- - Set **OAUTH_PROVIDER_NAME** to `authentik`.
- - Set **OPENID_PROVIDER_URL** to https://authentik.company/o/slug/.well-known/openid-configuration.
+Enter the following details from the authentik provider: - Set **OAUTH_CLIENT_ID** to the Client ID copied from authentik. - Set **OAUTH_CLIENT_SECRET** to the Client Secret copied from authentik. - Set **OAUTH_PROVIDER_NAME** to `authentik`. - Set **OPENID_PROVIDER_URL** to https://authentik.company/o/slug/.well-known/openid-configuration.
## Configuration verification
From b3652d4f4d636d3d317a9e623f2a1e1584d80ce1 Mon Sep 17 00:00:00 2001
From: NiceDevil <17103076+nicedevil007@users.noreply.github.com>
Date: Wed, 5 Feb 2025 18:32:31 +0100
Subject: [PATCH 03/10] index.md aktualisieren
Co-authored-by: Dominic R
Signed-off-by: NiceDevil <17103076+nicedevil007@users.noreply.github.com>
---
website/integrations/services/open-webui/index.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/website/integrations/services/open-webui/index.md b/website/integrations/services/open-webui/index.md
index 60db406c5ad0..ec9698e5ac91 100644
--- a/website/integrations/services/open-webui/index.md
+++ b/website/integrations/services/open-webui/index.md
@@ -17,7 +17,7 @@ sidebar_label: Open WebUI
The following placeholders are used in this guide:
-- `openwebui.company` is the FQDN of the Service installation.
+- `openwebui.company` is the FQDN of the Open WebUI installation.
- `authentik.company` is the FQDN of the authentik installation.
:::note
From f6763fb4b32ab13a05afba97a6ae77aa2b034780 Mon Sep 17 00:00:00 2001
From: NiceDevil <17103076+nicedevil007@users.noreply.github.com>
Date: Wed, 5 Feb 2025 19:58:50 +0100
Subject: [PATCH 04/10] Add stuff for dominic-r :)
Signed-off-by: NiceDevil <17103076+nicedevil007@users.noreply.github.com>
---
.../integrations/services/open-webui/index.md | 21 ++++++++++++++-----
1 file changed, 16 insertions(+), 5 deletions(-)
diff --git a/website/integrations/services/open-webui/index.md b/website/integrations/services/open-webui/index.md
index ec9698e5ac91..ef315b80bc1a 100644
--- a/website/integrations/services/open-webui/index.md
+++ b/website/integrations/services/open-webui/index.md
@@ -28,21 +28,32 @@ This documentation lists only the settings that you need to change from their de
[Create](https://docs.goauthentik.io/docs/add-secure-apps/applications/manage_apps#add-new-applications) an OAuth2/OpenID provider and an application in authentik using the wizard.
-Provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations. - Note the **Client ID**, **Client Secret**, and **slug** values for later use. - Set the redirect URI to https://openwebui.company/oauth/oidc/callback. - Select any available signing key.
+Provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
+- Note the **Client ID**, **Client Secret**, and **slug** values for later use.
+- Set the redirect URI to https://openwebui.company/oauth/oidc/callback.
+- Select any available signing key.
## Open WebUI configuration
-You need to set the environment variables according to your deployment method—either via Docker or in the .env file.
+You need to set the environment variables according to your deployment method—either.
-Enter the following details from the authentik provider: - Set **OAUTH_CLIENT_ID** to the Client ID copied from authentik. - Set **OAUTH_CLIENT_SECRET** to the Client Secret copied from authentik. - Set **OAUTH_PROVIDER_NAME** to `authentik`. - Set **OPENID_PROVIDER_URL** to https://authentik.company/o/slug/.well-known/openid-configuration.
+Enter the following details from the authentik provider:
+- Set **OAUTH_CLIENT_ID** to the Client ID copied from authentik.
+- Set **OAUTH_CLIENT_SECRET** to the Client Secret copied from authentik.
+- Set **OAUTH_PROVIDER_NAME** to `authentik`.
+- Set **OPENID_PROVIDER_URL** to https://authentik.company/o/slug/.well-known/openid-configuration.
## Configuration verification
- Open your web browser and go to: https://openwebui.company.
+- Make sure you are logged off any previous session.
- Click **Continue with authentik** to log in.
-- You should be redirected to authentik (following the login flow you configured). After logging in, authentik will redirect you back to https://openwebui.company.
+- After logging in, authentik will redirect you back to https://openwebui.company.
- If you successfully return to the Open WebUI, the login is working correctly.
:::note
-Users are automatically created, but an administrator must update their role to at least "User" via the WebGUI.
+Users are automatically created, but an administrator must update their role to at least **User** via the WebGUI.
+To do so, log in as an administrator and access the **Admin Panel** (URL: https://openwebui.company/admin/users).
+Click on the user whose role should be increased from **Pending** to at least **User**.
+More details on how to administer Open WebUI can be found here https://docs.openwebui.com/.
:::
From 206d785de86187ffdc7dba0831c36b639223ddf5 Mon Sep 17 00:00:00 2001
From: NiceDevil <17103076+nicedevil007@users.noreply.github.com>
Date: Wed, 5 Feb 2025 21:03:21 +0100
Subject: [PATCH 05/10] index.md aktualisieren
Co-authored-by: Dominic R
Signed-off-by: NiceDevil <17103076+nicedevil007@users.noreply.github.com>
---
website/integrations/services/open-webui/index.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/website/integrations/services/open-webui/index.md b/website/integrations/services/open-webui/index.md
index ef315b80bc1a..cda74aeeb628 100644
--- a/website/integrations/services/open-webui/index.md
+++ b/website/integrations/services/open-webui/index.md
@@ -45,7 +45,7 @@ Enter the following details from the authentik provider:
## Configuration verification
-- Open your web browser and go to: https://openwebui.company.
+- Open your web browser and go to https://openwebui.company.
- Make sure you are logged off any previous session.
- Click **Continue with authentik** to log in.
- After logging in, authentik will redirect you back to https://openwebui.company.
From 8ebe33a5bbdb1f7d584c73871dbf46415f24e634 Mon Sep 17 00:00:00 2001
From: NiceDevil <17103076+nicedevil007@users.noreply.github.com>
Date: Wed, 5 Feb 2025 21:04:53 +0100
Subject: [PATCH 06/10] index.md aktualisieren
---
website/integrations/services/open-webui/index.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/website/integrations/services/open-webui/index.md b/website/integrations/services/open-webui/index.md
index cda74aeeb628..7b0927691620 100644
--- a/website/integrations/services/open-webui/index.md
+++ b/website/integrations/services/open-webui/index.md
@@ -35,7 +35,7 @@ Provide a name (or accept the auto-provided name), the authorization flow to use
## Open WebUI configuration
-You need to set the environment variables according to your deployment method—either.
+You need to set the environment variables according to your deployment method.
Enter the following details from the authentik provider:
- Set **OAUTH_CLIENT_ID** to the Client ID copied from authentik.
From 1511f023c6255a2d9793ca2b7fdcfe977ee3eae0 Mon Sep 17 00:00:00 2001
From: nicedevil007
Date: Mon, 10 Feb 2025 15:22:42 +0000
Subject: [PATCH 07/10] make website...
---
authentik/lib/sync/outgoing/models.py | 6 +++---
package.json | 20 ++++++++++++++++++-
.../integrations/services/open-webui/index.md | 2 ++
3 files changed, 24 insertions(+), 4 deletions(-)
diff --git a/authentik/lib/sync/outgoing/models.py b/authentik/lib/sync/outgoing/models.py
index 72657c3302ec..e46fb529f7d1 100644
--- a/authentik/lib/sync/outgoing/models.py
+++ b/authentik/lib/sync/outgoing/models.py
@@ -22,9 +22,9 @@ class OutgoingSyncProvider(Model):
class Meta:
abstract = True
- def client_for_model[T: User | Group](
- self, model: type[T]
- ) -> BaseOutgoingSyncClient[T, Any, Any, Self]:
+ def client_for_model[
+ T: User | Group
+ ](self, model: type[T]) -> BaseOutgoingSyncClient[T, Any, Any, Self]:
raise NotImplementedError
def get_object_qs[T: User | Group](self, type: type[T]) -> QuerySet[T]:
diff --git a/package.json b/package.json
index 67762574db20..9d281d9089ee 100644
--- a/package.json
+++ b/package.json
@@ -1,5 +1,23 @@
{
"name": "@goauthentik/authentik",
"version": "2024.12.3",
- "private": true
+ "private": true,
+ "devDependencies": {
+ "@docusaurus/core": "^3.7.0",
+ "@docusaurus/preset-classic": "^3.7.0",
+ "@docusaurus/react-loadable": "^6.0.0",
+ "@docusaurus/theme-mermaid": "^3.7.0",
+ "cross-env": "^7.0.3",
+ "docusaurus-plugin-openapi-docs": "^4.3.3",
+ "docusaurus-plugin-redoc": "^2.2.1",
+ "docusaurus-theme-openapi-docs": "^4.3.3",
+ "prism-react-renderer": "^2.4.1",
+ "react": "^18.3.1",
+ "react-before-after-slider-component": "^1.1.8",
+ "react-dom": "^18.3.1",
+ "react-feather": "^2.0.10",
+ "remark-github": "^12.0.0",
+ "remark-parse": "^11.0.0",
+ "remark-stringify": "^11.0.0"
+ }
}
diff --git a/website/integrations/services/open-webui/index.md b/website/integrations/services/open-webui/index.md
index 7b0927691620..e400213523f4 100644
--- a/website/integrations/services/open-webui/index.md
+++ b/website/integrations/services/open-webui/index.md
@@ -29,6 +29,7 @@ This documentation lists only the settings that you need to change from their de
[Create](https://docs.goauthentik.io/docs/add-secure-apps/applications/manage_apps#add-new-applications) an OAuth2/OpenID provider and an application in authentik using the wizard.
Provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
+
- Note the **Client ID**, **Client Secret**, and **slug** values for later use.
- Set the redirect URI to https://openwebui.company/oauth/oidc/callback.
- Select any available signing key.
@@ -38,6 +39,7 @@ Provide a name (or accept the auto-provided name), the authorization flow to use
You need to set the environment variables according to your deployment method.
Enter the following details from the authentik provider:
+
- Set **OAUTH_CLIENT_ID** to the Client ID copied from authentik.
- Set **OAUTH_CLIENT_SECRET** to the Client Secret copied from authentik.
- Set **OAUTH_PROVIDER_NAME** to `authentik`.
From 9e9725d4e4d6ecf696b4db823ffa8590723ea5c0 Mon Sep 17 00:00:00 2001
From: nicedevil007
Date: Mon, 10 Feb 2025 15:24:04 +0000
Subject: [PATCH 08/10] make website...
---
authentik/lib/sync/outgoing/models.py | 6 +++---
package.json | 20 +-------------------
2 files changed, 4 insertions(+), 22 deletions(-)
diff --git a/authentik/lib/sync/outgoing/models.py b/authentik/lib/sync/outgoing/models.py
index e46fb529f7d1..72657c3302ec 100644
--- a/authentik/lib/sync/outgoing/models.py
+++ b/authentik/lib/sync/outgoing/models.py
@@ -22,9 +22,9 @@ class OutgoingSyncProvider(Model):
class Meta:
abstract = True
- def client_for_model[
- T: User | Group
- ](self, model: type[T]) -> BaseOutgoingSyncClient[T, Any, Any, Self]:
+ def client_for_model[T: User | Group](
+ self, model: type[T]
+ ) -> BaseOutgoingSyncClient[T, Any, Any, Self]:
raise NotImplementedError
def get_object_qs[T: User | Group](self, type: type[T]) -> QuerySet[T]:
diff --git a/package.json b/package.json
index 9d281d9089ee..67762574db20 100644
--- a/package.json
+++ b/package.json
@@ -1,23 +1,5 @@
{
"name": "@goauthentik/authentik",
"version": "2024.12.3",
- "private": true,
- "devDependencies": {
- "@docusaurus/core": "^3.7.0",
- "@docusaurus/preset-classic": "^3.7.0",
- "@docusaurus/react-loadable": "^6.0.0",
- "@docusaurus/theme-mermaid": "^3.7.0",
- "cross-env": "^7.0.3",
- "docusaurus-plugin-openapi-docs": "^4.3.3",
- "docusaurus-plugin-redoc": "^2.2.1",
- "docusaurus-theme-openapi-docs": "^4.3.3",
- "prism-react-renderer": "^2.4.1",
- "react": "^18.3.1",
- "react-before-after-slider-component": "^1.1.8",
- "react-dom": "^18.3.1",
- "react-feather": "^2.0.10",
- "remark-github": "^12.0.0",
- "remark-parse": "^11.0.0",
- "remark-stringify": "^11.0.0"
- }
+ "private": true
}
From 141bf63fb5136b7c55f4836d83bf9c1f4ca5c828 Mon Sep 17 00:00:00 2001
From: nicedevil007
Date: Mon, 10 Feb 2025 15:51:19 +0000
Subject: [PATCH 09/10] changes from comments
---
authentik/lib/sync/outgoing/models.py | 6 +++---
package.json | 20 ++++++++++++++++++-
.../integrations/services/open-webui/index.md | 2 +-
3 files changed, 23 insertions(+), 5 deletions(-)
diff --git a/authentik/lib/sync/outgoing/models.py b/authentik/lib/sync/outgoing/models.py
index 72657c3302ec..e46fb529f7d1 100644
--- a/authentik/lib/sync/outgoing/models.py
+++ b/authentik/lib/sync/outgoing/models.py
@@ -22,9 +22,9 @@ class OutgoingSyncProvider(Model):
class Meta:
abstract = True
- def client_for_model[T: User | Group](
- self, model: type[T]
- ) -> BaseOutgoingSyncClient[T, Any, Any, Self]:
+ def client_for_model[
+ T: User | Group
+ ](self, model: type[T]) -> BaseOutgoingSyncClient[T, Any, Any, Self]:
raise NotImplementedError
def get_object_qs[T: User | Group](self, type: type[T]) -> QuerySet[T]:
diff --git a/package.json b/package.json
index 67762574db20..9d281d9089ee 100644
--- a/package.json
+++ b/package.json
@@ -1,5 +1,23 @@
{
"name": "@goauthentik/authentik",
"version": "2024.12.3",
- "private": true
+ "private": true,
+ "devDependencies": {
+ "@docusaurus/core": "^3.7.0",
+ "@docusaurus/preset-classic": "^3.7.0",
+ "@docusaurus/react-loadable": "^6.0.0",
+ "@docusaurus/theme-mermaid": "^3.7.0",
+ "cross-env": "^7.0.3",
+ "docusaurus-plugin-openapi-docs": "^4.3.3",
+ "docusaurus-plugin-redoc": "^2.2.1",
+ "docusaurus-theme-openapi-docs": "^4.3.3",
+ "prism-react-renderer": "^2.4.1",
+ "react": "^18.3.1",
+ "react-before-after-slider-component": "^1.1.8",
+ "react-dom": "^18.3.1",
+ "react-feather": "^2.0.10",
+ "remark-github": "^12.0.0",
+ "remark-parse": "^11.0.0",
+ "remark-stringify": "^11.0.0"
+ }
}
diff --git a/website/integrations/services/open-webui/index.md b/website/integrations/services/open-webui/index.md
index e400213523f4..b2b7e5ca681f 100644
--- a/website/integrations/services/open-webui/index.md
+++ b/website/integrations/services/open-webui/index.md
@@ -36,7 +36,7 @@ Provide a name (or accept the auto-provided name), the authorization flow to use
## Open WebUI configuration
-You need to set the environment variables according to your deployment method.
+You need to set the environment variables in the appropriate place based on your deployment method—either in the .env file or as Docker environment variables. The values themselves remain the same, only their location differs.
Enter the following details from the authentik provider:
From be98bc61d691691c2161947c930f32a450941054 Mon Sep 17 00:00:00 2001
From: nicedevil007
Date: Mon, 10 Feb 2025 15:52:12 +0000
Subject: [PATCH 10/10] changes from comments
---
authentik/lib/sync/outgoing/models.py | 6 +++---
package.json | 20 +-------------------
2 files changed, 4 insertions(+), 22 deletions(-)
diff --git a/authentik/lib/sync/outgoing/models.py b/authentik/lib/sync/outgoing/models.py
index e46fb529f7d1..72657c3302ec 100644
--- a/authentik/lib/sync/outgoing/models.py
+++ b/authentik/lib/sync/outgoing/models.py
@@ -22,9 +22,9 @@ class OutgoingSyncProvider(Model):
class Meta:
abstract = True
- def client_for_model[
- T: User | Group
- ](self, model: type[T]) -> BaseOutgoingSyncClient[T, Any, Any, Self]:
+ def client_for_model[T: User | Group](
+ self, model: type[T]
+ ) -> BaseOutgoingSyncClient[T, Any, Any, Self]:
raise NotImplementedError
def get_object_qs[T: User | Group](self, type: type[T]) -> QuerySet[T]:
diff --git a/package.json b/package.json
index 9d281d9089ee..67762574db20 100644
--- a/package.json
+++ b/package.json
@@ -1,23 +1,5 @@
{
"name": "@goauthentik/authentik",
"version": "2024.12.3",
- "private": true,
- "devDependencies": {
- "@docusaurus/core": "^3.7.0",
- "@docusaurus/preset-classic": "^3.7.0",
- "@docusaurus/react-loadable": "^6.0.0",
- "@docusaurus/theme-mermaid": "^3.7.0",
- "cross-env": "^7.0.3",
- "docusaurus-plugin-openapi-docs": "^4.3.3",
- "docusaurus-plugin-redoc": "^2.2.1",
- "docusaurus-theme-openapi-docs": "^4.3.3",
- "prism-react-renderer": "^2.4.1",
- "react": "^18.3.1",
- "react-before-after-slider-component": "^1.1.8",
- "react-dom": "^18.3.1",
- "react-feather": "^2.0.10",
- "remark-github": "^12.0.0",
- "remark-parse": "^11.0.0",
- "remark-stringify": "^11.0.0"
- }
+ "private": true
}