Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Postiz
  3. SSO for Postiz

SSO for Postiz

Scheduled Pinned Locked Moved Unsolved Postiz
3 Posts 3 Posters 179 Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • andreasduerenA Offline
    andreasduerenA Offline
    andreasdueren
    wrote last edited by
    #1

    Postiz supports SSO. Could we have these .env be autoconfigured via Cloudron?

    NEXT_PUBLIC_POSTIZ_OAUTH_DISPLAY_NAME="Authentik"
NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL="https://raw.githubusercontent.com/walkxcode/dashboard-icons/master/png/authentik.png"
POSTIZ_GENERIC_OAUTH="false"
POSTIZ_OAUTH_URL="https://auth.example.com"
POSTIZ_OAUTH_AUTH_URL="https://auth.example.com/application/o/authorize"
POSTIZ_OAUTH_TOKEN_URL="https://auth.example.com/application/o/token"
POSTIZ_OAUTH_USERINFO_URL="https://authentik.example.com/application/o/userinfo"
POSTIZ_OAUTH_CLIENT_ID=""
POSTIZ_OAUTH_CLIENT_SECRET=""
# POSTIZ_OAUTH_SCOPE="openid profile email" # default values
    1 Reply Last reply
    3
    • nebulonN Offline
      nebulonN Offline
      nebulon
      Staff
      wrote last edited by
      #2

      we created an internal task for this and there is a starting branch for it at https://git.cloudron.io/packages/postiz-app/-/tree/sso?ref_type=heads

      1 Reply Last reply
      4
      • nebulonN nebulon marked this topic as a question
      • girishG Do not disturb
        girishG Do not disturb
        girish
        Staff
        wrote last edited by
        #3

        @andreasdueren I published this one but it has a bunch of issues from some testing.

        • Each SSO user is 'independent'. They can all separately invite users.
        • If registration is enabled, the app becomes open for all
        • If registration is disabled, invited users cannot login 😕 For this reason, even in SSO mode , it is still left open
        • Even if registration is disabled, one user can be registered initially. This is probably a feature.

        I guess we should report this upstream , if we collect the issues

        1 Reply Last reply
        4
        Reply
        • Reply as topic
        Log in to reply
        • Oldest to Newest
        • Newest to Oldest
        • Most Votes

        • Login
        • Don't have an account? Register
        • Login or register to search.
        • First post
          Last post
        0
        • Categories
        • Recent
        • Tags
        • Popular
        • Bookmarks
        • Search