t.behrendt/authentik-kubernetes-operator
1
0
Fork 0
Code Issues 3 Pull Requests 4 Actions Packages Activity
Files
cc32a0124658173a68b69c41f0165d4c08a66c20
authentik-kubernetes-operator/README.md
T
t.behrendt 9b0d6a3279 change v1 to v1alpha1
2026-05-16 19:49:27 +02:00

1.9 KiB
Raw Blame History

authentik-kubernetes-operator

Authentik Kubernetes Operator allows to manage Authentik resources directly in Kubernetes using Custom Kubernetes Resources.

The custom resources of this operator ultimately will mirror the Authentik resources. New resources will be added as there is a need for them.

Manual changes to the resources in Authentik will be overwritten by the operator. So always manage the resources in Kubernetes.

Custom Resources

Custom Resource CRD File Short Name
ProxyProvider proxyProvider.yaml pp

ProxyProvider

Currently only the "Forward Single" ProxyProvider is supported and only a reduced set of fields are exposed by the custom resources.

Example proxyProvider.yaml:

apiVersion: proxyprovider.t000-n.de/v1alpha1
kind: ProxyProvider
metadata:
  name: proxy-provider-example
  namespace: kube-system
spec:
  name: proxy-provider-example
  # The ID of the authorization flow. In this example: "default-provider-authorization-implicit-consent (Authorize Application)"
  authorization_flow: 16896c6d-b326-42d1-8d3f-93f32921962e
  # The ID of the invalidation flow. In this example: "default-provider-invalidation-flow (Logged out of application)"
  invalidation_flow: 7acac1ef-19e3-4a6f-8d8d-14ca7031d184
  # The external host of your application.
  external_host: https://example.t00n.de

The ProxyProvider will be created in Authentik, but will not be assigned to an outpost or an application (Resources are TBD).

Versioning

As soon as the operator covers an entire use case, the version will be raised to v1 and follow default versioning rules. Before that, the version will be v1alpha1.

Reference in New Issue View Git Blame Copy Permalink