The self-hosted identity provider — see Services / Authentik
for the runtime stack, or read on for the configuration.
| Property | Value |
|---|---|
| URL | https://auth.blackreset.com |
| Host | VM-RZ-SVC-PROD-01 (migriert 2026-05-01) |
| Version | 2025.8.4 |
| DB | dedicated Postgres auf vm-rz-db-01 (DB authentik) (PG 16) — separate from postgres_production |
The OAuth scope mapping OAuth Mapping: groups (per-app group names) emits
a groups claim containing all Authentik group names the user is in
(no app-prefix). Apps that map external groups to internal roles match by
exact name.
return {"groups": [g.name for g in user.ak_groups.all()]}
| App | Provider | Client type | Detail |
|---|---|---|---|
| Wiki.js | prov-wiki | confidential | Authentik / Wiki |
| (others — TBD enumerated) |
Provider-Liste seit 2026-05-02 erweitert um: pgadmin, databasement, organization-prod, harbor, ipupdater, homepage, uptime-kuma, cups. Vollständige Liste in den jeweiligen Subseiten unter /access/authentik/* und im Authentik-Admin.