SSO
authentik SSO
Use this guide when your organization signs in with authentik. Lettermint connects to an authentik OAuth2/OIDC provider.
Before you start
You need administrator access to authentik. Create an application and OAuth2/OIDC provider pair, then register the Lettermint OIDC callback URL from the SSO guide in the provider redirect URI configuration.
authentik setup
- In the authentik Admin interface, go to Applications > Applications.
- Choose Create with provider.
- Create the application, then select OAuth2/OIDC as the provider type.
- Add the Lettermint OIDC callback URL from the SSO guide to the provider redirect URI list.
- Use the authorization code flow.
- Copy the client ID and client secret.
- Note the application slug for the discovery URL.
Lettermint setup
In the Lettermint SSO setup screen, choose authentik and enter:
| Field | Value |
|---|---|
| Domain | Your managed email domain, for example example.com. |
| Metadata URL | https://{instance}/application/o/{slug}/.well-known/openid-configuration |
| Client ID | The authentik client ID. |
| Client secret | The authentik client secret. |
Replace {instance} with your authentik hostname and {slug} with the application slug.
References
Last modified on