Identity
The identity package provides authentication and authorization for all protected services in UIS. It is built on Authentik with the Auth10 extension for automated multi-domain configuration.
Services
| Service | Description | Deploy |
|---|---|---|
| Authentik | Identity provider with SSO, MFA, and proxy auth | ./uis deploy authentik |
Quick Start
./uis deploy postgresql # Required dependency
./uis deploy redis # Required dependency
./uis deploy authentik
How It Works
- Authentik handles all authentication via OAuth2/OIDC, SAML, and proxy auth
- Auth10 automatically generates multi-domain OAuth configurations from templates
- Forward-auth middleware in Traefik checks authentication before allowing access
- Protected services get SSO — users log in once and access everything
Access the admin interface at http://authentik.localhost/if/admin/.
Guides
- Auth10 system design — template-driven authentication configuration
- Developer guide — how to protect new services
- Blueprint syntax — Authentik blueprint reference
- Technical implementation — architecture details
- Test users — default credentials for development