authentik icon indicating copy to clipboard operation
authentik copied to clipboard
verified publisher icon goauthentik

How to enroll OAuth (Discord) user logins to an Application?

Open LeehamElectronics opened this issue 3 years ago • 0 comments

Question: Hi, I'm trying to set up Authentic with an OAuth2 login with Discord. I have managed to setup Authentic with Nginx Proxy Manager which works well with a basic username and password. I also set up Discord as an OAuth login using the guide here: https://goauthentik.io/integrations/sources/discord/

The Discord OAuth also works fine (no errors when logging in). However, people who log in with Discord are just redirected back to Authentik instead of being taken to the web service Application, which does make sense as their Discord user account has not been enrolled(?) in Authentik as of yet (I think that's the terminology, I'm pretty new to Authentik)

My question is, how do you enrol a user that has logged in with Discord (or any social OAuth) to give them access to an Application? I have looked through the Authentik web panel and can't figure it out. I also tried logging in with a test Discord account. I can't see the Discord account email address or any new accounts showing up under the Users tab in Authentik, so I'm guessing that I need to enable some way of registering users that log in with OAuth, but I can't see anything on the wiki about that.

Screenshot: When logging in with Discord I get redirected back the Authentik page auth.mypublicdomain.com instead of service.mypublicdomain.com, however using the normal username and password works just fine. image

Relevant infos Docker-compose install of Authentik on an Ubuntu headless VM in ESXi. Using Nginx Proxy Manager.

Sidenote: And as a side note, would it be possible to automatically allow Discord logins to have access to a webpage but only if the Discord account in question is in a specified guild or has a specified role within that guild? That would be amazing if it's possible.

Conclusion: I believe the terminology I'm looking for is OAuth user enrollment, but I could be wrong. Whether it's automatic enrollment or not I don't really mind, I just need some way for it to work with Discord users. Thanks in advance for any tips you have.

LeehamElectronics avatar Sep 17 '22 08:09 LeehamElectronics