github-starred/pangolin
2
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-05-12 00:41:24 -05:00
Code Issues 564 Packages Projects Releases 72 Wiki Activity

[GH-ISSUE #730] Cant add users from authentik to any organisation #1597

New Issue
Closed
opened 2026-04-16 08:17:44 -05:00 by GiteaMirror · 3 comments
GiteaMirror commented 2026-04-16 08:17:44 -05:00
Owner
Copy Link

Originally created by @ermeneuei on GitHub (May 15, 2025).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/730

Hello,

I have set up authentik as my identity provider, with auto provision, and set the default policy to the organisation name I set up with the admin account and default role as "Member".

I can connect with Authentik with a user account, however it always go the new organisation page and the user do not belong to any organisation. The user appears in the user root profile. I tried to add it in the organisation user with the same username but to no avail.

I have pangolin 1.4.0.

How can I fix this issue ?

Thank you

Originally created by @ermeneuei on GitHub (May 15, 2025). Original GitHub issue: https://github.com/fosrl/pangolin/issues/730 Hello, I have set up authentik as my identity provider, with auto provision, and set the default policy to the organisation name I set up with the admin account and default role as "Member". I can connect with Authentik with a user account, however it always go the new organisation page and the user do not belong to any organisation. The user appears in the user root profile. I tried to add it in the organisation user with the same username but to no avail. I have pangolin 1.4.0. How can I fix this issue ? Thank you
GiteaMirror commented 2026-04-16 08:17:46 -05:00
Author
Owner
Copy Link

@felixmertins commented on GitHub (May 15, 2025):

Be careful, in this setup we are using Authentik groups not roles, since roles are not included in the userinfo.

Have you added an organization policy to your IdP?

  1. Go to Identity Providers and edit your IdP

  2. Go to organization policies and create a new one.

  3. Select your Organization.

Role Mapping Path (Optional) -> this assigns a role to someone and "adds" them to an organization

contains(groups, 'authentik Admins') && 'Admin' || 'Member'

This would assign all users with the authentik Admins Group the Admin role and everyone else the Member role

Organization Mapping Path (Optional) -> This defines whether or not an organization is "a match" with a user

contains(groups, 'Member')

This would match with all users that have the Member Group

If you combine these two options, all users with the Member Group in authentik will be added to the organization and if they additionally have the authentik Admins Group, they will be added to the Admin Group in Pangolin.

<!-- gh-comment-id:2884616382 --> @felixmertins commented on GitHub (May 15, 2025): **Be careful, in this setup we are using Authentik groups not roles, since roles are not included in the userinfo.** Have you added an organization policy to your IdP? 1. Go to Identity Providers and edit your IdP 2. Go to organization policies and create a new one. 3. Select your Organization. Role Mapping Path (Optional) -> this assigns a role to someone and "adds" them to an organization `contains(groups, 'authentik Admins') && 'Admin' || 'Member'` This would assign all users with the authentik Admins Group the Admin role and everyone else the Member role Organization Mapping Path (Optional) -> This defines whether or not an organization is "a match" with a user `contains(groups, 'Member')` This would match with all users that have the Member Group If you combine these two options, all users with the Member Group in authentik will be added to the organization and if they additionally have the authentik Admins Group, they will be added to the Admin Group in Pangolin.
GiteaMirror commented 2026-04-16 08:17:47 -05:00
Author
Owner
Copy Link

@jakesie1309 commented on GitHub (May 15, 2025):

reload and working ,we can close this one

<!-- gh-comment-id:2884755794 --> @jakesie1309 commented on GitHub (May 15, 2025): reload and working ,we can close this one
GiteaMirror commented 2026-04-16 08:17:48 -05:00
Author
Owner
Copy Link

@ermeneuei commented on GitHub (May 15, 2025):

I works thank you !!

<!-- gh-comment-id:2884923004 --> @ermeneuei commented on GitHub (May 15, 2025): I works thank you !!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
api
authentication
bug
config
dependencies
docker
documentation
enhancement
good first issue
help wanted
Improvement
Look Into
needs investigating
networking
new feature
non-critical bug
potential bug
pull-request
Mirrored from GitHub Pull Request
 question
reverse proxy
Security
stale
ui
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/pangolin#1597
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?