website/integrations: Open WebUI

[nicedevil007]

Details

And another one from me :) Hope this fits best from all my PRs now :)

Checklist

• Local tests pass (ak test authentik/)
• The code has been formatted (make lint-fix)

If an API change has been made

• The API schema has been updated (make gen-build)

If changes to the frontend have been made

• The code has been formatted (make web)

If applicable

• The documentation has been updated
• The documentation has been formatted (make website)

[netlify]

✅ Deploy Preview for authentik-storybook canceled.

Name	Link
🔨 Latest commit	be98bc6
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-storybook/deploys/67aa20bbaa5c3e000846b9e4

[netlify]

✅ Deploy Preview for authentik-docs ready!

Name	Link
🔨 Latest commit	be98bc6
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-docs/deploys/67aa20bb3b48c60008bf6200
😎 Deploy Preview	https://deploy-preview-12939--authentik-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 92.69%. Comparing base (e2d6d38) to head (be98bc6).
Report is 39 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #12939      +/-   ##
==========================================
+ Coverage   92.66%   92.69%   +0.02%     
==========================================
  Files         770      785      +15     
  Lines       38945    39580     +635     
==========================================
+ Hits        36090    36689     +599     
- Misses       2855     2891      +36     

Flag	Coverage Δ
e2e	48.42% <ø> (-0.05%)	⬇️
integration	24.54% <ø> (-0.06%)	⬇️
unit	90.43% <ø> (+0.06%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[dominic-r]

Hi @nicedevil007 , thank you for yet another another another contribution recently! Here are a few things I noticed that would make this doc page better. Please do let me know if you have any questions!

[tanberry]

Thanks @nicedevil007 for this PR! Can you rerun the make website for linting, please; that check is failing, which causes the second one (the mark) to also fail. Thans!

[nicedevil007]

Thanks @nicedevil007 for this PR! Can you rerun the make website for linting, please; that check is failing, which causes the second one (the mark) to also fail. Thans!

Oh sry missed this. Will do later, maybe 4-5hours when I'm back home :)

[nicedevil007]

hope now it is correct :)

[tanberry]

Looks great to me, thanks again @nicedevil007! @dominic-r did you have any outstanding edits you saw?

[dominic-r]

Hmmm nope Tana. looks good here

[dominic-r]

Thanks again nicedevil

[rissson]

From the docs, this can be managed by providing a custom claim with proper roles. It would be a better user experience to indicate that in the docs instead of manually requiring the admin to change the role every time a user is created.

[nicedevil007]

Heya, this is absolutely true but I thought the aim of the docs on authentik should only get anyone to the point to be able to login and any additional configuration should be done by yourself. Otherwise we have to do an analysis for each service provider and write the same docs here as it is pointed out in each of the service providers' documentation.

I mean I can do it but I guess this going against the note that is in each guide right now. (Guide includes only settings that should be changed from default values....)

@tanberry @dominic-r should I do it or leave this version as it is right now?

[rissson]

There are a bunch of places where we do provide that information, for instance the Grafana docs. IMO this should've made it in. At the very least, there should've been a pointer to that specific version in the upstream docs. If you're up for it, I'd love a follow up PRs with instructions for this

[tanberry]

Yes, while true that we can try to keep these integration instructions as generic as possible (to your point @nicedevil007 ), it's more important to provide docs that follow "best practices"... so if a best practice is to use a custom claim with proper roles, we should document that. At very least, mention it.

Would this work:

Users are automatically created, but an administrator must update their role to at least **User** via the WebGUI. Alternatively, you can use [OAuth role management](https://docs.openwebui.com/features/sso/#oauth-role-management) to configure the provider to return roles in the access token.

Apologies I merged this without seeing your comment @rissson.