Hello everyone,
I have a Traefik installation and I wish to increase the security of my setup.
I plan to deploy a crowdsec bouncer, but I also have stumbled upon Authentik and Authelia, and I am not sure I totally understand their purpose.
From what I understand, those services would allow to only allow Traefik to redirect the user to the appropriate service if correctly authenticated, is that correct?
Also, using either Authentik or Authelia, user can use SSO to register/login ? How can I control who can register?
Finally, assuming my understanding of those services is correct, I suspect that using a web browser to access the services, the login UI will be prompted, but what if I use a mobile application? For instance I use immich to backup my pictures, so in the immich mobile app server settings I have : immich.mydomain.com, how would that works out if I use either Authentik or Authelia?
I thank you in advance for your answers.
FYI that at least in Authentik you can avoid the second login. Check the instructions they have on setting up Sonarr for more details, but you can save the app credentials in Authentik, then if your identity is authorized for access Authentik will automatically attach the credentials for the app: https://goauthentik.io/integrations/services/sonarr/
Works for anything that has http basic auth
Nice thanks!