> For the complete documentation index, see [llms.txt](https://docs.oceanenterprise.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.oceanenterprise.io/infrastructure/marketplace-installation-and-configuration/configure-market-level-authentication/configure-the-authentik-provider-and-application.md). # Configure the Authentik provider and application ## Log in to the Authentik Admin console 1\. Open your Authentik admin panel Example: `https://your-authentik-domain:8443` 2\. Log in using an administrator account.

## Create an OAuth2 / OIDC provider 1\. In the Authentik admin panel, navigate to `Applications → Providers`

2\. Select `Create`

3\. Select `OAuth2 / OpenID Provider`

## Configure the provider 4\. Press Next and enter the following configuration: **Basic Configuration** * Name: `ocean-market-provider` * Authorization Flow: `default-provider-authorization-implicit-consent`

*** **Protocol settings** * Client Type: `Confidential` * Client ID: Use the generated value * Client Secret: Use the generated value * Redirect URIs * Add the Ocean Market callback URL: `https://market.example.com/auth/callback` * Use `Strict Matching`

* Signing Key: select the key associated with the qualified certificate configured in Authentik

*** **Advanced flow settings** * Authentication flow: `default-authentication-flow` * Invalidation flow: use the default setting

*** **Advanced protocol settings** * Scopes: add the following to Selected Scopes * openid * profile * email * offline\_access These scopes allow OE Marketplace to retrieve user identity information *** 5\. Click Finish to save the provider *** ## Create the Ocean Market Application 1\. Navigate to `Applications->Applications`

2\. Click Create and enter the following information: * Application Name: `Ocean Market` * Slug:`ocean-market` * Provider: `ocean-market-provider`

3\. Click Create *** ## Retrieve OIDC Credentials 1\. Click the created provider 2\. Copy the following values * Client ID * Client Secret (displayed only in Edit mode) * OpenID Configuration Issuer (example: `https://ocean-node-vm2.oceanenterprise.io:8443/application/o/ocean-market/`) * OpenID Token URL (example: `https://ocean-node-vm2.oceanenterprise.io:8443/application/o/token/`) These values are required in the Ocean Market environment configuration. *** ## Verify the OIDC Configuration 1\. Open the provider discovery endpoint (`https://your-authentik-domain:8443/application/o/ocean-market/.well-known/openid-configuration`) 2\. If configured correctly, Authentik returns the OIDC metadata as JSON. This confirms that the provider is correctly configured. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.oceanenterprise.io/infrastructure/marketplace-installation-and-configuration/configure-market-level-authentication/configure-the-authentik-provider-and-application.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.