Configure the Authentik provider and application

Log in to the Authentik Admin console

1. Open your Authentik admin panel

Example: https://your-authentik-domain:8443

2. Log in using an administrator account.

1. In the Authentik admin panel, navigate to Applications → Providers

2. Select Create

3. Select OAuth2 / OpenID Provider

4. Press Next and enter the following configuration:

Basic Configuration

Protocol settings

Client Type: Confidential
Client ID: Use the generated value
Client Secret: Use the generated value
Redirect URIs
- Add the Ocean Market callback URL: https://market.example.com/auth/callback
- Use Strict Matching

Signing Key: select the key associated with the qualified certificate configured in Authentik

Advanced flow settings

Advanced protocol settings

Scopes: add the following to Selected Scopes
- openid
- profile
- email
- offline_access

These scopes allow OE Marketplace to retrieve user identity information

5. Click Finish to save the provider

1. Navigate to Applications->Applications

2. Click Create and enter the following information:

3. Click Create

1. Click the created provider

2. Copy the following values

Client ID
Client Secret (displayed only in Edit mode)
OpenID Configuration Issuer (example: https://ocean-node-vm2.oceanenterprise.io:8443/application/o/ocean-market/)
OpenID Token URL (example: https://ocean-node-vm2.oceanenterprise.io:8443/application/o/token/)

These values are required in the Ocean Market environment configuration.

1. Open the provider discovery endpoint (https://your-authentik-domain:8443/application/o/ocean-market/.well-known/openid-configuration)

2. If configured correctly, Authentik returns the OIDC metadata as JSON. This confirms that the provider is correctly configured.

Last updated 22 days ago