You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am currently testing Authentik on my server and I really like it!
Big props to all the team !
I have been doing a bit of testing and there is some fundamental logic that I seem to miss.
Here is my case:
I followed the instructions at the bottom of this page https://docs.goauthentik.io/integrations/sources/google/ to do the username mapping and it works like a charm but, I am wondering what is going on when they are multiple policies conditioning a stage.
I have here two policies with orders 0 and 1.
Here is the corresponding diagram:
I was expecting a "first matched" policy system, especially because I have selected "any" for the policy matching option in the stage binding, which I understand as: if the first policy doesn't match the second is tried, then the third, and so on.
But, in the diagram my policies appear on the same "level" (or hight) which I found confusing.
I don't really understand why that is and why they are both connected to the flow start.
My tests seam to show that, because default-source-enrollment-if-username is "order 1", it appears to be never evaluated.
In the diagram we can see that non of the outputs of dz-google-sso-username-mapping-policy are going back to default-source-enrollment-if-username. Is their even a scenario where default-source-enrollment-if-username is evaluated ?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello,
I am currently testing Authentik on my server and I really like it!
Big props to all the team !
I have been doing a bit of testing and there is some fundamental logic that I seem to miss.
Here is my case:
I followed the instructions at the bottom of this page https://docs.goauthentik.io/integrations/sources/google/ to do the username mapping and it works like a charm but, I am wondering what is going on when they are multiple policies conditioning a stage.
I have here two policies with orders 0 and 1.
Here is the corresponding diagram:
I was expecting a "first matched" policy system, especially because I have selected "any" for the policy matching option in the stage binding, which I understand as: if the first policy doesn't match the second is tried, then the third, and so on.
But, in the diagram my policies appear on the same "level" (or hight) which I found confusing.
I don't really understand why that is and why they are both connected to the flow start.
My tests seam to show that, because default-source-enrollment-if-username is "order 1", it appears to be never evaluated.
In the diagram we can see that non of the outputs of dz-google-sso-username-mapping-policy are going back to default-source-enrollment-if-username. Is their even a scenario where default-source-enrollment-if-username is evaluated ?
Thank you in advance for those clarifications.
Beta Was this translation helpful? Give feedback.
All reactions