viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

matrix/authentik: remove orphaned Matrix OAuth2 app + provider (post-tuwunel)

Browse source 
The migration left a UI-managed (not TF) Authentik OIDC app orphaned — tuwunel
uses native password auth, so nothing consumed it. Deleted application `matrix`
+ OAuth2 provider pk=6 via the Authentik API (user-confirmed). Drop the stale
Matrix rows from the SSO reference tables and update the plan's residual list.

Doc-only [ci skip].

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Viktor Barzin 2026-06-08 12:32:49 +00:00
parent 23602f393e
commit 3d6c5b8bc7
3 changed files with 4 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/architecture/authentication.md
View file

@ -102,7 +102,6 @@ Authentik provides OIDC for 10 applications:
| Kubernetes | OIDC (public client) | K8s API authentication (kubectl / kubelogin CLI) |
| Kubernetes Dashboard | OIDC (confidential) | Built for dashboard SSO — currently **idle** (apiserver OIDC blocked; dashboard uses forward-auth + token-paste) |
| Linkwarden | OIDC | Bookmark manager SSO |
| Matrix | OIDC | ⚠️ Legacy/orphaned — Synapse→tuwunel migration 2026-06-08; tuwunel uses native password auth, OIDC SSO not wired |
| Wrongmove | OIDC | Real estate app SSO |
### Kubernetes API authentication (OIDC) — CURRENTLY NON-FUNCTIONAL