UltiSuite/ultisuite-backend
UltiSuite/ultisuite-backend
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
bda75aeb0d
ultisuite-backend/deploy/authentik/blueprints/04-ulti-post-migration-security.yaml
R3D347HR4Y 7143a36c19
Some checks are pending
CI / Go tests (push) Waiting to run
Details
CI / Integration tests (push) Waiting to run
Details
CI / DB migrations (push) Waiting to run
Details
feat(mail): integrate Stalwart hosted mail and migration features 
- Added configuration options for Stalwart hosted mail in .env.example.
- Updated Docker Compose to include Stalwart service with health checks.
- Introduced new API endpoints for managing mail domains and migration projects.
- Enhanced Authentik blueprints for user enrollment and post-migration security.
- Updated OAuth handling for Google and Microsoft migration processes.
- Improved error handling and response structures in the mail API.
- Added integration tests for email claiming and migration workflows.
2026-06-13 12:47:08 +02:00

83 lines
2.4 KiB
YAML
Raw Blame History

# Post-migration — encourage WebAuthn / TOTP before disabling legacy IdP
version: 1
metadata:
name: Ulti post-migration security
labels:
blueprints.goauthentik.io/instantiate: "true"
entries:
- model: authentik_flows.flow
id: ulti-post-migration-flow
identifiers:
slug: ulti-post-migration-security
attrs:
name: UltiSuite — Sécuriser votre compte
title: Sécuriser votre compte UltiSuite
designation: stage_configuration
authentication: require_authenticated
- model: authentik_stages_prompt.prompt
id: ulti-post-mig-info
identifiers:
name: ulti-post-migration-info
attrs:
field_key: info
label: Information
type: static
required: false
initial_value: >
Votre migration est en cours ou terminée. Enregistrez une clé de sécurité (WebAuthn)
ou une application TOTP pour vous connecter sans dépendre de Google Workspace ou Microsoft 365.
initial_value_expression: false
placeholder_expression: false
order: 0
- model: authentik_stages_prompt.promptstage
id: ulti-post-mig-prompt
identifiers:
name: ulti-post-migration-prompt
attrs:
fields:
- !KeyOf ulti-post-mig-info
- model: authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
id: ulti-post-mig-webauthn
identifiers:
name: ulti-post-migration-webauthn
attrs:
user_verification: preferred
device_type_restrictions: no_restrictions
- model: authentik_stages_authenticator_totp.authenticatortotpstage
id: ulti-post-mig-totp
identifiers:
name: ulti-post-migration-totp
- model: authentik_stages_user_login.userloginstage
id: ulti-post-mig-done
identifiers:
name: ulti-post-migration-done
- model: authentik_flows.flowstagebinding
identifiers:
target: !KeyOf ulti-post-migration-flow
stage: !KeyOf ulti-post-mig-prompt
order: 10
- model: authentik_flows.flowstagebinding
identifiers:
target: !KeyOf ulti-post-migration-flow
stage: !KeyOf ulti-post-mig-webauthn
order: 20
- model: authentik_flows.flowstagebinding
identifiers:
target: !KeyOf ulti-post-migration-flow
stage: !KeyOf ulti-post-mig-totp
order: 30
- model: authentik_flows.flowstagebinding
identifiers:
target: !KeyOf ulti-post-migration-flow
stage: !KeyOf ulti-post-mig-done
order: 100
Reference in New Issue View Git Blame Copy Permalink