Explore documentation
  1. Welcome to Uptime 👋
  2. Frequently Asked Questions
  3. Monitoring
    1. Get started with monitoring
    2. Working with monitors
    3. Customizing monitors
    4. Monitor types
  4. On-call scheduling and alerting
    1. Get started with on-call
    2. Sending alerts to Slack ↗
    3. Connecting external calendars
    4. Advanced on-call setup
  5. Incidents
    1. Working with incidents
    2. Create incidents manually
    3. Post mortems
    4. Incident silencing
    5. Incident metadata
  6. Status pages
    1. Get started with status pages
    2. Working with status pages
  7. Integrations
    1. Integrating with Better Stack
      1. Slack
      2. Microsoft Teams
      3. iOS & Android mobile apps
      4. iOS & Android phone call alerts
      5. On-call routing number
      6. Datadog
      7. New Relic
      8. Prometheus
      9. Zabbix
      10. AWS CloudWatch
      11. Google Cloud
      12. Webhooks
      13. Okta SSO
      14. Azure SSO
      15. Jira
      16. Zapier
      17. Terraform
  8. Team and account management
    1. Team management
    2. Account settings
    3. Audit logs
    4. Migrating to pay as you go
  9. API
    1. Get started with API
  10. Monitors API
    1. Monitors
    2. Monitor groups
    3. Heartbeats
    4. Heartbeat groups
  11. On-call & Incidents API
    1. On-call calendar
    2. On-call calendar events
    3. Escalation policies
    4. Escalation policy groups
    5. Severities
    6. Severity groups
    7. Incidents
    8. Comments
  12. Integrations API
    1. New Relic Integrations
    2. Datadog Integrations
    3. AWS CloudWatch Integrations
    4. Azure Integrations
    5. Google Monitoring Integrations
    6. Grafana Integrations
    7. Prometheus Integrations
    8. Email integrations
    9. Incoming webhooks
    10. Slack Integrations
    11. Outgoing Webhook integrations
    12. Splunk On-Call integrations
    13. PagerDuty Integrations
  13. Status pages API
    1. Status pages
    2. Status page sections
    3. Status page resources
    4. Status page reports
    5. Status page report updates
  14. Other API
    1. Metadata

Authentik SSO

In this guide, you're going to learn how to connect your Authentik app with Better Stack to enable single sign-on (SSO) for you and your colleagues.

SSO set-up walkthrough

  1. Start the SSO set-up by going to Single Sign-On configuration. Note that only organization admins have access to these settings.

  2. On this page click Connect on Generic SAML SSO panel.

  3. Select Authentik from the list of supported providers.

  4. Take note of the value in the Entity ID field, we're going to need this in a second.

We're going to switch to the Authentik administration now.

  1. Sign in to your Authentik administration.

  2. In left menu select Customization -> Property Mappings.

  3. Click Create, select SAML Property Mapping and fill in these values:

    • Name: email
    • SAML Attribute Name: email
    • Expression: return request.user.email and click Finish.

  4. In left menu select Applications -> Providers.

  5. Click Create, select SAML Provider and fill in this data:

    • Name: Entity ID from configuration page in Better Stack
    • Authentication flow: select the first one (default-authentication-flow)
    • Authorization flow: select the first one (default-provider-authorization-explicit-consent)
    • ACS URL: ACS URL from configuration page in Better Stack
    • Issuer: betterstack
    • Service Provider Binding: Redirect
    • Open Advanced protocol settings
    • For Signing Certificate select authentik Self-signed Certificate
    • In Property mappings select the newly created email mapping

  6. Click Finish

  7. In left menu select Applications -> Applications.

  8. Click Create and fill in this data:

    • Name: Better Stack
    • Slug: better-stack
    • Provider: select the newly created provider

  9. Click Create

  10. In left menu go to Applications -> Providers and click on newly created provider.

  11. Copy SSO URL (Redirect) and paste it to Identity Provider Single Sign-On URL field in Better Stack configuration.

  12. At the top of the page switch to Metadata tab,

  13. Copy the content of <ds:X509Certificate> element and paste it to X.509 Certificate field in Better Stack configuration.

  14. Click on Connect in Better Stack configuration - you will be redirected to the Authentik Sign on page. Sign in with the account you assigned to the Better Stack application, please.

Tada! Your Authentik Single Sign-On is now configured.