From 7503b32c745beb738d592bfb8251eb9ab35d61ca Mon Sep 17 00:00:00 2001 From: Tealk <12276250+Tealk@users.noreply.github.com> Date: Wed, 22 Feb 2023 17:55:32 +0100 Subject: [PATCH] website/integrations: Zammad instructions (#4644) * add zammad Signed-off-by: Tealk * some improvements Signed-off-by: Tealk * add navi-item Signed-off-by: Tealk * fix mappings Signed-off-by: Tealk * typo Signed-off-by: Tealk * personalized link removed Signed-off-by: Tealk * replace inventory placeholder & fix SAML Signed-off-by: Tealk * Replace placeholder Signed-off-by: Tealk * text improvement Signed-off-by: Tealk --------- Signed-off-by: Tealk --- website/integrations/services/zammad/index.md | 75 +++++++++++++++++++ website/sidebarsIntegrations.js | 1 + 2 files changed, 76 insertions(+) create mode 100644 website/integrations/services/zammad/index.md diff --git a/website/integrations/services/zammad/index.md b/website/integrations/services/zammad/index.md new file mode 100644 index 000000000..d2e772678 --- /dev/null +++ b/website/integrations/services/zammad/index.md @@ -0,0 +1,75 @@ +--- +title: Zammad +--- + +Support level: Community + +## What is Zammad + +From https://zammad.org/ +:::note +Zammad is a web-based, open source user support/ticketing solution. +Download and install it on your own servers. For free. +::: + +## Preparation + +The following placeholders will be used: + +- `zammad.company` is the FQDN of the zammad install. +- `authentik.company` is the FQDN of the authentik install. + +## authentik Configuration + +### Step 1 - Property Mappings + +Create two Mappings (under _Customisation/Property Mappings_) with these settings: + +#### name mapping + +- Name: Zammad SAML Mapping: name +- SAML Attribute Name: name +- Friendly Name: none +- Expression: `return request.user.name` + +#### email mapping + +- Name: Zammad SAML Mapping: email +- SAML Attribute Name: email +- Friendly Name: none +- Expression: `return request.user.email` + +### Step 2 - SAML Provider + +In authentik, create a SAML Provider (under _Applications/Providers_) with these settings : + +- Name : zammad +- ACS URL: `https://zammad.company/auth/saml/callback` +- Issuer: `https://zammad.company/auth/saml/metadata` +- Service Provider Binding: Post +- Audience: https://zammad.company/auth/saml/metadata +- Property mappings: Zammad SAML Mapping: name & Zammad SAML Mapping: email +- NameID Property Mapping: Zammad SAML Mapping: name + +### Step 3 - Application + +In authentik, create an application (under _Resources/Applications_) with these settings : + +- Name: Zammad +- Slug: zammad +- Provider: zammad + +## zammad Setup + +Configure Zammad SAML settings by going to settings (the gear icon), and selecting `Security -> Third-party Applications` and activiate `Authentication via SAML` and change the following fields: + +- Display name: authentik +- IDP SSO target URL: https://authentik.company/application/saml/ticketsystem-seatable/sso/binding/init/ +- IDP certificate: ----BEGIN CERTIFICATE---- … +- IDP certificate fingerprint: empty +- Name Identifier Format: empty + +## Additional Resources + +- https://admin-docs.zammad.org/en/latest/settings/security/third-party/saml.html +- https://community.zammad.org/t/saml-authentication-with-authentik-saml-login-url-and-auto-assign-permission/10876/3 diff --git a/website/sidebarsIntegrations.js b/website/sidebarsIntegrations.js index ed3c03d8a..1b4bc91a4 100644 --- a/website/sidebarsIntegrations.js +++ b/website/sidebarsIntegrations.js @@ -74,6 +74,7 @@ module.exports = { "services/sssd/index", "services/truecommand/index", "services/veeam-enterprise-manager/index", + "services/zammad/index", ], }, {