website/integrations: Zammad instructions (#4644)

* add zammad

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* some improvements

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* add navi-item

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* fix mappings

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* typo

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* personalized link removed

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace inventory placeholder & fix SAML

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* Replace placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* text improvement

Signed-off-by: Tealk <tealk@rollenspiel.monster>

---------

Signed-off-by: Tealk <tealk@rollenspiel.monster>
This commit is contained in:
Tealk 2023-02-22 17:55:32 +01:00 committed by GitHub
parent 383b6a38ba
commit 7503b32c74
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 76 additions and 0 deletions

View File

@ -0,0 +1,75 @@
---
title: Zammad
---
<span class="badge badge--secondary">Support level: Community</span>
## What is Zammad
From https://zammad.org/
:::note
Zammad is a web-based, open source user support/ticketing solution.
Download and install it on your own servers. For free.
:::
## Preparation
The following placeholders will be used:
- `zammad.company` is the FQDN of the zammad install.
- `authentik.company` is the FQDN of the authentik install.
## authentik Configuration
### Step 1 - Property Mappings
Create two Mappings (under _Customisation/Property Mappings_) with these settings:
#### name mapping
- Name: Zammad SAML Mapping: name
- SAML Attribute Name: name
- Friendly Name: none
- Expression: `return request.user.name`
#### email mapping
- Name: Zammad SAML Mapping: email
- SAML Attribute Name: email
- Friendly Name: none
- Expression: `return request.user.email`
### Step 2 - SAML Provider
In authentik, create a SAML Provider (under _Applications/Providers_) with these settings :
- Name : zammad
- ACS URL: `https://zammad.company/auth/saml/callback`
- Issuer: `https://zammad.company/auth/saml/metadata`
- Service Provider Binding: Post
- Audience: https://zammad.company/auth/saml/metadata
- Property mappings: Zammad SAML Mapping: name & Zammad SAML Mapping: email
- NameID Property Mapping: Zammad SAML Mapping: name
### Step 3 - Application
In authentik, create an application (under _Resources/Applications_) with these settings :
- Name: Zammad
- Slug: zammad
- Provider: zammad
## zammad Setup
Configure Zammad SAML settings by going to settings (the gear icon), and selecting `Security -> Third-party Applications` and activiate `Authentication via SAML` and change the following fields:
- Display name: authentik
- IDP SSO target URL: https://authentik.company/application/saml/ticketsystem-seatable/sso/binding/init/
- IDP certificate: ----BEGIN CERTIFICATE---- …
- IDP certificate fingerprint: empty
- Name Identifier Format: empty
## Additional Resources
- https://admin-docs.zammad.org/en/latest/settings/security/third-party/saml.html
- https://community.zammad.org/t/saml-authentication-with-authentik-saml-login-url-and-auto-assign-permission/10876/3

View File

@ -74,6 +74,7 @@ module.exports = {
"services/sssd/index", "services/sssd/index",
"services/truecommand/index", "services/truecommand/index",
"services/veeam-enterprise-manager/index", "services/veeam-enterprise-manager/index",
"services/zammad/index",
], ],
}, },
{ {