The user is inquiring about setting up Single Sign-On (SSO) for a seedbox that hosts several *arr applications, using an Authentik instance hosted on their Synology NAS. The goal is to enable users to authenticate once and gain access to all the apps without needing separate credentials for each service. This setup not only simplifies user management but also enhances security by reducing the number of accounts and passwords that need to be managed. In a broader context, implementing SSO can streamline workflows in both homelab environments and production systems, making it easier for users to access multiple services with improved security measures.
- Synology NAS running Authentik
- *arr applications
- Install the necessary plugins or configurations for each *arr application to support SSO with Authentik. This usually involves setting up OAuth2 in Authentik and configuring each app.
- For example, in Sonarr, navigate to Settings -> Security -> Authentication Providers, then add a new OAuth provider configuration, linking it back to the Authentik instance's OAuth client settings.
- Repeat the configuration process for all relevant *arr applications hosted on your seedbox.
Setting up SSO with Authentik impacts common homelab stacks by integrating authentication across various services like Sonarr, Radarr, or Lidarr. Each application's config file (e.g., Sonarr: Settings -> Security) will need specific OAuth configurations tied to the Authentik instance.