2026-06-15: clarify Uptime Kuma native SSO requirement
This commit is contained in:
parent
eeae11a36b
commit
9ef95472d9
1 changed files with 14 additions and 0 deletions
|
|
@ -433,6 +433,20 @@ Verified current live state on monk before making changes:
|
|||
the Cloudflare Tunnel public hostname for `status.kitestacks.com` from
|
||||
`http://uptime-kuma:3001` to `http://authentik:9000` (or equivalent
|
||||
Authentik service target in the Tunnel UI).
|
||||
- Correction after user tested: user does NOT want front-door proxy behavior
|
||||
for Uptime Kuma. Desired UX is an in-app "single sign on" button on the
|
||||
Uptime Kuma login screen, like Grafana/Forgejo style native OAuth. Authentik
|
||||
proxy redirect is not acceptable for this requirement.
|
||||
- Confirmed in the installed Uptime Kuma 1.23.17 frontend:
|
||||
`/app/src/components/Login.vue` only renders username, password, remember-me,
|
||||
and login submit controls. No native OAuth/OIDC/SSO button exists in this
|
||||
version's login component, and local source search only found monitor OAuth
|
||||
client-credentials support, not app login SSO.
|
||||
- If staying on Uptime Kuma 1.23.17, revert Cloudflare route for
|
||||
`status.kitestacks.com` back to `http://uptime-kuma:3001`; otherwise users
|
||||
get Authentik first and then still see Kuma's local login. Native in-app SSO
|
||||
would require an Uptime Kuma version/plugin/fork with login OIDC support or
|
||||
custom app code, not the Authentik proxy provider.
|
||||
|
||||
Important security hygiene: local git remote for `~/claude-memory` contains an
|
||||
HTTP token in the URL; do not print it in summaries. Prefer redacted URLs in
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue