- Application: links Policies with a Provider and holds information such as UI name and icon.
- Source: a location from which users can be added to Kubeark, such as LDAP connection or OAuth2 connection.
- Provider: a way for other applications to authenticate against Kubeark, such as OIDC or SAML.
- Policy: a yes/no gate that evaluates to True or False based on Policy Kind and settings. Used for custom logic, granting/denying access, and more.
- Flows & Stages: ordered sequence of stages used for user authentication, enrollment, etc.
- Property Mappings: makes information available for external applications, such as setting user roles in AWS based on group memberships in Kubeark.
- Outpost: a separate component of authentik that offers services not implemented directly into the authentik core, such as Reverse Proxying.
- System tasks: longer-running tasks run in the background by Kubeark, such as syncing LDAP sources or backing up the database.