Core concepts

application links policies with a provider and holds information such as ui name and icon source a location from which users can be added to kubeark, such as ldap connection or oauth2 connection provider a way for other applications to authenticate against kubeark, such as oidc or saml policy a yes/no gate that evaluates to true or false based on policy kind and settings used for custom logic, granting/denying access, and more flows & stages ordered sequence of stages used for user authentication, enrollment, etc property mappings makes information available for external applications, such as setting user roles in aws based on group memberships in kubeark outpost a separate component of authentik that offers services not implemented directly into the authentik core, such as reverse proxying system tasks longer running tasks run in the background by kubeark, such as syncing ldap sources or backing up the database