Skip to main content

Example policy snippets for flows

Redirect current flow to another URL

info

Requires authentik 2022.7

plan = request.context.get("flow_plan")
if not plan:
return False
plan.redirect("https://foo.bar")
return False

This policy should be bound to the stage after your redirect should happen. For example, if you have an identification and a password stage, and you want to redirect after identification, bind the policy to the password stage. Make sure the stage binding's option Evaluate when stage is run is enabled.

Deny flow when user is authenticated

return not request.user.is_authenticated

When used with authentik 2022.7 or later, set the flow Denied action to CONTINUE. This will redirect already authenticated users to the default interface if they try to use the respective flow.