This feature is still in technical preview, so please report any Bugs you run into on GitHub
You can configure a Radius Provider for applications that don't support any other protocols or require Radius.
This provider requires the deployment of the RADIUS Outpost
Currently, only authentication requests are supported.
Authentication requests against the Radius Server use a flow in the background. This allows you to use the same policies and flows as you do for web-based logins.
The following stages are supported:
Note: Authenticator validation currently only supports DUO, TOTP and static authenticators.
For code-based authenticators, the code must be given as part of the bind password, separated by a semicolon. For example for the password
example-passwordand the code
123456, the input must be
SMS-based authenticators are not supported as they require a code to be sent from authentik, which is not possible during the bind.
The RADIUS provider only supports the PAP (Password Authentication Protocol) protocol: