Identity providers are only available in self-hosted Pangolin instances.
Identity providers let you authenticate Pangolin users using external identity providers. This is useful for organizations that want to use their existing identity provider infrastructure to manage user authentication. For example, you may have users defined in Authentik, and you want these users to be able to log in to Pangolin using their existing credentials.

What it does

Allows users to authenticate using external identity providers instead of Pangolin’s built-in authentication.

When to use

Useful for organizations with existing identity infrastructure like Authentik, Keycloak, or Okta.

Supported Identity Providers

OAuth2/OIDC

This can be used to connect to any external identity provider that supports the OpenID Connect protocol such as:
  • Authentik
  • Keycloak
  • Okta
  • Other OIDC-compliant providers

How to Add an Identity Provider

1

Access Server Admin

Select the “Identity Providers” tab in the Server Admin UI.
2

Add New Provider

Click on the “Add Identity Provider” button.
3

Select Type

Select the type of identity provider you want to add (OAuth2/OIDC).
4

Configure Settings

Fill in the required fields for the selected identity provider type.

Auto Provisioning

See Auto Provision for more information on how to automatically provision users and assign orgs and roles in Pangolin when they log in using an external identity provider.