website/integrations: Update to Wizard and Styling Guide

website/integrations/services/actual-budget/index.mdx

@@ -31,55 +31,36 @@ This documentation lists only the settings that you need to change from their de
 
 [Create](https://docs.goauthentik.io/docs/add-secure-apps/applications/manage_apps#add-new-applications) an OAuth2/OpenID provider and an application in authentik. Use the following parameters for the OAuth2/OpenID provider:
 
-**Provider:**
-
-- Name: _SP-actual_
-- Client type: _Confidential_
-- Redirect URIs/Origins (RegEx): https://_actual.company_/openid/callback
-- Signing Key: Select any available signing keys.
-
-:::info
-Actual Budget supports the RS256 algorithm. Be aware of this when choosing the appropriate signing key.
-:::
-
-Take note of the Client ID and Client Secret; you will need to provide them to Actual Budget in the last step.
-
-Leave the remaining values as default. Durations can be adjusted as needed.
-
-**Application:**
-
-- Name: _Actual Budget_
-- Slug: _actual_
-- Launch URL: https://_actual.company_/
+1. In the authentik Admin interface, navigate to **Applications** -> **Applications**.
+2. Use the wizard to create a new application and provider. During this process:
+    - Note the **Client ID**, **Client Secret**, and **slug** values for later use.
+    - Select implicit or explicit authorization flow as desired.
+    - Set the redirect URI to <kbd>https://<em>actual.company</em>/openid/callback</kbd>.
+    - Select any available signing key.
 
 ## Actual Budget configuration
 
 1. Sign in to Actual Budget with a browser of your choice and access your budget by clicking on its name.
-
 2. Click your budget in the top-left corner to open the dropdown menu and select **Settings**.
-
 3. Scroll to the bottom and select **Show advanced settings**. Scroll again and select **I understand the risks, show experimental features**.
-
 4. To enable the option **OpenID authentication method** select the checkbox next to it.
-
 5. Scroll up to the new option **Authentication method...** and click **Start using OpenID**.
-
 6. Set the following values from the authentik provider:
     - Set **OpenID Provider** to **authentik**
-    - Set **OpenID provider URL** to https://_authentik.company_/application/o/_actual_/
-    - Set **Client ID** to _client-id_
-    - Set **Client secret** to _client-secret_
+    - Set **OpenID provider URL** to <kbd>https://<em>authentik.company</em>/application/o/<em>actual</em>/</kbd>
+    - Set **Client ID** to the Client ID copied from authentik.
+    - Set **Client secret** to the Client Secret copied from authentik.
 
 :::warning
 The first user to log into Actual Budget via OpenID will become the owner and administrator with the highest privileges for the budget. For more information on how to create additional users, see the Note below.
 :::
 
 ## Test the login
 
-- Open a browser of your choice and navigate to https://_actual.company_.
+- Open a browser of your choice and navigate to <kbd>https://<em>actual.company</em></kbd>.
 - Select the OpenID login method in the dropdown menu and click **Sign in with OpenID**.
-- You should be redirected to authentik (with the login flows you created), and then authentik will redirect you back to the https://_actual.company_ URL.
-- If you are redirected back to the https://_actual.company_ URL and can see the budget file selection page, the setup was successful.
+- You should be redirected to authentik (with the login flows you created), and then authentik will redirect you back to the <kbd>https://<em>actual.company</em></kbd> URL.
+- If you are redirected back to the <kbd>https://<em>actual.company</em></kbd> URL and can see the budget file selection page, the setup was successful.
 
 :::info
 Users are not automatically created when logging in with authentik. The owner must manually create each user in Actual Budget. To do so, click **Server online** at the top next to your name and select **User Directory**. Add a new user. The `Username` must match the one in authentik. You can now grant the new user access to your budget by clicking **Server online** next to your name at the top and selecting **User Access**.

website/integrations/services/engomo/index.mdx

@@ -0,0 +1,87 @@
+---
+title: Integrate with engomo
+sidebar_label: engomo
+---
+
+# Integrate with engomo
+
+<span class="badge badge--secondary">Support level: Community</span>
+
+## What is engomo
+
+> engomo is an low-code app development platform to create enterprise apps for smartphones and tablets based on Android, iOS, or iPadOS.
+>
+> -- https://engomo.com/
+>
+> This guide explains how to set up engomo to use authentik as the OAuth provider for the application login on the smartphone/tablet and login to the admin WebGUI (composer).
+
+## Preparation
+
+The following placeholders are used in this guide:
+
+- `engomo.company` is the FQDN of the engomo installation.
+- `authentik.company` is the FQDN of the authentik installation.
+- `engomo.mapping` is the name of the Scope Mapping.
+
+:::note
+This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
+:::
+
+## authentik configuration
+
+In authentik, create a new scope mapping. To do so, log in and navigate to the Admin interface, then go to **Customization --> Property Mapping** and click **Create**.
+
+- `engomo.mapping` is the value of the Mapping's name.
+- `profile` is the value for the Scope name.
+- `return {"preferred_username": request.user.email}` is the value for the Expression.
+
+[Create](https://docs.goauthentik.io/docs/add-secure-apps/applications/manage_apps#add-new-applications) an OAuth2/OpenID provider and an application in authentik. Use the following parameters for the OAuth2/OpenID provider:
+
+1. In the authentik Admin interface, navigate to **Applications** -> **Applications**.
+2. Use the wizard to create a new application and provider. During this process:
+    - Note the **Client ID**, **Client Secret**, and **slug** values for later use.
+    - Select implicit or explicit authorization flow as desired.
+    - Set Client type to `Public`.
+    - Set the redirect URI to <kbd>https://<em>engomo.company</em>/auth</kbd> and <kbd>com.engomo.engomo://callback/</kbd>.
+    - Select any available signing key.
+    - Add the `engomo.mapping` scope in addition to the default values.
+
+:::note
+Redirect URIs => write the values line by line.
+:::
+
+## engomo configuration
+
+Navigate to <kbd>https://<em>engomo.company</em>/composer</kbd> and log in with your admin credentials.
+
+1. Select **Server**.
+2. Select **Authentication**.
+3. Add a new authentication method by clicking on the plus icon on the right.
+4. Name: `authentik`
+5. Type: **OpenID Connect**
+6. Click **Create**.
+7. Configure the following values using information from the authentik provider:
+    - Set **Issuer** to <kbd>https://<em>authentik.company</em>/application/o/<em>engomo</em></kbd>.
+    - Set **Client ID** to the Client ID copied from authentik.
+    - Set **Client secret** to the Client Secret copied from authentik.
+
+## engomo user creation
+
+engomo doesn't create users automatically when signing in. So you have to do it manually right now.
+Navigate to <kbd>https://<em>engomo.company</em>/composer</kbd> and log in with your admin credentials.
+
+- Select **Users & Devices**.
+- Click the plus button in the Users section.
+- Choose `authentik` from the Authenticator dropdown.
+- Create your user by entering the email address as the username. This email must match the one used for the user in authentik.
+
+## Test the login
+
+- Open a browser of your choice and open the URL <kbd>https://<em>engomo.company</em></kbd>.
+- Enter the created user's email address and click the small arrow icon to log in.
+- You should be redirected to authentik (with the login flows you created) and then authentik should redirect you back to <kbd>https://<em>engomo.company</em>/composer</kbd> URL.
+- If you are redirected back to the <kbd>https://<em>engomo.company</em>/composer</kbd> URL you did everything correct.
+
+:::note
+The created user will only have access to the app or composer page if they have been granted the necessary permissions.
+:::

website/integrations/services/rustdesk-pro/index.mdx

@@ -14,6 +14,8 @@ sidebar_label: RustDesk Server Pro
 > Ideal for businesses, it provides full control over data while ensuring scalable and reliable remote access.
 >
 > -- https://rustdesk.com/
+>
+> This guide explains how to configure Rustdesk Server Pro to use authentik as the OAuth provider for logging in to the Web GUI.
 
 ## Preparation
 
@@ -28,39 +30,38 @@ This documentation lists only the settings that you need to change from their de
 
 ## authentik configuration
 
+[Create](https://docs.goauthentik.io/docs/add-secure-apps/applications/manage_apps#add-new-applications) an OAuth2/OpenID provider and an application in authentik. Use the following parameters for the OAuth2/OpenID provider:
+
 1. In the authentik Admin interface, navigate to **Applications** -> **Applications**.
 2. Use the wizard to create a new application and provider. During this process:
     - Note the **Client ID**, **Client Secret**, and **slug** values for later use.
-    - Set the redirect URI to https://_rustdesk.company_/api/oidc/callback.
+    - Select implicit or explicit authorization flow as desired.
+    - Set the redirect URI to <kbd>https://<em>rustdesk.company</em>/api/oidc/callback</kbd>.
     - Select any available signing key.
 
 ## RustDesk Server Pro configuration
 
 1. Sign in to RustDesk Server Pro using a browser.
-
 2. In the left menu, select **Settings** and then **OIDC**.
-
 3. Click **+ New Auth Provider**.
-
 4. In the popup window, select **custom** as the **Auth Type** and click **OK**.
-
 5. Configure the following values using information from the authentik provider:
-    - **Name**: _SSO-Login_
-    - **Client ID**: _client-id_
-    - **Client Secret**: _client-secret_
-    - **Issuer**: https://_authentik.company_/application/o/_slug_/
-    - **Authorization Endpoint**: https://_authentik.company_/application/o/authorize/
-    - **Token Endpoint**: https://_authentik.company_/application/o/token/
-    - **Userinfo Endpoint**: https://_authentik.company_/application/o/userinfo/
-    - **JWKS Endpoint**: https://_authentik.company_/application/o/_slug_/jwks/
+    - Set **Name** to `authentik`
+    - Set **Client ID** to the Client ID copied from authentik.
+    - Set **Client secret** to the Client Secret copied from authentik.
+    - Set **Issuer** to <kbd>https://<em>authentik.company</em>/application/o/<em>slug</em>/</kbd>
+    - Set **Authorization Endpoint** to <kbd>https://<em>authentik.company</em>/application/o/authorize/</kbd>
+    - Set **Token Endpoint** to <kbd>https://<em>authentik.company</em>/application/o/token/</kbd>
+    - Set **Userinfo Endpoint** to <kbd>https://<em>authentik.company</em>/application/o/userinfo/</kbd>
+    - Set **JWKS Endpoint** to <kbd>https://<em>authentik.company</em>/application/o/<em>slug</em>/jwks/</kbd>
 
 :::info
 Users are created automatically on login. Permissions must be assigned by an administrator after user creation.
 :::
 
 ## Test the Login
 
-- Open a browser and navigate to https://_rustdesk.company_.
-- Click **Continue with SSO-Login**.
-- You should be redirected to authentik (with the login flows you configured). After logging in, authentik will redirect you back to https://_rustdesk.company_.
-- If you are redirected back to https://_rustdesk.company_ and can read the username in the top right corner, the setup was successful.
+- Open a browser and navigate to <kbd>https://<em>rustdesk.company</em></kbd>.
+- Click **Continue with authentik**.
+- You should be redirected to authentik (with the login flows you configured). After logging in, authentik will redirect you back to <kbd>https://<em>rustdesk.company</em></kbd>.
+- If you are redirected back to <kbd>https://<em>rustdesk.company</em></kbd> and can read the username in the top right corner, the setup was successful.

website/integrations/services/semaphore/index.mdx

@@ -28,27 +28,14 @@ This documentation lists only the settings that you need to change from their de
 
 ## authentik configuration
 
-Start the wizard for adding a new application.
+[Create](https://docs.goauthentik.io/docs/add-secure-apps/applications/manage_apps#add-new-applications) an OAuth2/OpenID provider and an application in authentik. Use the following parameters for the OAuth2/OpenID provider:
 
-**1. Application:**
-
-- Name: `Semaphore UI`
-- Slug: `semaphore`
-
-**2. Choose a Provider**
-
-Select `OAuth2/OpenID Provider`
-
-**3. Configure Provider**
-
-Select implicit or explicit authorization flow as desired.
-
-Take note of the Client ID and Client Secret, you'll need to give them to Semaphore UI later.
-
-- Redirect URIs/Origins (RegEx): `https://semaphore.company/api/auth/oidc/authentik/redirect/`
-- Signing Key: `authentik Self-signed Certificate`
-
-Leave the rest as default values.
+1. In the authentik Admin interface, navigate to **Applications** -> **Applications**.
+2. Use the wizard to create a new application and provider. During this process:
+    - Note the **Client ID**, **Client Secret**, and **slug** values for later use.
+    - Select implicit or explicit authorization flow as desired.
+    - Set the redirect URI to <kbd>https://<em>semaphore.company</em>/api/auth/oidc/authentik/redirect/</kbd>.
+    - Select any available signing key.
 
 ## Semaphore UI configuration
 
@@ -60,7 +47,7 @@ Add the `oidc_providers` configuration:
 {
   "oidc_providers": {
     "authentik": {
-      "display_name": "Sign in with Authentik",
+      "display_name": "Sign in with authentik",
       "provider_url": "https://authentik.company/application/o/<slug>/",
       "client_id": "<client-id>",
       "client_secret": "<client-secret>",
@@ -89,14 +76,12 @@ SEMAPHORE_WEB_ROOT: /
 
 More information on this can be found in the Semaphore documentation https://docs.semaphoreui.com/administration-guide/openid/authentik/.
 
-Leave the rest as default.
-
 ## Test the login
 
-- Open a browser of your choice and open the URL `https://semaphore.company`.
+- Open a browser of your choice and open the URL <kbd>https://<em>semaphore.company</em></kbd>.
 - Click on the SSO-Login button.
-- You should be redirected to authentik (with the login flows you created) and then authentik should redirect you back to `https://semaphore.company` URL.
-- If you are redirected back to the `https://semaphore.company` URL you did everything correct.
+- You should be redirected to authentik (with the login flows you created) and then authentik should redirect you back to <kbd>https://<em>semaphore.company</em></kbd> URL.
+- If you are redirected back to the <kbd>https://<em>semaphore.company</em></kbd> URL you did everything correct.
 
 :::info
 Users are created upon logging in with authentik. They will not have the rights to create anything initially. These permissions must be assigned later by the local admin created during the first login to the Semaphore UI.