authentik

n8n node for Authentik API integration

Package Information

Downloads: 55 weekly / 74 monthly
Latest Version: 1.2.0
Author: The Red Flag

Available Nodes

Authentik icon
Authentik
Interact with Authentik API for user management

Documentation

n8n Authentik Node

A comprehensive n8n node for integrating with Authentik's user management API. This node provides full CRUD operations for Authentik users with complete OpenAPI specification compliance.

Features

  • Complete User Management: Create, read, update, delete, and list users
  • OpenAPI Compliant: Built according to Authentik's official OpenAPI specification
  • Field Validation: Comprehensive validation for all user fields
  • Advanced Filtering: Extensive query options for listing users
  • Error Handling: Detailed error reporting with HTTP status codes
  • Type Safety: Full TypeScript implementation with proper type checking

Installation

  1. Install the node package:

    npm install @theredflag/n8n-nodes-authentik

  2. Add the node to your n8n instance following the n8n community nodes guide.

Configuration

Credentials Setup

  1. In Authentik, navigate to Admin Interface > Directory > Tokens
  2. Create a new token with appropriate permissions for user management
  3. In n8n, create new Authentik API credentials with:
    • API Token: Your Authentik API token
    • Base URL: Your Authentik instance URL (e.g., https://authentik.company.com)

Operations

User Resource

Create User

Creates a new user in Authentik.

Required Fields:

  • username (1-150 characters)
  • name (display name)

Optional Fields:

  • email (max 254 characters)
  • is_active (boolean, default: true)
  • groups (comma-separated list of group UUIDs)
  • path (user path in Authentik)
  • type (internal, external, service_account, internal_service_account)
  • attributes (custom key-value pairs)

Example:

{
	"username": "john.doe",
	"name": "John Doe",
	"email": "john.doe@company.com",
	"is_active": true,
	"groups": "550e8400-e29b-41d4-a716-446655440000",
	"type": "internal"
}

Update User

Updates an existing user by ID (pk).

Required Fields:

  • userId (integer, primary key)

Optional Fields:

  • All create fields (leave empty to keep current values)

Delete User

Deletes a user by ID (pk).

Required Fields:

  • userId (integer, primary key)

Get User

Retrieves a specific user by ID (pk).

Required Fields:

  • userId (integer, primary key)

List Users

Lists users with extensive filtering options.

Available Filters:

  • page_size (number of results per page)
  • page (page number)
  • search (search term for username, name, or email)
  • email (filter by email address)
  • username (filter by username)
  • name (filter by display name)
  • is_active (filter by active status)
  • is_superuser (filter by superuser status)
  • include_groups (include group information)
  • type (filter by user type - multiple selections allowed)
  • groups_by_name (filter by group names)
  • groups_by_pk (filter by group UUIDs)
  • path (filter by exact user path)
  • path_startswith (filter by path prefix)
  • uuid (filter by user UUID)
  • attributes (filter by attributes JSON string)
  • ordering (sort results by various fields)

API Compliance

This node is built to comply with Authentik's OpenAPI specification version 2025.6.3:

  • Uses correct endpoint paths (/api/v3/core/users/)
  • Implements proper HTTP methods (GET, POST, PATCH, DELETE)
  • Uses integer pk for user identification (not UUID)
  • Validates field types and constraints
  • Supports all documented query parameters
  • Handles error responses according to API specification

Field Validation

The node includes comprehensive validation:

  • Username: 1-150 characters, required for creation
  • Name: Required for creation, cannot be empty
  • Email: Valid email format, max 254 characters
  • Groups: Must be valid UUID format when provided
  • Path: Cannot be empty if provided
  • User ID: Must be positive integer for update/delete/get operations

Error Handling

The node provides detailed error information:

  • Original error messages from Authentik API
  • HTTP status codes and status text
  • Field validation errors
  • Specific operation and item context

Response Examples

Create User Response

{
  "pk": 123,
  "username": "john.doe",
  "name": "John Doe",
  "email": "john.doe@company.com",
  "is_active": true,
  "is_superuser": false,
  "groups": ["550e8400-e29b-41d4-a716-446655440000"],
  "groups_obj": [...],
  "avatar": "https://gravatar.com/...",
  "attributes": {},
  "uid": "john.doe",
  "path": "users",
  "type": "internal",
  "uuid": "6ba7b810-9dad-11d1-80b4-00c04fd430c8",
  "date_joined": "2024-01-15T10:30:00Z",
  "last_login": "2024-01-20T09:15:00Z",
  "password_change_date": "2024-01-15T10:30:00Z"
}

List Users Response

{
	"pagination": {
		"next": 2,
		"previous": null,
		"count": 150,
		"current": 1,
		"total_pages": 2,
		"start_index": 1,
		"end_index": 100
	},
	"results": [
		{
			"pk": 123,
			"username": "john.doe",
			"name": "John Doe"
			// ... other user fields
		}
	]
}

Development

Building

npm run build

Linting

npm run lint

Testing Credentials

The node includes a credential test that verifies connectivity to your Authentik instance by attempting to list users with a page size of 1.

Requirements

  • n8n version 0.87.0 or higher
  • Node.js 16 or higher
  • Authentik instance with API access

Support

For issues and feature requests, please visit the GitHub repository.

License

This project is licensed under the MIT License.

Discussion