Rock for running the Authentik identity provider.
1.4K
ubuntu/authentik-server is a rock for authentik-server maintained by Canonical.
Authentik is an open-source Identity Provider focused on flexibility and versatility. This rock bundles the Authentik server (Go), worker (Rust/Python) and all required runtimes. Authentik supports SAML2, LDAP, OAuth2, and OpenID Connect protocols, and can be used as a standalone identity provider or integrated into existing infrastructure.
[Learn more about authentik-server]
NOTE: These tags follow a specific naming convention that respects the concept of channels.
| Tags | Supported until | Version | Base | Architectures | |
|---|---|---|---|---|---|
2026-22.04_stable | aliases2026-22.04, 2026-22.04_beta, 2026-22.04_candidate, 2026-22.04_edge | 10/2026 | 2026 | 22.04 | amd64, arm64 |
2026.5-26.04_edge | aliases2026.5-26.04_edge | 09/2026 | 2026.5 | 26.04 | amd64 |
This rock's entrypoint is Pebble, a container-optimized init process that enables the orchestration of a collection of local service processes as an organized set.
To view the Pebble services and checks defined in this rock:
docker run --rm ubuntu/authentik-server:2026-22.04_stable plan
To run this rock, use any of the usual container runtimes, for example, docker:
docker run --name authentik-server-container \
-p 9000:9000 -p 9443:9443 \
ubuntu/authentik-server:2026-22.04_stable
Access the Authentik Server at http://localhost:9000 or https://localhost:9443.
To view the logs of the running container, run:
docker exec authentik-server-container pebble logs
Or, for a specific service:
docker exec authentik-server-container pebble logs <service>
Rocks may have predefined health checks that you can list by running:
docker exec authentik-server-container pebble checks
The overall health of your container can be inspected via:
docker exec authentik-server-container pebble health
| Option | Description | Default |
|---|---|---|
| AUTHENTIK_SECRET_KEY | Secret key used for encryption and signing, e.g., changeme. | None |
| AUTHENTIK_REDIS__HOST | Redis hostname for caching and queue management, e.g., redis. | None |
| AUTHENTIK_POSTGRESQL__HOST | PostgreSQL hostname for the database, e.g., postgresql. | None |
| AUTHENTIK_POSTGRESQL__USER | PostgreSQL user, e.g., authentik. | None |
| AUTHENTIK_POSTGRESQL__PASSWORD | PostgreSQL password, e.g., changeme. | None |
| AUTHENTIK_POSTGRESQL__NAME | PostgreSQL database name, e.g., authentik. | None |
| Option | Description | Default |
|---|---|---|
-p <port>:9000 | Expose Authentik HTTP port 9000 on the host's <port>. | None |
-p <port>:9443 | Expose Authentik HTTPS port 9443 on the host's <port>. | None |
Canonical is the provider of this container image. It is the user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within, as well as with Canonical’s IP Policy.
Content type
Image
Digest
sha256:c622c4b61…
Size
211.3 MB
Last updated
6 days ago
docker pull ubuntu/authentik-server:2026.5-26.04_edgePulls:
326
Last week