For my home lab environment, I use Authentik as my Identity Provider. Authentik is an open-source authentication and authorization platform that enables Single Sign-On (SSO), identity management, and multi-factor authentication (MFA) via protocols like OAuth, SAML, and LDAP. For various applications, such as the Citrix NetScaler, I use RADIUS for secondary authentication. All my Authentik users have a TOTP token in their authenticator app, which I want to use for RADIUS authentication. While configuring RADIUS in Authentik, I found the available documentation somewhat limited, and it took considerable effort to achieve a working RADIUS setup. This blog describes all the steps I followed to get RADIUS successfully running within Authentik.
Read More →For this guide, I used Authentik version 2024.10.1. I assume you already have a working Authentik setup where users already have a TOTP authenticator code available.