Authelia · Authentication Profile

Authelia Authentication

Authentication

Authelia secures its APIs with http and oauth2 across 3 declared security schemes, as derived from its OpenAPI definitions. OAuth 2.0 is offered via the authorizationCode flow(s).

AuthenticationAuthorizationLDAPMFAOpen SourceOpenID ConnectSelf-HostedSSO
Methods: http, oauth2 Schemes: 3 OAuth flows: authorizationCode API key in:

Security Schemes

clientBasicAuth http
scheme: basic
bearerAuth http
scheme: bearer
oauth2 oauth2
· flows: authorizationCode

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/authelia-openapi.yml
summary:
  types:
  - http
  - oauth2
  oauth2_flows:
  - authorizationCode
schemes:
- name: clientBasicAuth
  type: http
  scheme: basic
  description: RFC 6749 client_secret_basic for token, introspection and revocation endpoints.
  sources:
  - openapi/authelia-openapi.yml
- name: bearerAuth
  type: http
  scheme: bearer
  description: Bearer access token for UserInfo and other protected endpoints.
  sources:
  - openapi/authelia-openapi.yml
- name: oauth2
  type: oauth2
  flows:
  - flow: authorizationCode
    authorizationUrl: https://auth.example.com/api/oidc/authorization
    tokenUrl: https://auth.example.com/api/oidc/token
    scopes: 5
  sources:
  - openapi/authelia-openapi.yml