ND

Project | Identity & Access

Authentik Identity Lab

Authentik deployed as a self-hosted identity provider across the lab — SSO, OIDC, and LDAP for services that support it, centralized user management, and a single login policy instead of scattered per-app credentials.

Authentik SSO OIDC LDAP Centralized IAM Access Policy
Authentik identity and SSO architecture diagram

What I Built

  • Deployed Authentik as a self-hosted identity provider in an LXC container on the Proxmox cluster.
  • Configured OIDC providers for services that support OAuth2/OpenID Connect login.
  • Set up LDAP outpost so services that only support LDAP authentication can bind against Authentik's user directory.
  • Managed users, groups, and access policies centrally — one place to grant or revoke access across services.
  • Integrated invite-based access control for the self-hosted media server with the identity layer.

Skills Demonstrated

  • Identity provider deployment and configuration
  • OIDC / OAuth2 application integration
  • LDAP directory service fundamentals
  • Centralized user and group management
  • Credential hygiene and secret handling
  • Access policy design across multiple services
OIDC

Single Sign-On

Services that support OIDC authenticate through Authentik rather than managing their own user databases. One login, consistent access control, and a single place to disable a user across all integrated apps.

LDAP

Legacy Protocol Support

Authentik's LDAP outpost lets services that only understand directory-style authentication bind against the same user store as modern OIDC apps — no separate directory server needed.

Policy

Centralized Access Control

Users and groups are managed in one place. Granting or revoking access to a service is a policy change in Authentik, not a manual account change in every app — the same model enterprise IAM teams use at scale.

What This Shows Employers

IAM is one of the first things enterprise environments ask junior admins to touch — password resets, provisioning, group policy. I already know what a centralized identity provider looks like from the inside: how SSO flows work, why LDAP still matters, and how access policy changes propagate. That's day-one relevant.

Explore More Projects

Project pages that cover the networking and security stack.

Architecture

Enterprise Homelab Architecture

A production-grade virtualization lab: Proxmox cluster, Cisco switching, and Synology storage.

View project ->
Firewall

OPNsense Edge Firewall

Hardened gateway implementation: VLAN segmentation, AdGuard DNS, and Suricata IDS.

View project ->
Monitoring

SIEM/XDR with Wazuh

Active security monitoring and log aggregation for endpoint behavior and compliance.

View project ->
Virtualization

Proxmox Cluster Management

Multi-node compute environment running 20+ VMs/LXCs with focus on high-availability.

View project ->

Get In Touch

Open to Junior Network Administrator, SOC Analyst, NOC, MSP, Help Desk, IT Support, and Cybersecurity Internship opportunities.

Email Me LinkedIn GitHub

Email: NazeemDickey@gmail.com | Boynton Beach, FL

<- Back to projects