First-run Setup

Configure your Authentik OIDC provider to enable login. This only needs to be done once.

⚠️
Your admin account is set on first login. The first user to log in after saving this config will automatically become the app admin — the account used to manage global settings. Before clicking Save:
  • Create your Authentik user first (step 6 in the guide below).
  • Make note of the username and password you set — you'll use them every time you log in.
  • Keep this account private; it has full admin access to the app.
To reassign admin later, edit admin_user_id in /app/data/system_config.json and restart the container.
Found in Authentik → Applications → Your App → Edit Provider → OpenID Configuration Issuer
Must exactly match the redirect URI configured in Authentik.
Quick Authentik setup:

1. Open Authentik → Admin → Applications → Create
2. Name: JobSearch HQ · Slug: jobsearch
3. Create provider: OAuth2/OpenID → pick Client Credentials + Code
4. Set Redirect URI: http://10.10.10.13:8094/auth/callback
5. Copy the Client ID & Secret above, paste the Issuer URL from the provider page
6. Create a user, add them to the application's policy