Welcome to the Meetrix Authentik Developer Guide! Authentik is an open-source Identity Provider designed for flexibility and versatility, making it an excellent choice for implementing sign-up, recovery, and other authentication features in your application. In this guide, we'll walk you through the step-by-step process of setting up Authentik from the AWS Marketplace. Let's dive in!

Video

Blog

A to Z: How to Install Authentik on AWS Quickly | Comprehensive Guide

Learn how to quickly and efficiently install Authentik on AWS with our step-by-step guide. Explore advanced configuration options, customize settings, integrate external identity providers, and set up multi-factor authentication for enhanced security.

Meetrix.IO • Kelum Sampath

Authentik Installation Guide Thumbnail

Prerequisites

Before you get started with the Authentik AMI, ensure you have the following prerequisites:

Launching the AMI

Step 1: Find and Select 'Authentik' AMI

  1. Log in to your AWS Management Console.
  2. Navigate to the 'Authentik' in AWS Marketplace.

Step 2: Initial Setup & Configuration

  1. Click the "Continue to Subscribe" button.
  2. After subscribing, you will need to accept the terms and conditions. Click on "Accept Terms" to proceed.
  3. Please wait for a few minutes while the processing takes place. Once it's completed, click on "Continue to Configuration".
  4. Select the "CloudFormation script to deploy Authentik" as the fulfilment option and choose your preferred region on the "Configure this software" page. Afterward, click the "Continue to Launch" button.
  5. From the "Choose Action" dropdown menu in "Launch this software" page, select "Launch CloudFormation" and click "Launch" button.

Create CloudFormation Stack

Step1: Create stack

  1. Ensure the "Template is ready" radio button is selected under "Prepare template".
  2. Click "Next".

Step2: Specify stack options

  1. Provide a unique "Stack name".
  2. Provide the "Admin Email" for SSL generation.
  3. For "DeploymentName", enter a name of your choice.
  4. Provide a public domain name for "DomainName" (Authentik will automatically try to setup SSL based on provided domain name, if that domain hosted on Route53. Please make sure your domain name hosted on route53. If its unsuccessful then you have to setup SSL manually).
  5. Choose an instance type, "InstanceType" (Recommended: t3.small).
  6. Select your preferred "keyName".
  7. Provide a S3 bucket name to "S3Bucket" for storing Database Backups.
  8. Set "SSHLocation" as "0.0.0.0/0".
  9. Keep "SubnetCidrBlock" as "10.0.0.0/24".
  10. Keep "VpcCidrBlock" as "10.0.0.0/16".
  11. Click "Next".

Step3: Configure stack options

  1. Choose "Roll back all stack resources" and "Delete all newly created resources" under the "Stack failure options" section.
  2. Click "Next".

Step4: Review

  1. Review and verify the details you've entered.
    2. Review CloudFormation Stack
  2. Tick the box that says, "I acknowledge that AWS CloudFormation might create IAM resources with custom names".
    3. Acknowledge IAM Resources
  3. Click "Submit".

Afterward, you'll be directed to the CloudFormation stacks page.

Please wait for 5-10 minutes until the stack has been successfully created.

CloudFormation Stack Creation Progress

Update DNS

Step1: Copy IP Address

Copy the public Ip labeled "PublicIp" in the "Outputs" tab.

Copy Public IP

Step2: Update DNS

  1. Go to AWS Route 53 and navigate to "Hosted Zones".
  2. From there, select the relevant Hosted Zone for your provided "DomainName".
  3. Click on Create record.
    4. Create Record
  4. Add record name and then paste the copied "PublicIp" into the "value" textbox.
  5. Click "Save".

Access Authentik

You can setup the Authentik application through the "DashboardUrl" or "DashboardUrlIp" provided in the "Outputs" tab. This will allow you to create an Admin account and all the future accounts will be created through the Admin panel.

Access Authentik Dashboard

502 Bad Gateway error

If you encounter a "502 Bad Gateway error", please wait for about 5 minutes before refreshing the page.

502 Bad Gateway Error

Enter all the details and Click on Let's start button. Make sure to choose a strong password.

Authentik Let's Start

Once you have created admin login, use https://authentik.meetrix.io/ to log into the admin account.

Authentik Admin Login

Generate SSL Manually

Authentik will automatically try to setup SSL based on provided domain name, if that domain hosted on Route53. If its unsuccessful then you have to setup SSL manually.

Step1: Copy IP Address

  1. Proceed with the instructions outlined in the above "Update DNS" section, if you have not already done so.
  2. Copy the Public IP address indicated as "PublicIp" in the "Outputs" tab.
    3. Copy Public IP for Manual SSL

Step2: Log in to the server

  1. Open the terminal and go to the directory where your private key is located.
  2. Paste the following command into your terminal and press Enter:
    3. ssh -i <your key name> ubuntu @<Public IP address>
    SSH Login
  3. Type "yes" and press Enter. This will log you into the server.

Step3: Generate SSL

Paste the following command into your terminal and press Enter and follow the instructions:

sudo /root/certificate_generate_standalone.sh

Admin Email is acquiring for generate SSL certificates.

Shutting Down Authentik

  1. Click the link labeled "Instance" in the "Resources" tab to access the EC2 instance, you will be directed to the Authentik instance in EC2.
    2. Access EC2 Instance
  2. Select the Authentik instance by marking the checkbox and click "Stop instance" from the "Instance state" dropdown. You can restart the instance at your convenience by selecting "Start instance".
    3. Stop Instance

Remove Authentik

Delete the stack that has been created in the AWS Management Console under 'CloudFormation Stacks' by clicking the 'Delete' button.

Conclusion

The Meetrix Authentik Developer Guide is your essential resource for effortlessly integrating Authentik into your projects. Whether you're a seasoned developer or just beginning, our guide offers detailed, step-by-step instructions for setting up Authentik from the AWS Marketplace. Authentik stands out with its flexibility and versatility, seamlessly integrating into existing environments and supporting new protocols. It's an excellent solution for handling sign-up, recovery, and other authentication features, saving you the trouble of managing them yourself. With the Meetrix Authentik Developer Guide, you'll efficiently utilize Authentik's capabilities to create secure and robust authentication systems for your applications.

Technical Support

Reach out to Meetrix Support (aws@meetrix.io) for assistance with Authentik issues.

Frequently Asked Questions

What is Authentik?

Authentik is an open-source Identity Provider that offers a flexible and versatile solution for managing user authentication and authorization, supporting various protocols like OAuth2, SAML, and OpenID Connect.

Why should I deploy Authentik on AWS?

Deploying Authentik on AWS provides scalability, reliability, and flexibility, allowing you to leverage AWS's robust infrastructure for high availability and performance of your identity management solution.

Can I use my own domain with this deployment?

Yes, the CloudFormation template allows you to specify your public domain name, and it can automatically configure SSL if your domain is hosted on AWS Route 53.

What if my domain is not on Route 53?

If your domain is not on Route 53, the automatic SSL setup might fail. The guide provides instructions for generating the SSL certificate manually by SSHing into the server.

Ready to Deploy Authentik on AWS?

Launch a secure and scalable Authentik instance in minutes with our pre-configured AMI.

Get Started with Authentik on AWS Marketplace

© 2025 Meetrix, All rights reserved.