Hi,

TLDR: Does anyone have an experience with setting Authentik to already existing user accounts, most importantly in Immich?

I am currently thinking (and studying how to) about deploying Authentik and using it as SSO for the stuff I host. The main reason is to rise the WAF and make them more accessible and appealing for perhaps other family members.

I already see some roadblocks ahead and am trying to understand, how to go over them in a smooth and safe way.

For most of the services, there shouldn’t be much risk (loosing watch history in jellyfin might be unfortunate but not mission critical).

Though, I’m running Immich with three users, each with several years of photos… And here I’m afraid of how to link these already existing photos to the new accounts introduced by Authentik.

The other service is Nextcloud, but I’m the only one using it now and I could prepare and move the data, contacts and so on, though calendars might be PITA…

If anybody have some experience with it, I’d be so grateful.

I run most of my stuff in docker containers on an Unraid server at home, behind a hell of a cgnat and a tiny VPS where my caddy proxy and synapse HS live, and where I’d like to set up the Authentik as well.