Authentik bypass MFA in local network

TODO

 

 

1. go to admin 

2. go to customization -> policies

3. create new policy:

3.1Type: Expression policy

3.2 Name: local-network-check

3.3 Expression: return ak_client_ip.is_private

4. go to flows

4.1 edit default-authentication-flow

4.2 go to stages tab

4.3 extend default-authentication-mfa-validation

4.4 Bind existing policy

4.4.1 Select policy local-network-check

4.4.2 Check negate result

 

Done. You can now auth in local network.