diff --git a/technology/applications/Applications.md b/technology/applications/Applications.md
index 6d84b67..c548ece 100644
--- a/technology/applications/Applications.md
+++ b/technology/applications/Applications.md
@@ -131,6 +131,7 @@ rev: 2024-07-14
 
 # Web
 - [Authelia](./web/Authelia.md)
+- [Authentik](./web/Authentik.md)
 - [Bitwarden](./web/Bitwarden.md)
 - [AdGuard](./web/AdGuard.md)
 - [Gitea](./web/Gitea.md)
diff --git a/technology/applications/web/Authentik.md b/technology/applications/web/Authentik.md
index 3bc8651..a3deaf5 100644
--- a/technology/applications/web/Authentik.md
+++ b/technology/applications/web/Authentik.md
@@ -5,4 +5,131 @@ website: https://goauthentik.io
 ---
 
 # Authentik
-#wip 
+Authentik is an open-source Identity Provider (IDP) that aims to unify your identity needs into a single platform. It can replace Okta, Active Directory, and Auth0, offering a comprehensive solution for managing user identities. Built with the public benefit in mind, Authentik Security Inc. has developed this product on top of the open-source project.
+
+## Features
+- **Self-host anywhere**: Authentik allows you to self-host your identity provider, giving you complete control over your data and infrastructure.
+- **Multi-Factor Authentication (MFA)**: This feature helps ensure the security of your user accounts by requiring multiple forms of identification before granting access.
+- **Conditional Access**: Authentik enables you to set conditions for accessing specific resources based on factors such as location, device, or time.
+- **Open-source and source available**: The project is fully open-source, with its source code available for anyone to inspect and contribute to.
+- **Application Proxy**: This feature allows you to securely connect your applications to Authentik without the need to modify them.
+- **Enterprise support**: Authentik offers dedicated enterprise-level support to ensure smooth deployment and operation of the product within your organization.
+
+### Supported Protocols
+- **SAML 2.0**
+- **OAuth 2.0 and OIDC**
+- **SCIM**
+- **LDAP**
+- **RADIUS**
+
+## Docker-Compose
+`docker-compose.yml`:
+```yml
+---
+services:
+  postgresql:
+    image: docker.io/library/postgres:16-alpine
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
+      start_period: 20s
+      interval: 30s
+      retries: 5
+      timeout: 5s
+    volumes:
+      - ./db:/var/lib/postgresql/data
+    environment:
+      POSTGRES_PASSWORD: ${PG_PASS:?database password required}
+      POSTGRES_USER: ${PG_USER:-authentik}
+      POSTGRES_DB: ${PG_DB:-authentik}
+    env_file:
+      - .env
+  redis:
+    image: docker.io/library/redis:alpine
+    command: --save 60 1 --loglevel warning
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
+      start_period: 20s
+      interval: 30s
+      retries: 5
+      timeout: 3s
+    volumes:
+      - ./redis:/data
+    deploy:
+      resources:
+        limits:
+          memory: 512M
+
+  server:
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.8}
+    restart: unless-stopped
+    command: server
+    environment:
+      AUTHENTIK_REDIS__HOST: redis
+      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+    volumes:
+      - ./media:/media
+      - ./custom-templates:/templates
+    env_file:
+      - .env
+    ports:
+      - "${COMPOSE_PORT_HTTP:-9000}:9000"
+      - "${COMPOSE_PORT_HTTPS:-9443}:9443"
+    depends_on:
+      - postgresql
+      - redis
+  worker:
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.6.4}
+    restart: unless-stopped
+    command: worker
+    environment:
+      AUTHENTIK_REDIS__HOST: redis
+      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+    # `user: root` and the docker socket volume are optional.
+    # See more for the docker socket integration here:
+    # https://goauthentik.io/docs/outposts/integrations/docker
+    # Removing `user: root` also prevents the worker from fixing the permissions
+    # on the mounted folders, so when removing this make sure the folders have the correct UID/GID
+    # (1000:1000 by default)
+    user: root
+    volumes:
+#      - /var/run/docker.sock:/var/run/docker.sock
+      - ./media:/media
+      - ./certs:/certs
+      - ./custom-templates:/templates
+    env_file:
+      - .env
+    depends_on:
+      - postgresql
+      - redis
+```
+
+`.env`:
+````
+PG_PASS=<PASSWORD>
+AUTHENTIK_SECRET_KEY=<SECRET>
+
+# SMTP Host Emails are sent to
+AUTHENTIK_EMAIL__HOST=<HOST>
+AUTHENTIK_EMAIL__PORT=465
+# Optionally authenticate (don't add quotation marks to your password)
+AUTHENTIK_EMAIL__USERNAME=<USER>
+AUTHENTIK_EMAIL__PASSWORD=<PASS>
+# Use StartTLS
+AUTHENTIK_EMAIL__USE_TLS=false
+# Use SSL
+AUTHENTIK_EMAIL__USE_SSL=true
+AUTHENTIK_EMAIL__TIMEOUT=10
+# Email address authentik will send from, should have a correct @domain
+AUTHENTIK_EMAIL__FROM=<FROM>
+
+COMPOSE_PORT_HTTP=9020
+COMPOSE_PORT_HTTPS=9021
+```