Authelia setup

How to set up Authelia

SSO + 2FA in front of your apps. This guide covers how to access it, log in for the first time, configure the basics, and where its data lives so you can back it up.

In this guide:

What is Authelia?
How to access it
Settings you can change
Where your data lives

1. What is Authelia?

Single sign-on and two-factor authentication portal. Add a login + TOTP gate in front of any SparkBox service via Nginx Proxy Manager's forward-auth — useful for exposing dashboards beyond your LAN.

2. How to access it

Once it's enabled, Authelia runs on your SparkBox at:

http://<your-NAS-IP>:9091

Visit to set up TOTP for the admin account. Authelia only protects services you wire up to use it via NPM forward-auth — by itself it doesn't gate anything. See docs → Authelia setup.

3. Settings you can change

You can set these when you enable the module, or later from Apps → Authelia in the dashboard:

Auth JWT Secret — Configurable value.
Auth Session Secret — Configurable value.
Auth Encryption Key — Configurable value.

4. Where your data lives

Authelia's config and persistent data are stored on the SparkBox host under:

/opt/sparkbox/modules/authelia/config/

Backups via the SparkBox dashboard's Backup tile include this directory by default, so a single restore brings Authelia back to its current state on a fresh install.

Next steps

That's Authelia live on SparkBox.

If something doesn't match what you see, post in d/sparkbox or hit us up on YouTube. Every SparkBox bug gets patched; every UX-stumble in this guide gets rewritten.

Get SparkBox → More guides →

About this guide: Generated from the SparkBox module manifest and verified against a live install. If you spot something that doesn't match your experience, tell us in d/sparkbox.