diff --git a/.env.example b/.env.example
index e26c1e56..64252ba1 100644
--- a/.env.example
+++ b/.env.example
@@ -91,3 +91,8 @@ STRIPE_SIGNING_KEY_CONNECT=""
 # Developer Settings
 NX_ADD_PLUGINS=false
 IS_GENERAL="true" # required for now
+AUTHENTIK_OIDC="false"
+AUTHENTIK_URL=""
+AUTHENTIK_CLIENT_ID=""
+AUTHENTIK_CLIENT_SECRET=""
+AUTHENTIK_SCOPE=""
diff --git a/apps/backend/src/services/auth/providers/authentik.provider.ts b/apps/backend/src/services/auth/providers/authentik.provider.ts
new file mode 100644
index 00000000..88f1c1d1
--- /dev/null
+++ b/apps/backend/src/services/auth/providers/authentik.provider.ts
@@ -0,0 +1,88 @@
+import { ProvidersInterface } from '@gitroom/backend/services/auth/providers.interface';
+
+export class AuthentikProvider implements ProvidersInterface {
+  private readonly baseUrl: string;
+  private readonly clientId: string;
+  private readonly clientSecret: string;
+  private readonly frontendUrl: string;
+
+  constructor() {
+    const {
+      AUTHENTIK_URL,
+      AUTHENTIK_CLIENT_ID,
+      AUTHENTIK_CLIENT_SECRET,
+      FRONTEND_URL,
+    } = process.env;
+
+    if (!AUTHENTIK_URL)
+      throw new Error('AUTHENTIK_URL environment variable is not set');
+    if (!AUTHENTIK_CLIENT_ID)
+      throw new Error('AUTHENTIK_CLIENT_ID environment variable is not set');
+    if (!AUTHENTIK_CLIENT_SECRET)
+      throw new Error(
+        'AUTHENTIK_CLIENT_SECRET environment variable is not set'
+      );
+    if (!FRONTEND_URL)
+      throw new Error('FRONTEND_URL environment variable is not set');
+
+    this.baseUrl = AUTHENTIK_URL.endsWith('/')
+      ? AUTHENTIK_URL.slice(0, -1)
+      : AUTHENTIK_URL;
+    this.clientId = AUTHENTIK_CLIENT_ID;
+    this.clientSecret = AUTHENTIK_CLIENT_SECRET;
+    this.frontendUrl = FRONTEND_URL;
+  }
+
+  generateLink(): string {
+    const params = new URLSearchParams({
+      client_id: this.clientId,
+      scope: 'openid profile email',
+      response_type: 'code',
+      redirect_uri: `${this.frontendUrl}/settings`,
+    });
+
+    return `${this.baseUrl}/application/o/authorize/?${params.toString()}`;
+  }
+
+  async getToken(code: string): Promise<string> {
+    const response = await fetch(`${this.baseUrl}/application/o/token/`, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+        Accept: 'application/json',
+      },
+      body: new URLSearchParams({
+        grant_type: 'authorization_code',
+        client_id: this.clientId,
+        client_secret: this.clientSecret,
+        code,
+        redirect_uri: `${this.frontendUrl}/settings`,
+      }),
+    });
+
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`Token request failed: ${error}`);
+    }
+
+    const { access_token } = await response.json();
+    return access_token;
+  }
+
+  async getUser(access_token: string): Promise<{ email: string; id: string }> {
+    const response = await fetch(`${this.baseUrl}/application/o/userinfo/`, {
+      headers: {
+        Authorization: `Bearer ${access_token}`,
+        Accept: 'application/json',
+      },
+    });
+
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`User info request failed: ${error}`);
+    }
+
+    const { email, sub: id } = await response.json();
+    return { email, id };
+  }
+}
diff --git a/apps/backend/src/services/auth/providers/providers.factory.ts b/apps/backend/src/services/auth/providers/providers.factory.ts
index 0b6b8ddb..01bfa483 100644
--- a/apps/backend/src/services/auth/providers/providers.factory.ts
+++ b/apps/backend/src/services/auth/providers/providers.factory.ts
@@ -4,6 +4,7 @@ import { ProvidersInterface } from '@gitroom/backend/services/auth/providers.int
 import { GoogleProvider } from '@gitroom/backend/services/auth/providers/google.provider';
 import { FarcasterProvider } from '@gitroom/backend/services/auth/providers/farcaster.provider';
 import { WalletProvider } from '@gitroom/backend/services/auth/providers/wallet.provider';
+import { AuthentikProvider } from '@gitroom/backend/services/auth/providers/authentik.provider';
 
 export class ProvidersFactory {
   static loadProvider(provider: Provider): ProvidersInterface {
@@ -16,6 +17,8 @@ export class ProvidersFactory {
         return new FarcasterProvider();
       case Provider.WALLET:
         return new WalletProvider();
+      case Provider.AUTHENTIK:
+        return new AuthentikProvider();
     }
   }
 }
diff --git a/apps/frontend/public/icons/authentik.svg b/apps/frontend/public/icons/authentik.svg
new file mode 100644
index 00000000..c839ddab
--- /dev/null
+++ b/apps/frontend/public/icons/authentik.svg
@@ -0,0 +1 @@
+<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1000 526.49"><defs><style>.cls-1{fill:#fd4b2d;}</style></defs><path class="cls-1" d="M90.84,418.79h26.37V523.88H90.84V512.77a52,52,0,0,1-15.48,10.58,43.48,43.48,0,0,1-16.84,3.23q-20.35,0-35.21-15.79T8.45,471.52q0-24.33,14.37-39.89t34.93-15.55a44.43,44.43,0,0,1,17.75,3.57,48.57,48.57,0,0,1,15.34,10.73ZM63.12,440.42a26.62,26.62,0,0,0-20.31,8.65q-8.09,8.64-8.09,22.16T43,493.64a26.67,26.67,0,0,0,20.27,8.79,27.19,27.19,0,0,0,20.6-8.64Q92,485.15,92,471.14q0-13.71-8.18-22.22T63.12,440.42Z"/><path class="cls-1" d="M155.64,418.79H182.3V469.4q0,14.78,2,20.53a18,18,0,0,0,6.54,8.93A18.74,18.74,0,0,0,202,502.05a19.38,19.38,0,0,0,11.18-3.14,18.42,18.42,0,0,0,6.83-9.23q1.64-4.53,1.64-19.41V418.79H248v44.52q0,27.54-4.34,37.67A41.1,41.1,0,0,1,228,520q-10.34,6.62-26.27,6.62-17.29,0-28-7.73t-15-21.54q-3.09-9.56-3.09-34.77Z"/><path class="cls-1" d="M289.51,380.05h26.37v38.74h15.64v22.69H315.88v82.4H289.51v-82.4H276V418.79h13.53Z"/><path class="cls-1" d="M357.59,378.22h26.18v51.19a60,60,0,0,1,15.55-10,40.11,40.11,0,0,1,15.84-3.33,35.7,35.7,0,0,1,26.37,10.82q9.18,9.36,9.18,27.53v69.45h-26V477.8q0-18.26-1.74-24.73c-1.15-4.31-3.14-7.53-5.94-9.65a16.64,16.64,0,0,0-10.38-3.19,19.56,19.56,0,0,0-13.76,5.31q-5.76,5.31-8,14.49-1.15,4.73-1.16,21.64v42.21H357.59Z"/><path class="cls-1" d="M593.36,479H508.65q1.83,11.21,9.8,17.82t20.34,6.62a35.11,35.11,0,0,0,25.4-10.34l22.22,10.44a52.58,52.58,0,0,1-19.9,17.43q-11.6,5.66-27.53,5.65-24.74,0-40.28-15.6t-15.55-39.07q0-24,15.5-39.94t38.88-15.89q24.83,0,40.38,15.89t15.55,42ZM567,458.19a26.5,26.5,0,0,0-10.3-14.29,29.9,29.9,0,0,0-17.86-5.51,31.53,31.53,0,0,0-19.35,6.19q-5.22,3.85-9.67,13.61Z"/><path class="cls-1" d="M626.58,418.79h26.36v10.77q9-7.57,16.26-10.52a39.28,39.28,0,0,1,14.9-3A36.07,36.07,0,0,1,710.62,427q9.17,9.28,9.17,27.44v69.45H693.71v-46q0-18.83-1.69-25a17.08,17.08,0,0,0-5.88-9.41,16.48,16.48,0,0,0-10.36-3.23,19.41,19.41,0,0,0-13.73,5.35q-5.73,5.35-7.95,14.81-1.15,4.92-1.16,21.32v42.17H626.58Z"/><path class="cls-1" d="M760.34,380.05h26.37v38.74h15.65v22.69H786.71v82.4H760.34v-82.4H746.82V418.79h13.52Z"/><path class="cls-1" d="M838.62,375.51a16.14,16.14,0,0,1,11.89,5,16.68,16.68,0,0,1,5,12.17,16.45,16.45,0,0,1-4.91,12,15.92,15.92,0,0,1-11.75,5,16.17,16.17,0,0,1-12-5.08,16.93,16.93,0,0,1-5-12.31,16.8,16.8,0,0,1,16.76-16.81Z"/><rect class="cls-1" x="825.43" y="418.79" width="26.37" height="105.09"/><path class="cls-1" d="M887.82,378.22h26.37v83.89L953,418.79h33.12l-45.27,50.36,50.68,54.73H958.82l-44.63-48.44v48.44H887.82Z"/><rect class="cls-1" x="466.5" y="78.74" width="16.65" height="47.58"/><rect class="cls-1" x="509.81" y="76.74" width="16.65" height="37.21"/><path class="cls-1" d="M267.09,131.08a60.71,60.71,0,0,0-53.36,31.83H242c12.5-10.78,30.66-13.93,43.79,0h29.89C304,147.14,286.47,131.08,267.09,131.08Z"/><path class="cls-1" d="M307.42,191.62c-38.94,81.44-107.21,12-65.47-28.71H213.73c-22.16,38.61,8.46,90.67,53.36,89.49,34.72,0,63.39-51.54,63.39-60.66,0-4-5.6-16.34-14.85-28.83H285.74C295.65,171.9,304.29,185,307.42,191.62Zm1-2.37Z"/><path class="cls-1" d="M682.22,78.16v215a74.83,74.83,0,0,1-74.75,74.74H575.75V294.7H424.25v73.2H392.53a74.83,74.83,0,0,1-74.75-74.74V225.55H558V96.24H442v72.65H317.78V78.16a71.49,71.49,0,0,1,.51-8.58,73.9,73.9,0,0,1,1.84-10.07c.28-1.06.59-2.12.9-3.15a6.08,6.08,0,0,1,.25-.79c.17-.53.33-1,.5-1.53s.37-1,.56-1.54.42-1.15.64-1.71.48-1.11.7-1.67a76.7,76.7,0,0,1,6.79-12.61l.09-.11c.67-1,1.37-2,2.09-2.94.62-.81,1.23-1.59,1.85-2.37s1.48-1.76,2.24-2.6,1.48-1.65,2.26-2.43l.08-.09c.39-.44.81-.84,1.26-1.26a75.74,75.74,0,0,1,8.89-7.43c.84-.62,1.73-1.2,2.63-1.79s2-1.26,3-1.87c2-1.15,4-2.21,6-3.16.65-.31,1.32-.62,2-.89a69.57,69.57,0,0,1,8.75-3.16c1.15-.34,2.29-.65,3.47-.93.55-.14,1.11-.28,1.7-.39a76.61,76.61,0,0,1,10.12-1.48l1.48-.08c.25,0,.48,0,.73,0,1.11-.06,2.26-.08,3.41-.08H607.47c1.15,0,2.3,0,3.41.08.25,0,.48,0,.73,0l1.48.08a76.61,76.61,0,0,1,10.12,1.48c.59.11,1.15.25,1.7.39,1.18.28,2.32.59,3.47.93a69.57,69.57,0,0,1,8.75,3.16c.64.27,1.31.58,2,.89,2.06.95,4,2,6,3.16,1,.61,2,1.23,3,1.87s1.79,1.17,2.63,1.79A74.72,74.72,0,0,1,661,26.06c.78.78,1.54,1.59,2.26,2.43s1.51,1.73,2.24,2.6,1.23,1.56,1.85,2.37c.72,1,1.42,2,2.09,2.94l.09.11a76.7,76.7,0,0,1,6.79,12.61c.22.56.47,1.11.7,1.67s.42,1.12.64,1.71.39,1,.56,1.54.33,1,.5,1.53a6.08,6.08,0,0,1,.25.79c.31,1,.62,2.09.9,3.15a73.9,73.9,0,0,1,1.84,10.07A71.49,71.49,0,0,1,682.22,78.16Z"/><path class="cls-1" d="M669.52,36.51h-339a74.73,74.73,0,0,1,62-33.08h215A74.73,74.73,0,0,1,669.52,36.51Z"/><path class="cls-1" d="M681.74,69.59H318.26a73.92,73.92,0,0,1,12.22-33.08h339A73.92,73.92,0,0,1,681.74,69.59Z"/><path class="cls-1" d="M682.24,78.16v24.51H558V96.24H442v6.43H317.76V78.16a71.5,71.5,0,0,1,.5-8.58H681.74A71.5,71.5,0,0,1,682.24,78.16Z"/><rect class="cls-1" x="317.76" y="102.67" width="124.27" height="33.09"/><rect class="cls-1" x="557.97" y="102.67" width="124.27" height="33.09"/><rect class="cls-1" x="317.76" y="135.77" width="124.27" height="33.07"/><rect class="cls-1" x="557.97" y="135.77" width="124.27" height="33.07"/></svg>
\ No newline at end of file
diff --git a/apps/frontend/src/app/layout.tsx b/apps/frontend/src/app/layout.tsx
index 4ad10d90..b932d3ac 100644
--- a/apps/frontend/src/app/layout.tsx
+++ b/apps/frontend/src/app/layout.tsx
@@ -39,6 +39,7 @@ export default async function AppLayout({ children }: { children: ReactNode }) {
           discordUrl={process.env.NEXT_PUBLIC_DISCORD_SUPPORT!}
           frontEndUrl={process.env.FRONTEND_URL!}
           isGeneral={!!process.env.IS_GENERAL}
+          authentikOIDC={!!process.env.AUTHENTIK_OIDC}
           uploadDirectory={process.env.NEXT_PUBLIC_UPLOAD_STATIC_DIRECTORY!}
           tolt={process.env.NEXT_PUBLIC_TOLT!}
           facebookPixel={process.env.NEXT_PUBLIC_FACEBOOK_PIXEL!}
diff --git a/apps/frontend/src/components/auth/login.tsx b/apps/frontend/src/components/auth/login.tsx
index b4024b50..9e52e429 100644
--- a/apps/frontend/src/components/auth/login.tsx
+++ b/apps/frontend/src/components/auth/login.tsx
@@ -9,6 +9,7 @@ import { useMemo, useState } from 'react';
 import { classValidatorResolver } from '@hookform/resolvers/class-validator';
 import { LoginUserDto } from '@gitroom/nestjs-libraries/dtos/auth/login.user.dto';
 import { GithubProvider } from '@gitroom/frontend/components/auth/providers/github.provider';
+import { AuthentikProvider } from '@gitroom/frontend/components/auth/providers/authentik.provider';
 import interClass from '@gitroom/react/helpers/inter.font';
 import { GoogleProvider } from '@gitroom/frontend/components/auth/providers/google.provider';
 import { useVariables } from '@gitroom/react/helpers/variable.context';
@@ -25,6 +26,7 @@ type Inputs = {
 export function Login() {
   const [loading, setLoading] = useState(false);
   const { isGeneral, neynarClientId, billingEnabled } = useVariables();
+  const { isGeneral, neynarClientId, authentikOIDC } = useVariables();
   const resolver = useMemo(() => {
     return classValidatorResolver(LoginUserDto);
   }, []);
@@ -63,8 +65,9 @@ export function Login() {
             Sign In
           </h1>
         </div>
-
-        {!isGeneral ? (
+        {isGeneral && authentikOIDC ? (
+          <AuthentikProvider />
+        ) : !isGeneral ? (
           <GithubProvider />
         ) : (
           <div className="gap-[5px] flex flex-col">
diff --git a/apps/frontend/src/components/auth/providers/authentik.provider.tsx b/apps/frontend/src/components/auth/providers/authentik.provider.tsx
new file mode 100644
index 00000000..985825ad
--- /dev/null
+++ b/apps/frontend/src/components/auth/providers/authentik.provider.tsx
@@ -0,0 +1,40 @@
+import { useCallback } from 'react';
+import Image from 'next/image';
+import { useFetch } from '@gitroom/helpers/utils/custom.fetch';
+import interClass from '@gitroom/react/helpers/inter.font';
+
+export const AuthentikProvider = () => {
+  const fetch = useFetch();
+
+  const gotoLogin = useCallback(async () => {
+    try {
+      const response = await fetch('/auth/oauth/AUTHENTIK');
+      if (!response.ok) {
+        throw new Error(
+          `Login link request failed with status ${response.status}`
+        );
+      }
+      const link = await response.text();
+      window.location.href = link;
+    } catch (error) {
+      console.error('Failed to get Authentik login link:', error);
+    }
+  }, []);
+
+  return (
+    <div
+      onClick={gotoLogin}
+      className={`cursor-pointer bg-white h-[44px] rounded-[4px] flex justify-center items-center text-customColor16 ${interClass} gap-[4px]`}
+    >
+      <div>
+        <Image
+          src="/icons/authentik.svg"
+          alt="Authentik"
+          width={40}
+          height={40}
+        />
+      </div>
+      <div>Sign in with Authentik </div>
+    </div>
+  );
+};
diff --git a/apps/frontend/src/middleware.ts b/apps/frontend/src/middleware.ts
index 800e3d8c..01aae290 100644
--- a/apps/frontend/src/middleware.ts
+++ b/apps/frontend/src/middleware.ts
@@ -44,7 +44,9 @@ export async function middleware(request: NextRequest) {
       ? ''
       : (url.indexOf('?') > -1 ? '&' : '?') +
         `provider=${(findIndex === 'settings'
-          ? 'github'
+          ? process.env.AUTHENTIK_OIDC
+            ? 'authentik'
+            : 'github'
           : findIndex
         ).toUpperCase()}`;
     return NextResponse.redirect(
diff --git a/libraries/nestjs-libraries/src/database/prisma/schema.prisma b/libraries/nestjs-libraries/src/database/prisma/schema.prisma
index 9969893a..ae7fe520 100644
--- a/libraries/nestjs-libraries/src/database/prisma/schema.prisma
+++ b/libraries/nestjs-libraries/src/database/prisma/schema.prisma
@@ -636,6 +636,7 @@ enum Provider {
   GOOGLE
   FARCASTER
   WALLET
+  AUTHENTIK
 }
 
 enum Role {
@@ -648,4 +649,4 @@ enum APPROVED_SUBMIT_FOR_ORDER {
   NO
   WAITING_CONFIRMATION
   YES
-}
\ No newline at end of file
+}
diff --git a/libraries/react-shared-libraries/src/helpers/variable.context.tsx b/libraries/react-shared-libraries/src/helpers/variable.context.tsx
index 48cb85f5..bf2ae9a3 100644
--- a/libraries/react-shared-libraries/src/helpers/variable.context.tsx
+++ b/libraries/react-shared-libraries/src/helpers/variable.context.tsx
@@ -5,9 +5,10 @@ import { createContext, FC, ReactNode, useContext, useEffect } from 'react';
 interface VariableContextInterface {
   billingEnabled: boolean;
   isGeneral: boolean;
+  authentikOIDC: boolean;
   frontEndUrl: string;
   plontoKey: string;
-  storageProvider: 'local' | 'cloudflare',
+  storageProvider: 'local' | 'cloudflare';
   backendUrl: string;
   discordUrl: string;
   uploadDirectory: string;
@@ -20,6 +21,7 @@ interface VariableContextInterface {
 const VariableContext = createContext({
   billingEnabled: false,
   isGeneral: true,
+  authentikOIDC: false,
   frontEndUrl: '',
   storageProvider: 'local',
   plontoKey: '',
@@ -52,9 +54,9 @@ export const VariableContextComponent: FC<
 
 export const useVariables = () => {
   return useContext(VariableContext);
-}
+};
 
 export const loadVars = () => {
   // @ts-ignore
   return window.vars as VariableContextInterface;
-}
+};