diff --git a/Netgrimoire/Audits/authentik-2026-04-13.md b/Netgrimoire/Audits/authentik-2026-04-13.md
new file mode 100644
index 0000000..0011629
--- /dev/null
+++ b/Netgrimoire/Audits/authentik-2026-04-13.md
@@ -0,0 +1,48 @@
+---
+title: Audit - authentik.yaml
+description: Gremlin audit report 2026-04-13
+published: true
+date: 2026-04-13T11:06:05.332Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-13T11:06:05.332Z
+---
+
+# Audit Report — authentik.yaml
+
+**Date:** 2026-04-13  
+**File:** swarm/authentik.yaml  
+**Type:** Docker Swarm  
+**Verdict:** PASS
+
+---
+
+### SWARM AUDIT REPORT
+
+1. **Homepage Labels**:
+   - `homepage.group`: Passed (Management)
+   - `homepage.name`: Passed (Authentik)
+   - `homepage.icon`: Passed (authentik.png)
+   - `homepage.href`: Passed (https://auth.netgrimoire.com)
+   - `homepage.description`: Passed (Account Manager)
+
+2. **Uptime Kuma Labels**:
+   - Not applicable as there are no Uptime Kuma services in this configuration.
+
+3. **Caddy Labels on Exposed Services**:
+   - `caddy=auth.netgrimoire.com` and `caddy.reverse_proxy="{{upstreams 9000}}"`: Passed (Authentik service)
+
+4. **Placement Constraints**:
+   - All services have a placement constraint `node.hostname == znas`: Passed
+
+5. **Volumes Use /DockerVol/<service> Path Convention**:
+   - `postgresql` volume: Passed (/DockerVol/Authentik/Postgres)
+   - `redis` volume: Passed (/DockerVol/Authentik/redis)
+   - `authentik` volumes: Passed (/DockerVol/Authentik/media, /DockerVol/Authentik/custom-templates)
+   - `worker` volumes: Passed (/DockerVol/Authentik/media, /DockerVol/Authentik/certs, /DockerVol/Authentik/custom-templates)
+
+6. **Network References External netgrimoire Overlay**:
+   - Both services reference the external `netgrimoire` network: Passed
+
+### VERDICT
+PASS
\ No newline at end of file