diff --git a/Caddyfile b/Caddyfile
index 787baa9..6c2d6f7 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -1,3 +1,16 @@
+(authentik) {
+	# Always forward outpost path to actual outpost
+	reverse_proxy /outpost.goauthentik.io/* http://authentik:9000
+
+	# Forward authentication to outpost
+	forward_auth http://authentik:9000 {
+		uri /outpost.goauthentik.io/auth/caddy
+
+		# Capitalization of the headers is important, otherwise they will be empty
+		copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version
+	}
+}
+
 dns.netgrimoire.com {
     reverse_proxy 192.168.5.7:53443 
  }
\ No newline at end of file