diff --git a/authentik/admin/api/version.py b/authentik/admin/api/version.py
index d09487e9de..3985bef9b0 100644
--- a/authentik/admin/api/version.py
+++ b/authentik/admin/api/version.py
@@ -39,7 +39,7 @@ class VersionSerializer(PassiveSerializer):
             return __version__
         return version_in_cache
 
-    def get_version_latest_valid(self, _) -> str:
+    def get_version_latest_valid(self, _) -> bool:
         """Check if latest version is valid"""
         return cache.get(VERSION_CACHE_KEY) != VERSION_NULL
 
diff --git a/schema.yml b/schema.yml
index a14f542873..be2ea52f80 100644
--- a/schema.yml
+++ b/schema.yml
@@ -45615,7 +45615,7 @@ components:
           description: Get latest version from cache
           readOnly: true
         version_latest_valid:
-          type: string
+          type: boolean
           description: Check if latest version is valid
           readOnly: true
         build_hash:
diff --git a/website/docs/core/settings.md b/website/docs/core/settings.md
new file mode 100644
index 0000000000..113272276f
--- /dev/null
+++ b/website/docs/core/settings.md
@@ -0,0 +1,60 @@
+---
+title: System Settings
+---
+
+These settings are similar to the configuration options listed [here](../installation/configuration.mdx), however they can only be adjusted through the authentik Admin interface or API.
+
+### Avatars
+
+Configure how authentik should show avatars for users. Following values can be set:
+
+Default: `gravatar,initials`
+
+-   `none`: Disables per-user avatars and just shows a 1x1 pixel transparent picture
+-   `gravatar`: Uses gravatar with the user's email address
+-   `initials`: Generated avatars based on the user's name
+-   Any URL: If you want to use images hosted on another server, you can set any URL.
+
+    Additionally, these placeholders can be used:
+
+    -   `%(username)s`: The user's username
+    -   `%(mail_hash)s`: The email address, md5 hashed
+    -   `%(upn)s`: The user's UPN, if set (otherwise an empty string)
+
+You can also use an attribute path like `attributes.something.avatar`, which can be used in combination with the file field to allow users to upload custom avatars for themselves.
+
+Multiple modes can be set, and authentik will fallback to the next mode when no avatar could be found. For example, setting this to `gravatar,initials` will attempt to get an avatar from Gravatar, and if the user has not configured on there, it will fallback to a generated avatar.
+
+### Allow users to change name
+
+Enable the ability for users to change their name, defaults to `true`.
+
+### Allow users to change email
+
+Enable the ability for users to change their Email address, defaults to `false`.
+
+### Allow users to change username
+
+Enable the ability for users to change their Usernames, defaults to `false`.
+
+### Event retention
+
+Configure how long [Events](../events/index.md) are retained for within authentik. Default value is `days=365`. When forwarding events to an external application, this value can be decreased. When changing this value, only new events are affected.
+
+### Footer links
+
+This option configures the footer links on the flow executor pages.
+
+The setting can be used as follows:
+
+```json
+[{ "name": "Link Name", "href": "https://goauthentik.io" }]
+```
+
+### GDPR compliance
+
+When enabled, all the events caused by a user will be deleted upon the user's deletion. Defaults to `true`.
+
+### Impersonation
+
+Globally enable/disable impersonation. Defaults to `true`.
diff --git a/website/docs/releases/2023/v2023.2.md b/website/docs/releases/2023/v2023.2.md
index 963dbf4387..3de017157b 100644
--- a/website/docs/releases/2023/v2023.2.md
+++ b/website/docs/releases/2023/v2023.2.md
@@ -21,7 +21,7 @@ slug: "/releases/2023.2"
 
 -   Generated avatars, multiple avatar modes
 
-    authentik now supports multiple avatar modes, and will use the next configured mode when a mode doesn't have an avatar. For example, the new default configuration attempts to use gravatar, but if the user's email does not have a gravatar setup, it will instead use the new generated avatars. See [Configuration](../../installation/configuration.mdx#authentik_avatars)
+    authentik now supports multiple avatar modes, and will use the next configured mode when a mode doesn't have an avatar. For example, the new default configuration attempts to use gravatar, but if the user's email does not have a gravatar setup, it will instead use the new generated avatars. See [Configuration](../../core/settings.md#avatars)
 
 ## Upgrading
 
diff --git a/website/docusaurus.config.ts b/website/docusaurus.config.ts
index 43a09dffef..1be31ff6c4 100644
--- a/website/docusaurus.config.ts
+++ b/website/docusaurus.config.ts
@@ -11,6 +11,7 @@ module.exports = async function (): Promise<Config> {
         url: "https://docs.goauthentik.io",
         baseUrl: "/",
         onBrokenLinks: "throw",
+        onBrokenAnchors: "throw",
         favicon: "img/icon.png",
         organizationName: "Authentik Security Inc.",
         projectName: "authentik",
diff --git a/website/integrations/services/nextcloud/index.md b/website/integrations/services/nextcloud/index.md
index c26682501f..d4190403a2 100644
--- a/website/integrations/services/nextcloud/index.md
+++ b/website/integrations/services/nextcloud/index.md
@@ -98,7 +98,7 @@ Create a provider for Nextcloud. In the Admin Interface, go to _Applications_ ->
         -   `Nextcloud Profile` (or `authentik default Oauth Mapping profile` if you skipped the [custom profile scope](#custom-profile-scope) section)
     -   Subject mode: Based on the User's UUID
         :::danger
-        Nextcloud will use the UUID as username. However, mapping the subject mode to authentik usernames is **not recommended** due to their mutable nature. This can lead to security issues such as user impersonation. If you still wish to map the subject mode to an username, [disable username changing](../../../docs/installation/configuration#authentik_default_user_change_username) in authentik and set this to `Based on the User's username`.
+        Nextcloud will use the UUID as username. However, mapping the subject mode to authentik usernames is **not recommended** due to their mutable nature. This can lead to security issues such as user impersonation. If you still wish to map the subject mode to an username, [disable username changing](../../../docs/core/settings#allow-users-to-change-username) in authentik and set this to `Based on the User's username`.
         :::
     -   Include claims in ID token: ✔️
 
@@ -233,7 +233,7 @@ Set the following values:
 
 -   Attribute to map the UID to: `http://schemas.goauthentik.io/2021/02/saml/uid`
     :::danger
-    Nextcloud uses the UID attribute as username. However, mapping it to authentik usernames is **not recommended** due to their mutable nature. This can lead to security issues such as user impersonation. If you still wish to map the UID to an username, [disable username changing](../../../docs/installation/configuration#authentik_default_user_change_username) in authentik and set the UID attribute to "http://schemas.goauthentik.io/2021/02/saml/username".
+    Nextcloud uses the UID attribute as username. However, mapping it to authentik usernames is **not recommended** due to their mutable nature. This can lead to security issues such as user impersonation. If you still wish to map the UID to an username, [disable username changing](../../../docs/core/settings#allow-users-to-change-username) in authentik and set the UID attribute to "http://schemas.goauthentik.io/2021/02/saml/username".
     :::
 -   Optional display name of the identity provider (default: "SSO & SAML log in"): `authentik`
 -   Identifier of the IdP entity (must be a URI): `https://authentik.company`
diff --git a/website/integrations/sources/google/index.md b/website/integrations/sources/google/index.md
index 188e95ef4d..0dc442e2a2 100644
--- a/website/integrations/sources/google/index.md
+++ b/website/integrations/sources/google/index.md
@@ -99,4 +99,4 @@ return False
 
 Afterwards, edit the source's enrollment flow (by default _default-source-enrollment_), expand the policies bound to the first stage (_default-source-enrollment-prompt_), and bind the policy created above. Make sure the newly created policy comes before _default-source-enrollment-if-username_. Afterwards, any new logins will automatically have their google email address used as their username.
 
-This can be combined with disallowing users from changing their usernames, see [Configuration](../../../docs/installation/configuration#authentik_default_user_change_username).
+This can be combined with disallowing users from changing their usernames, see [Configuration](../../../docs/core/settings#allow-users-to-change-username).
diff --git a/website/sidebars.js b/website/sidebars.js
index 34cb43d87f..c0256421cb 100644
--- a/website/sidebars.js
+++ b/website/sidebars.js
@@ -40,6 +40,7 @@ const docsSidebar = {
                 "core/certificates",
                 "core/geoip",
                 "core/architecture",
+                "core/settings",
             ],
         },
         {
diff --git a/website/static/img/landing_login_card.png b/website/static/img/landing_login_card.png
deleted file mode 100644
index b070b60744..0000000000
Binary files a/website/static/img/landing_login_card.png and /dev/null differ
diff --git a/website/static/img/landing_screen_admin_dark.jpg b/website/static/img/landing_screen_admin_dark.jpg
deleted file mode 100644
index f0b8099834..0000000000
Binary files a/website/static/img/landing_screen_admin_dark.jpg and /dev/null differ
diff --git a/website/static/img/landing_screen_admin_light.jpg b/website/static/img/landing_screen_admin_light.jpg
deleted file mode 100644
index 209d000697..0000000000
Binary files a/website/static/img/landing_screen_admin_light.jpg and /dev/null differ
diff --git a/website/static/img/landing_screen_apps_dark.jpg b/website/static/img/landing_screen_apps_dark.jpg
deleted file mode 100644
index 86715724af..0000000000
Binary files a/website/static/img/landing_screen_apps_dark.jpg and /dev/null differ
diff --git a/website/static/img/landing_screen_apps_light.jpg b/website/static/img/landing_screen_apps_light.jpg
deleted file mode 100644
index a2fe6feba5..0000000000
Binary files a/website/static/img/landing_screen_apps_light.jpg and /dev/null differ
diff --git a/website/static/img/screen_admin_dark.jpg b/website/static/img/screen_admin_dark.jpg
index 1b047b2a0e..def47e174c 100644
Binary files a/website/static/img/screen_admin_dark.jpg and b/website/static/img/screen_admin_dark.jpg differ
diff --git a/website/static/img/screen_admin_light.jpg b/website/static/img/screen_admin_light.jpg
index 472502b520..e7a51abeb4 100644
Binary files a/website/static/img/screen_admin_light.jpg and b/website/static/img/screen_admin_light.jpg differ
diff --git a/website/static/img/screen_apps_dark.jpg b/website/static/img/screen_apps_dark.jpg
index 9f7569860d..c6d59dd188 100644
Binary files a/website/static/img/screen_apps_dark.jpg and b/website/static/img/screen_apps_dark.jpg differ
diff --git a/website/static/img/screen_apps_light.jpg b/website/static/img/screen_apps_light.jpg
index dfa28df848..325e5660fe 100644
Binary files a/website/static/img/screen_apps_light.jpg and b/website/static/img/screen_apps_light.jpg differ
diff --git a/website/static/img/screen_flow_dark.jpg b/website/static/img/screen_flow_dark.jpg
index e1a4085a50..c38ed2ebe1 100644
Binary files a/website/static/img/screen_flow_dark.jpg and b/website/static/img/screen_flow_dark.jpg differ
diff --git a/website/static/img/screen_flow_light.jpg b/website/static/img/screen_flow_light.jpg
index 451f56e931..42b98a95cd 100644
Binary files a/website/static/img/screen_flow_light.jpg and b/website/static/img/screen_flow_light.jpg differ