habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

website: bump prettier from 3.5.3 to 3.6.0 in /website (#15199)

Browse Source 
* website: bump prettier from 3.5.3 to 3.6.0 in /website

Bumps [prettier](https://github.com/prettier/prettier) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/3.5.3...3.6.0)

---
updated-dependencies:
- dependency-name: prettier
  dependency-version: 3.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
dependabot[bot]
2025-06-23 21:29:14 +02:00
committed by GitHub
parent 0c73572b0c
commit 0b6ab171ce
94 changed files with 5 additions and 5131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
website/docs/add-secure-apps/applications/manage_apps.mdx
View File

@ -13,7 +13,6 @@ To add an application to authentik and have it display on users' **My applicatio
2. Navigate to **Applications -> Applications** and click **Create with Provider** to create an application and provider pair. (Alternatively you can create only an application, without a provider, by clicking **Create.)**
3. In the **New application** box, define the application details, the provider type and configuration settings, and bindings for the application.
- **Application**: provide a name, an optional group for the type of application, the policy engine mode, and optional UI settings.
- **Choose a Provider**: select the provider types for this application.

1
website/docs/add-secure-apps/flows-stages/flow/index.md
View File

@ -77,7 +77,6 @@ import Defaultflowlist from "../flow/flow_list/\_defaultflowlist.mdx";
When the compatibility mode is enabled, authentik uses a polyfill which emulates the Shadow DOM APIs without actually using the feature, and instead a traditional DOM is rendered. This increases support for password managers, especially on mobile devices.
- **Denied action**: Configure what happens when access to a flow is denied by a policy. By default, authentik will redirect to a `?next` parameter if set, and otherwise show an error message.
- `MESSAGE_CONTINUE`: Show a message if no `?next` parameter is set, otherwise redirect.
- `MESSAGE`: Always show error message.
- `CONTINUE`: Always redirect, either to `?next` if set, otherwise to the default interface.

4
website/docs/add-secure-apps/flows-stages/stages/authenticator_email/index.md
View File

@ -16,17 +16,14 @@ To use the Email Authenticator Setup stage in a flow, follow these steps:
1. [Create](../../flow/index.md#create-a-custom-flow) a new flow or edit an existing one.
2. On the flow's **Stage Bindings** tab, click **Create and bind stage** to create and add the Email Authenticator Setup stage. (If the stage already exists, click **Bind existing stage**.)
3. Configure the stage settings as described below.
- **Name**: provide a descriptive name, such as Email Authenticator Setup.
- **Authenticator type name**: define the display name for this stage.
- **Use global connection settings**: the stage can be configured in two ways: global settings or stage-specific settings.
- Enable (toggle on) the **Use global connection settings** option to use authentik's global email configuration. Note that you must already have configured your environment variables to use the global settings. See instructions for [Docker Compose](../../../../install-config/install/docker-compose#email-configuration-optional-but-recommended) and for [Kubernetes](../../../../install-config/install/kubernetes#optional-step-configure-global-email-credentials).
- If you need different email settings for this stage, disable (toggle off) **Use global connection settings** and configure the following options:
- **Connection settings**:
- **SMTP Host**: SMTP server hostname (default: localhost)
- **SMTP Port**: SMTP server port number(default: 25)
- **SMTP Username**: SMTP authentication username (optional)
@ -37,7 +34,6 @@ To use the Email Authenticator Setup stage in a flow, follow these steps:
- **From Address**: Email address that messages are sent from (default: system@authentik.local)
- **Stage-specific settings**:
- **Subject**: Email subject line (default: "authentik Sign-in code")
- **Token Expiration**: Time in minutes that the sent token is valid (default: 30)
- **Configuration flow**: select the flow to which you are binding this stage.

2
website/docs/add-secure-apps/flows-stages/stages/authenticator_endpoint_gdtc/index.md
View File

@ -65,11 +65,9 @@ For detailed instructions, refer to Google documentation.
2. In the Admin interface, navigate to **Flows -> Stages**.
3. Click **Create**, and select **Endpoint Authenticator Google Device Trust Connector Stage**, and in the **New stage** box, define the following fields:
- **Name**: define a descriptive name, such as "chrome-device-trust".
- **Google Verified Access API**
- **Credentials**: paste the contents of the JSON file (the key) that you downloaded earlier.
4. Click **Finish**.

3
website/docs/add-secure-apps/flows-stages/stages/mtls/index.md
View File

@ -105,13 +105,10 @@ When using authentik without a reverse proxy, select the certificate authorities
4. In the Admin interface, navigate to **Flows -> Stages**.
5. Click **Create**, and select **Mutual TLS Stage**, and in the **New stage** box, define the following fields:
- **Name**: define a descriptive name, such as "chrome-device-trust".
- **Stage-specific settings**
- **Mode**: Configure the mode this stage operates in.
- **Certificate optional**: When no certificate is provided by the user or the reverse proxy, the flow will continue to the next stage.
- **Certificate required**: When no certificate is provided, the flow ends with an error message.

1
website/docs/add-secure-apps/flows-stages/stages/user_login/index.md
View File

@ -21,7 +21,6 @@ When creating or editing this stage in the UI of the Admin interface, you can se
:::
You can set the session to expire after any duration using the syntax of `hours=1,minutes=2,seconds=3`. The following keys are allowed:
- Microseconds
- Milliseconds
- Seconds

2
website/docs/add-secure-apps/outposts/integrations/docker.md
View File

@ -17,11 +17,9 @@ The following outpost settings are used:
The container is created with the following hardcoded properties:
- Labels
- `io.goauthentik.outpost-uuid`: Used by authentik to identify the container, and to allow for name changes.
Additionally, the proxy outposts have the following extra labels to add themselves into Traefik automatically.
- `traefik.enable`: "true"
- `traefik.http.routers.ak-outpost-<outpost-name>-router.rule`: `Host(...)`
- `traefik.http.routers.ak-outpost-<outpost-name>-router.service`: `ak-outpost-<outpost-name>-service`

3
website/docs/add-secure-apps/providers/entra/add-entra-provider.md
View File

@ -19,11 +19,9 @@ As detailed in the steps below, when you add an Entra ID provider in authentik y
2. In the Admin interface, navigate to **Applications -> Providers**.
3. Click **Create**, and in the **New provider** box select **Microsoft Entra Provider** as the type and click **Next**.
4. Define the following fields:
- **Name**: define a descriptive name, such as "Entra provider".
- **Protocol settings**
- **Client ID**: enter the Client ID that you [copied from your Entra app](./setup-entra.md).
- **Client Secret**: enter the secret from Entra.
- **Tenant ID**: enter the Tenant ID from Entra.
@ -47,7 +45,6 @@ As detailed in the steps below, when you add an Entra ID provider in authentik y
1. Log in as an admin to authentik, and go to the Admin interface.
2. In the Admin interface, navigate to **Applications -> Applications**.
3. Click **Create**, and define the following fields:
- **Name**: provide a descriptive name.
- **Slug**: enter the name of the app as you want it to appear in the URL.
- **Group**: optionally, chose a group; apps in the same group are displayed together on the **My applications** page.

5
website/docs/add-secure-apps/providers/gws/add-gws-provider.md
View File

@ -20,11 +20,9 @@ When adding the Google Workspace provider in authentik, you must define the **Ba
2. In the Admin interface, navigate to **Applications -> Providers**.
3. Click **Create**, and select **Google Workspace Provider**, and in the **New provider** box, define the following fields:
- **Name**: define a descriptive name, such as "GWS provider".
- **Protocol settings**
- **Credentials**: paste the contents of the JSON file you downloaded earlier.
- **Delegated Subject**: enter the email address of the user all of authentik's actions should be delegated to
- **Default group email domain**: enter a default domain which will be used to generate the domain for groups synced from authentik.
@ -32,12 +30,10 @@ When adding the Google Workspace provider in authentik, you must define the **Ba
- **Group deletion action**: determines what authentik will do when a group is deleted from authentik.
- **User filtering**
- **Exclude service accounts**: set whether to include or exclude service accounts.
- **Group**: select any specific groups to enforce that filtering (for all actions) is done only for the selected groups.
- **Attribute mapping**
- **User Property Mappings**: select any applicable mappings, or use the default.
- **Group Property Mappings**: select any applicable mappings, or use the default.
@ -51,7 +47,6 @@ When adding the Google Workspace provider in authentik, you must define the **Ba
If you have also configured Google Workspace to log in using authentik following [these](https://docs.goauthentik.io/integrations/services/google/index), then this configuration can be done on the same app by adding this new provider as a backchannel provider on the existing app instead of creating a new app.
:::
3. Click **Create**, and in the **New provider** box, and define the following fields:
- **Slug**: enter the name of the app as you want it to appear in the URL.
- **Provider**: when _not_ used in conjunction with the Google SAML configuration should be left empty.
- **Backchannel Providers**: this field is required for Google Workspace. Select the name of the Google Workspace provider that you created in the steps above.

2
website/docs/add-secure-apps/providers/rac/how-to-rac.md
View File

@ -36,7 +36,6 @@ Next, you need to add property mappings for each remote machine you want to acce
1. Log in to authentik as an administrator and open the authentik Admin interface.
2. Navigate to **Customization > Property Mappings** and click **Create**.
- **Select Type**: RAC Property Mappings
- **Create RAC Property Mapping**:
- **Name**s: define a name for the property mapping, perhaps include the type of connection (RDP, SSH, VNC)
@ -61,7 +60,6 @@ Finally, you need to create an endpoint for each remote machine. Endpoints are d
2. Navigate to **Applications > Providers**.
3. Click the **Edit** button on the RAC provider that you previously created.
4. On the Provider page, under **Endpoints**, click **Create**, and provide the following settings:
- **Name**: define a name for the endpoint, perhaps include the type of connection (RDP, SSH, VNC).
- **Protocol**: select the appropriate protocol.
- **Host**: enter the host name or IP address of the remote machine.

2
website/docs/add-secure-apps/providers/rac/rac-public-key.md
View File

@ -53,7 +53,6 @@ SSH private keys can be configured via several methods:
1. Log in to authentik as an administrator, and open the authentik Admin interface.
2. Navigate to **Customization** > **Property Mappings** and click **Create**, then create a **RAC Provider Property Mapping** with the following settings:
- **Name**: Choose a descriptive name
- Under **Advanced Settings**:
- **Expression**:
@ -82,7 +81,6 @@ SSH private keys can be configured via several methods:
1. Log in to authentik as an administrator, and open the authentik Admin interface.
2. Navigate to **Customization** > **Property Mappings** and click **Create**. Create a **RAC Provider Property Mapping** with the following settings:
- **Name**: Choose a descriptive name
- Under **Advanced Settings**:
- **Expression**:

1
website/docs/add-secure-apps/providers/ssf/create-ssf-provider.md
View File

@ -43,7 +43,6 @@ The workflow to implement an SSF provider as a [backchannel provider](../../appl
2. Click **Create**.
3. Define the settings for the application:
- **Name**: define a descriptive name of the application.
- **Slug**: optionally define the internal application name used in URLs.
- **Group**: optionally select a group that you want to have access to this application.

5
website/docs/customize/policies/expression.mdx
View File

@ -53,7 +53,6 @@ import Objects from "../../expressions/_objects.md";
<Objects />
- `request`: A PolicyRequest object, which has the following properties:
- `request.user`: The current user, against which the policy is applied. See [User](../../users-sources/user/index.mdx)
:::caution
@ -71,7 +70,6 @@ import Objects from "../../expressions/_objects.md";
:::info
For basic country matching, consider using a [GeoIP policy](./index.md#geoip-policy).
:::
- `continent`: a two character continent code like `NA` (North America) or `OC` (Oceania).
- `country`: the two character [ISO 3166-1](https://en.wikipedia.org/wiki/ISO_3166-1) alpha code for the country.
- `lat`: the approximate latitude of the location associated with the IP address.
@ -87,7 +85,6 @@ import Objects from "../../expressions/_objects.md";
:::info
For basic ASN matching, consider using a [GeoIP policy](./index.md#geoip-policy).
:::
- `asn`: the autonomous system number associated with the IP address.
- `as_org`: the organization associated with the registered autonomous system number for the IP address.
- `network`: the network associated with the record. In particular, this is the largest network where all of the fields except `ip_address` have the same value.
@ -112,7 +109,6 @@ Additionally, when the policy is executed from a flow, every variable from the f
This includes the following:
- `context['flow_plan']`: The actual flow plan itself, can be used to inject stages.
- `context['flow_plan'].context`: The context of the currently active flow, which differs from the policy context. Some fields of flow plan context are passed to the root context, and updated from it, like 'prompt_data', but not every variable
- `context['flow_plan'].context['redirect']`: The URL the user should be redirected to after the flow execution succeeds. (Optional)
@ -126,7 +122,6 @@ This includes the following:
Depending on method, `context['auth_method_args']` is also set.
Can be any of:
- `password`: Standard password login
- `auth_mfa`: MFA login (this method is only set if no password was used)

7
website/docs/developer-docs/docs/style-guide.mdx
View File

@ -127,7 +127,6 @@ Whether to capitalize after a colon depends on the context. Typically, we do not
- Typically, avoid using the word "may" in technical writing, as it implies permission rather than ability to perform an action. Instead, use **"can"** to suggest possibility.
- **"Might"** should be used to indicate that something could happen under certain conditions, but use it sparingly. It implies unpredictability, which can be undesirable in software documentation.
- **DON'T:** "You may use an Expression policy to enforce MFA adherence."
- **DO:** "You can use an Expression policy to enforce MFA adherence."
- **DO:** "Values might differ depending on the source of the property mappings."
@ -172,16 +171,13 @@ When writing out steps in a procedural topic, avoid starting with "Once...". Ins
- When referring to authentik functionality and features, such as flows, stages, sources, or policies, do not capitalize and do not use bold or italic text. When possible link to the corresponding documentation.
- Use **bold** to highlight:
- UI elements such as field names, labels, buttons, or options (e.g., **Save** button, **Username** field).
- Key actions in instructions (e.g., **Click Next**).
- Use _italic_ for:
- Emphasis, but sparingly, to avoid overuse. For example, you can use italics for important terms or concepts on first mention in a section. Do not use italics to indicate a variable or placeholder; instead use angle brackets as described under [Variables](#variables).
- Use `code formatting` for:
- Commands (e.g., `kubectl get nodes`).
- File paths, file names, and directory names (e.g., `/usr/local/bin/`).
- Inline code snippets (e.g., `.env`).
@ -211,7 +207,6 @@ To clearly indicate terms or values that are placeholders and require user input
### Titles and headers
- Titles and headers (H1, H2, H3) should follow **sentence case capitalization**, meaning only the first word is capitalized, except for proper nouns or product names.
- **DO:** "Configure the Google Workspace provider"
- **DON'T:** "CONFIGURE THE GOOGLE WORKSPACE PROVIDER"
- **DON'T:** "Configure The Google Workspace Provider"
@ -332,7 +327,6 @@ When documenting errors, follow this structure:
```
- **Possible causes**:
- Incorrect username or password.
- Account locked due to multiple failed attempts.
@ -422,7 +416,6 @@ This level is for extremely serious situations, such as an action permanently re
Note: Badges should be defined in the front matter, not in the markdown content. The system will automatically display the appropriate badges based on the front matter metadata.
- **Directives**: You can also use directives in your markdown content to add badges inline:
- `:ak-version[2025.4]` - Shows when a feature was introduced (requires semantic version)
- `:ak-preview` - Indicates preview features
- `:ak-enterprise` - Indicates features in our Enterprise offering

3
website/docs/developer-docs/releases/index.md
View File

@ -13,7 +13,6 @@
- Create/update the release notes
#### For initial releases:
- Copy `website/docs/releases/_template.md` to `website/docs/releases/v2022.12.md` and replace `xxxx.x` with the version that is being released
- Fill in the section of `Breaking changes` and `New features`, or remove the headers if there's nothing applicable
@ -35,7 +34,6 @@
- Run `make website`
#### For subsequent releases:
- Paste the list of commits since the previous release into `website/docs/releases/v2022.12.md`, creating a new section called `## Fixed in 2022.12.2` underneath the `Minor changes/fixes` section
- Run `make gen-changelog` and use the contents of `changelog.md`. Remove merged PRs from bumped dependencies unless they fix security issues or are otherwise notable. Remove merged PRs with the `website/` prefix.
@ -48,7 +46,6 @@
- Push the tag and commit
- A GitHub actions workflow will start to run a last test in container images and create a draft release on GitHub
- Edit the draft GitHub release
- Make sure the title is formatted `Release 2022.12.0`
- Add the following to the release notes

2
website/docs/enterprise/manage-enterprise.mdx
View File

@ -32,7 +32,6 @@ In the Customer Portal you can remove members and invite new members to the orga
2. On the **My organizations** page, click the name of the organization you want to edit membership in.
Your organization page displays.
- To remove a member, scroll down to the **Membership** area and then click **Remove** beside the name of the member.
- To invite a new member, scroll down to the **Pending invitations** area, and enter the email address for the person, select the role, and then click **Invite**.
@ -150,7 +149,6 @@ Billing is based on each individual organization.
3. Click **Manage Billing** in the top left of the page.
On the billing page you can:
- update your account information (address, name, phone number, and tax ID)
- add a payment method
- view your invoice and payment history

2
website/docs/install-config/configuration/configuration.mdx
View File

@ -311,7 +311,6 @@ Disable the inbuilt update-checker. Defaults to `false`.
- `AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE`
Placeholders:
- `%(type)s`: Outpost type; proxy, ldap, etc
- `%(version)s`: Current version; 2021.4.1
- `%(build_hash)s`: Build hash if you're running a beta version
@ -323,7 +322,6 @@ Disable the inbuilt update-checker. Defaults to `false`.
Configure the automatic discovery of integrations. Defaults to `true`.
By default, the following is discovered:
- Kubernetes in-cluster config
- Kubeconfig
- Existence of a docker socket

1
website/docs/releases/2021/v2021.2.md
View File

@ -14,7 +14,6 @@ slug: "/releases/2021.2"
- Improved support for different LDAP Servers
The LDAP source has improved support for non-Active Directory LDAP setups. This includes the following changes:
- Switch to sync membership from groups to users rather than user to group
- Fix users, which were removed from a group in LDAP not being removed from said group
- Add support for LDAP servers which have core fields declared as lists

2
website/docs/releases/2021/v2021.4.md
View File

@ -11,7 +11,6 @@ slug: "/releases/2021.4"
You can now configure if _all_ policies need to pass, or if _any_ policy needs to pass.
This can now be configured for the following objects:
- Applications (access restrictions)
- Sources
- Flows
@ -27,7 +26,6 @@ slug: "/releases/2021.4"
- New UI
While the UI mostly looks the same, under the hood a lot has changed. The Web UI is now a Single-page application based on rollup and lit-html. This has several consequences and new features, for example:
- You can now see a user's OAuth Access/Refresh tokens and the consents they've given
- You can now see a per-object changelog based on the model_create/update/delete events being created.
- A new API Browser is available under `https://authentink.company/api/v2beta/`

1
website/docs/releases/2021/v2021.5.md
View File

@ -41,7 +41,6 @@ This feature is still in technical preview, so please report any Bugs you run in
You can now configure how a source behaves after the user has authenticated themselves to the source. Previously, authentik always checked the unique identifier from the source, enrolled the user when the identifier didn't exist and authenticated the user otherwise.
Now you can configure how the matching should be done:
- Identifier: Keeps the old behaviour, can lead to duplicate user accounts
- Email (link): If a user with the same Email address exists, they are linked. Can have security implications when a source doesn't validate email addresses.
- Email (deny): Deny the flow if the Email address is already used.

1
website/docs/releases/2021/v2021.6.md
View File

@ -16,7 +16,6 @@ slug: "/releases/2021.6"
This version adds soft multi-tenancy. This means you can configure different branding settings and different default flows per domain.
This also changes how a default flow is determined. Previously, for defaults flow, authentik would pick the first flow that
- matches the required designation
- comes first sorted by slug
- is allowed by policies

2
website/docs/releases/2022/v2022.1.md
View File

@ -16,7 +16,6 @@ This release mostly removes legacy fields and features that have been deprecated
This release consolidates headers sent by authentik to have a common prefix.
The following headers have been removed:
- X-Auth-Username, use `X-authentik-username`
- X-Auth-Groups, use `X-authentik-groups`
- X-Forwarded-Email, use `X-authentik-email`
@ -34,7 +33,6 @@ This release mostly removes legacy fields and features that have been deprecated
- Backup:
The integrated backup has been deprecated for the following reasons:
- Difficulty with restores not working properly
- Inflexible configuration (fixed retention, limited to once a day, only S3 supported)
- Most users will already have an existing backup infrastructure

399
website/docs/releases/2022/v2022.10.md
View File

File diff suppressed because it is too large Load Diff

91
website/docs/releases/2022/v2022.11.md
View File

@ -97,7 +97,6 @@ image:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `check_static_rules` (boolean)
- Added property `check_have_i_been_pwned` (boolean)
@ -135,7 +134,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `check_static_rules` (boolean)
- Added property `check_have_i_been_pwned` (boolean)
@ -173,7 +171,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `check_static_rules` (boolean)
- Added property `check_have_i_been_pwned` (boolean)
@ -194,19 +191,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -218,19 +211,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -242,19 +231,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -266,15 +251,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -286,15 +268,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -306,15 +285,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -326,19 +302,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -350,19 +322,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -374,19 +342,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -415,7 +379,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `check_static_rules` (boolean)
- Added property `check_have_i_been_pwned` (boolean)
@ -448,11 +411,9 @@ Added: `zxcvbn_score_threshold` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Password Policy Serializer
- Added property `check_static_rules` (boolean)
- Added property `check_have_i_been_pwned` (boolean)
@ -473,19 +434,15 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -497,23 +454,18 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Token Serializer
- Changed property `user_obj` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -525,19 +477,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -549,15 +497,12 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -569,19 +514,15 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -593,19 +534,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -617,19 +554,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -641,19 +574,15 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -665,23 +594,18 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > PolicyBinding Serializer
- Changed property `user_obj` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -693,23 +617,18 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > UserConsent Serializer
- Changed property `user` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -721,23 +640,18 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant
- Changed property `user` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)
@ -749,23 +663,18 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `user` (object)
> User Serializer
- Changed property `groups_obj` (array)
Changed items (object): > Simplified Group Serializer for user's groups
New optional properties:
- `users_obj`
* Deleted property `users` (array)
* Deleted property `users_obj` (array)

10
website/docs/releases/2022/v2022.12.md
View File

@ -183,7 +183,6 @@ image:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `js_url` (string)
- Added property `api_url` (string)
@ -213,7 +212,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `js_url` (string)
- Added property `api_url` (string)
@ -243,7 +241,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `js_url` (string)
- Added property `api_url` (string)
@ -261,9 +258,7 @@ Changed response : **200 OK**
Updated `ak-stage-captcha` component:
New required properties:
- `js_url`
* Added property `js_url` (string)
##### `POST` /flows/executor/&#123;flow_slug&#125;/
@ -276,9 +271,7 @@ Changed response : **200 OK**
Updated `ak-stage-captcha` component:
New required properties:
- `js_url`
* Added property `js_url` (string)
##### `POST` /stages/captcha/
@ -303,7 +296,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `js_url` (string)
- Added property `api_url` (string)
@ -318,11 +310,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > CaptchaStage Serializer
- Added property `js_url` (string)
- Added property `api_url` (string)

14
website/docs/releases/2022/v2022.9.md
View File

@ -44,7 +44,6 @@ slug: "/releases/2022.9"
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `admin_integration_key` (string)
##### `PUT` /stages/authenticator/duo/&#123;stage_uuid&#125;/
@ -62,7 +61,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `admin_integration_key` (string)
##### `PATCH` /stages/authenticator/duo/&#123;stage_uuid&#125;/
@ -80,7 +78,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `admin_integration_key` (string)
##### `GET` /flows/executor/&#123;flow_slug&#125;/
@ -92,11 +89,9 @@ Changed response : **200 OK**
- Changed content type : `application/json`
Added 'xak-flow-error' component:
- Property `type` (string)
Enum values:
- `native`
- `shell`
- `redirect`
@ -104,7 +99,6 @@ Changed response : **200 OK**
- Property `flow_info` (object)
> Contextual flow information for a challenge
- Property `title` (string)
- Property `background` (string)
@ -114,7 +108,6 @@ Changed response : **200 OK**
- Property `layout` (string)
Enum values:
- `stacked`
- `content_left`
- `content_right`
@ -144,11 +137,9 @@ Changed response : **200 OK**
- Changed content type : `application/json`
Added 'xak-flow-error' component:
- Property `type` (string)
Enum values:
- `native`
- `shell`
- `redirect`
@ -156,7 +147,6 @@ Changed response : **200 OK**
- Property `flow_info` (object)
> Contextual flow information for a challenge
- Property `title` (string)
- Property `background` (string)
@ -166,7 +156,6 @@ Changed response : **200 OK**
- Property `layout` (string)
Enum values:
- `stacked`
- `content_left`
- `content_right`
@ -202,7 +191,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `admin_integration_key` (string)
##### `GET` /stages/authenticator/duo/
@ -212,11 +200,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > AuthenticatorDuoStage Serializer
- Added property `admin_integration_key` (string)
## Minor changes/fixes

78
website/docs/releases/2023/v2023.1.md
View File

@ -156,21 +156,17 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `authorizations`
- `logins`
- `logins_failed`
New optional properties:
- `authorizations_per_1h`
- `logins_failed_per_1h`
- `logins_per_1h`
* Added property `logins` (array)
Items (object): > Coordinates for diagrams
- Property `x_cord` (integer)
- Property `y_cord` (integer)
@ -194,17 +190,14 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `authorizations`
- `logins`
- `logins_failed`
New optional properties:
- `authorizations_per_1h`
- `logins_failed_per_1h`
- `logins_per_1h`
* Added property `logins` (array)
* Added property `logins_failed` (array)
@ -226,9 +219,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `path`
* Added property `content` (string)
##### `PUT` /managed/blueprints/&#123;instance_uuid&#125;/
@ -250,9 +241,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `path`
* Added property `content` (string)
##### `PATCH` /managed/blueprints/&#123;instance_uuid&#125;/
@ -270,9 +259,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `path`
* Added property `content` (string)
##### `POST` /managed/blueprints/&#123;instance_uuid&#125;/apply/
@ -284,9 +271,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `path`
* Added property `content` (string)
##### `GET` /outposts/proxy/&#123;id&#125;/
@ -296,7 +281,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `intercept_header_auth` (boolean)
> When enabled, this provider will intercept the authorization header and authenticate requests based on its value.
@ -307,13 +291,11 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Removed enum value:
- `authentik.policies.hibp`
##### `PUT` /policies/event_matcher/&#123;policy_uuid&#125;/
@ -327,7 +309,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Removed enum value:
- `authentik.policies.hibp`
###### Return Type:
@ -335,13 +316,11 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Removed enum value:
- `authentik.policies.hibp`
##### `PATCH` /policies/event_matcher/&#123;policy_uuid&#125;/
@ -355,7 +334,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Removed enum value:
- `authentik.policies.hibp`
###### Return Type:
@ -363,13 +341,11 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Removed enum value:
- `authentik.policies.hibp`
##### `GET` /propertymappings/scope/&#123;pm_uuid&#125;/
@ -379,7 +355,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `scope_name` (string)
> Scope name requested by the client
@ -397,7 +372,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `scope_name` (string)
> Scope name requested by the client
@ -415,7 +389,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `scope_name` (string)
> Scope name requested by the client
@ -428,9 +401,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `client_id`
* Added property `client_id` (string)
* Added property `intercept_header_auth` (boolean)
@ -460,9 +431,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `client_id`
* Added property `client_id` (string)
* Added property `intercept_header_auth` (boolean)
@ -490,9 +459,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `client_id`
* Added property `client_id` (string)
* Added property `intercept_header_auth` (boolean)
@ -512,9 +479,7 @@ Changed response : **200 OK**
Changed items (object): > Serialize TaskInfo and TaskResult
New required properties:
- `task_duration`
* Added property `task_duration` (integer)
##### `GET` /admin/system_tasks/&#123;id&#125;/
@ -526,9 +491,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `task_duration`
* Added property `task_duration` (integer)
##### `POST` /managed/blueprints/
@ -550,9 +513,7 @@ Changed response : **201 Created**
- Changed content type : `application/json`
New optional properties:
- `path`
* Added property `content` (string)
##### `GET` /managed/blueprints/
@ -562,15 +523,12 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Info about a single blueprint instance file
New optional properties:
- `path`
* Added property `content` (string)
##### `GET` /outposts/proxy/
@ -580,11 +538,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Proxy provider serializer for outposts
- Added property `intercept_header_auth` (boolean)
> When enabled, this provider will intercept the authorization header and authenticate requests based on its value.
@ -599,7 +555,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Removed enum value:
- `authentik.policies.hibp`
###### Return Type:
@ -607,13 +562,11 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Removed enum value:
- `authentik.policies.hibp`
##### `GET` /policies/event_matcher/
@ -627,17 +580,14 @@ Changed: `app` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Event Matcher Policy Serializer
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Removed enum value:
- `authentik.policies.hibp`
##### `POST` /propertymappings/scope/
@ -654,7 +604,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `scope_name` (string)
> Scope name requested by the client
@ -665,11 +614,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > ScopeMapping Serializer
- Changed property `scope_name` (string)
> Scope name requested by the client
@ -692,9 +639,7 @@ Changed response : **201 Created**
- Changed content type : `application/json`
New required properties:
- `client_id`
* Added property `client_id` (string)
* Added property `intercept_header_auth` (boolean)
@ -710,15 +655,12 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > ProxyProvider Serializer
New required properties:
- `client_id`
* Added property `client_id` (string)
* Added property `intercept_header_auth` (boolean)
@ -736,10 +678,8 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `url_slo_post`
- `url_slo_redirect`
* Added property `url_slo_post` (string)
* Added property `url_slo_redirect` (string)
@ -753,10 +693,8 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `url_slo_post`
- `url_slo_redirect`
* Added property `url_slo_post` (string)
* Added property `url_slo_redirect` (string)
@ -770,10 +708,8 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `url_slo_post`
- `url_slo_redirect`
* Added property `url_slo_post` (string)
* Added property `url_slo_redirect` (string)
@ -789,9 +725,7 @@ Changed response : **200 OK**
Changed items (object): > Serialize TaskInfo and TaskResult
New required properties:
- `task_duration`
* Added property `task_duration` (integer)
##### `POST` /providers/saml/
@ -803,10 +737,8 @@ Changed response : **201 Created**
- Changed content type : `application/json`
New required properties:
- `url_slo_post`
- `url_slo_redirect`
* Added property `url_slo_post` (string)
* Added property `url_slo_redirect` (string)
@ -818,16 +750,13 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > SAMLProvider Serializer
New required properties:
- `url_slo_post`
- `url_slo_redirect`
* Added property `url_slo_post` (string)
* Added property `url_slo_redirect` (string)
@ -847,11 +776,9 @@ Added: `has_jwks` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `user_creation_mode` (string)
Enum values:
- `never_create`
- `create_when_required`
- `always_create`
@ -875,7 +802,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `user_creation_mode` (string)
- Deleted property `can_create_users` (boolean)
@ -897,7 +823,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `user_creation_mode` (string)
- Deleted property `can_create_users` (boolean)
@ -919,7 +844,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `user_creation_mode` (string)
- Deleted property `can_create_users` (boolean)
@ -938,11 +862,9 @@ Deleted: `can_create_users` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > UserWriteStage Serializer
- Added property `user_creation_mode` (string)
- Deleted property `can_create_users` (boolean)

179
website/docs/releases/2023/v2023.10.md
View File

@ -378,7 +378,6 @@ Changed: `uuid` in `path`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -389,7 +388,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -443,7 +441,6 @@ Changed response : **200 OK**
> - `authentik.enterprise` - authentik Enterprise
Added enum values:
- `authentik.rbac`
- `authentik.stages.authenticator`
@ -525,7 +522,6 @@ Changed response : **200 OK**
> - `authentik_enterprise.license` - License
Added enum values:
- `authentik_rbac.role`
- `authentik_stages_authenticator_static.staticdevice`
- `authentik_stages_authenticator_totp.totpdevice`
@ -590,7 +586,6 @@ Changed content type : `application/json`
> - `authentik.enterprise` - authentik Enterprise
Added enum values:
- `authentik.rbac`
- `authentik.stages.authenticator`
@ -672,7 +667,6 @@ Changed content type : `application/json`
> - `authentik_enterprise.license` - License
Added enum values:
- `authentik_rbac.role`
- `authentik_stages_authenticator_static.staticdevice`
- `authentik_stages_authenticator_totp.totpdevice`
@ -683,7 +677,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -737,7 +730,6 @@ Changed response : **200 OK**
> - `authentik.enterprise` - authentik Enterprise
Added enum values:
- `authentik.rbac`
- `authentik.stages.authenticator`
@ -819,7 +811,6 @@ Changed response : **200 OK**
> - `authentik_enterprise.license` - License
Added enum values:
- `authentik_rbac.role`
- `authentik_stages_authenticator_static.staticdevice`
- `authentik_stages_authenticator_totp.totpdevice`
@ -884,7 +875,6 @@ Changed content type : `application/json`
> - `authentik.enterprise` - authentik Enterprise
Added enum values:
- `authentik.rbac`
- `authentik.stages.authenticator`
@ -966,7 +956,6 @@ Changed content type : `application/json`
> - `authentik_enterprise.license` - License
Added enum values:
- `authentik_rbac.role`
- `authentik_stages_authenticator_static.staticdevice`
- `authentik_stages_authenticator_totp.totpdevice`
@ -977,7 +966,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -1031,7 +1019,6 @@ Changed response : **200 OK**
> - `authentik.enterprise` - authentik Enterprise
Added enum values:
- `authentik.rbac`
- `authentik.stages.authenticator`
@ -1113,7 +1100,6 @@ Changed response : **200 OK**
> - `authentik_enterprise.license` - License
Added enum values:
- `authentik_rbac.role`
- `authentik_stages_authenticator_static.staticdevice`
- `authentik_stages_authenticator_totp.totpdevice`
@ -1126,7 +1112,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -1144,7 +1129,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -1162,7 +1146,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -1177,10 +1160,8 @@ Changed response : **200 OK**
Changed items (object): > Serializer for SourceType
New required properties:
- `oidc_jwks_url`
- `oidc_well_known_url`
* Added property `oidc_well_known_url` (string)
* Added property `oidc_jwks_url` (string)
@ -1288,9 +1269,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `roles_obj`
* Added property `roles` (array)
Items (string):
@ -1298,7 +1277,6 @@ Changed response : **200 OK**
* Added property `roles_obj` (array)
Items (object): > Role serializer
- Property `pk` (string)
- Property `name` (string)
@ -1324,9 +1302,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -1352,9 +1328,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -1374,15 +1348,12 @@ Changed: `group_uuid` in `path`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `PUT` /core/tokens/&#123;identifier&#125;/
@ -1392,15 +1363,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `PATCH` /core/tokens/&#123;identifier&#125;/
@ -1410,15 +1378,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /core/users/&#123;id&#125;/
@ -1430,9 +1395,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `PUT` /core/users/&#123;id&#125;/
@ -1444,9 +1407,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `PATCH` /core/users/&#123;id&#125;/
@ -1458,9 +1419,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /enterprise/license/&#123;license_uuid&#125;/used_by/
@ -1478,15 +1437,12 @@ Changed: `license_uuid` in `path`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -1498,15 +1454,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -1518,15 +1471,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -1578,11 +1528,9 @@ Changed: `uuid` in `path`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > RadiusProvider Serializer
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -1593,7 +1541,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `failure_result` (boolean)
> Result if the Policy execution fails.
@ -1607,9 +1554,7 @@ Changed response : **200 OK**
> Group Serializer
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -1619,9 +1564,7 @@ Changed response : **200 OK**
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `PUT` /policies/bindings/&#123;policy_binding_uuid&#125;/
@ -1642,7 +1585,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `failure_result` (boolean)
> Result if the Policy execution fails.
@ -1656,9 +1598,7 @@ Changed response : **200 OK**
> Group Serializer
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -1668,9 +1608,7 @@ Changed response : **200 OK**
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `PATCH` /policies/bindings/&#123;policy_binding_uuid&#125;/
@ -1691,7 +1629,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `failure_result` (boolean)
> Result if the Policy execution fails.
@ -1705,9 +1642,7 @@ Changed response : **200 OK**
> Group Serializer
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -1717,9 +1652,7 @@ Changed response : **200 OK**
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `POST` /policies/event_matcher/
@ -1781,7 +1714,6 @@ Changed content type : `application/json`
> - `authentik.enterprise` - authentik Enterprise
Added enum values:
- `authentik.rbac`
- `authentik.stages.authenticator`
@ -1863,7 +1795,6 @@ Changed content type : `application/json`
> - `authentik_enterprise.license` - License
Added enum values:
- `authentik_rbac.role`
- `authentik_stages_authenticator_static.staticdevice`
- `authentik_stages_authenticator_totp.totpdevice`
@ -1874,7 +1805,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -1928,7 +1858,6 @@ Changed response : **201 Created**
> - `authentik.enterprise` - authentik Enterprise
Added enum values:
- `authentik.rbac`
- `authentik.stages.authenticator`
@ -2010,7 +1939,6 @@ Changed response : **201 Created**
> - `authentik_enterprise.license` - License
Added enum values:
- `authentik_rbac.role`
- `authentik_stages_authenticator_static.staticdevice`
- `authentik_stages_authenticator_totp.totpdevice`
@ -2023,11 +1951,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Event Matcher Policy Serializer
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -2081,7 +2007,6 @@ Changed response : **200 OK**
> - `authentik.enterprise` - authentik Enterprise
Added enum values:
- `authentik.rbac`
- `authentik.stages.authenticator`
@ -2163,7 +2088,6 @@ Changed response : **200 OK**
> - `authentik_enterprise.license` - License
Added enum values:
- `authentik_rbac.role`
- `authentik_stages_authenticator_static.staticdevice`
- `authentik_stages_authenticator_totp.totpdevice`
@ -2183,7 +2107,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -2194,11 +2117,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > RadiusProvider Serializer
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -2209,7 +2130,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `default_relay_state` (string)
> Default relay_state value for IDP-initiated logins
@ -2227,7 +2147,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `default_relay_state` (string)
> Default relay_state value for IDP-initiated logins
@ -2245,7 +2164,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `default_relay_state` (string)
> Default relay_state value for IDP-initiated logins
@ -2256,16 +2174,13 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `type` (object)
> Serializer for SourceType
New required properties:
- `oidc_jwks_url`
- `oidc_well_known_url`
* Added property `oidc_well_known_url` (string)
* Added property `oidc_jwks_url` (string)
@ -2277,16 +2192,13 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `type` (object)
> Serializer for SourceType
New required properties:
- `oidc_jwks_url`
- `oidc_well_known_url`
* Added property `oidc_well_known_url` (string)
* Added property `oidc_jwks_url` (string)
@ -2298,16 +2210,13 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `type` (object)
> Serializer for SourceType
New required properties:
- `oidc_jwks_url`
- `oidc_well_known_url`
* Added property `oidc_well_known_url` (string)
* Added property `oidc_jwks_url` (string)
@ -2327,9 +2236,7 @@ Changed response : **201 Created**
- Changed content type : `application/json`
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -2341,15 +2248,12 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Group Serializer
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -2361,15 +2265,12 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /core/tokens/
@ -2379,19 +2280,15 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Token Serializer
- Changed property `user_obj` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /core/user_consent/&#123;id&#125;/
@ -2401,15 +2298,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `POST` /core/users/
@ -2421,9 +2315,7 @@ Changed response : **201 Created**
- Changed content type : `application/json`
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /core/users/
@ -2433,15 +2325,12 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /core/users/me/
@ -2451,15 +2340,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer for information a user can retrieve about themselves
New required properties:
- `system_permissions`
* Added property `system_permissions` (array)
> Get all system permissions assigned to the user
@ -2473,15 +2359,12 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -2493,19 +2376,15 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > NotificationRule Serializer
- Changed property `group_obj` (object)
> Group Serializer
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -2517,15 +2396,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /oauth2/authorization_codes/&#123;id&#125;/
@ -2535,15 +2411,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /oauth2/refresh_tokens/&#123;id&#125;/
@ -2553,15 +2426,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `POST` /policies/bindings/
@ -2582,7 +2452,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `failure_result` (boolean)
> Result if the Policy execution fails.
@ -2596,9 +2465,7 @@ Changed response : **201 Created**
> Group Serializer
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -2608,9 +2475,7 @@ Changed response : **201 Created**
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /policies/bindings/
@ -2620,11 +2485,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > PolicyBinding Serializer
- Added property `failure_result` (boolean)
> Result if the Policy execution fails.
@ -2638,9 +2501,7 @@ Changed response : **200 OK**
> Group Serializer
New required properties:
- `roles_obj`
* Added property `roles` (array)
* Added property `roles_obj` (array)
@ -2650,9 +2511,7 @@ Changed response : **200 OK**
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `POST` /providers/saml/
@ -2669,7 +2528,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `default_relay_state` (string)
> Default relay_state value for IDP-initiated logins
@ -2684,11 +2542,9 @@ Added: `default_relay_state` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > SAMLProvider Serializer
- Added property `default_relay_state` (string)
> Default relay_state value for IDP-initiated logins
@ -2699,16 +2555,13 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `type` (object)
> Serializer for SourceType
New required properties:
- `oidc_jwks_url`
- `oidc_well_known_url`
* Added property `oidc_well_known_url` (string)
* Added property `oidc_jwks_url` (string)
@ -2720,20 +2573,16 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > OAuth Source Serializer
- Changed property `type` (object)
> Serializer for SourceType
New required properties:
- `oidc_jwks_url`
- `oidc_well_known_url`
* Added property `oidc_well_known_url` (string)
* Added property `oidc_jwks_url` (string)
@ -2745,7 +2594,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `verify_only` (boolean)
> When enabled, the Phone number is only used during enrollment to verify the users authenticity. Only a hash of the phone number is saved to ensure it is not reused in the future.
@ -2763,7 +2611,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `verify_only` (boolean)
> When enabled, the Phone number is only used during enrollment to verify the users authenticity. Only a hash of the phone number is saved to ensure it is not reused in the future.
@ -2781,7 +2628,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `verify_only` (boolean)
> When enabled, the Phone number is only used during enrollment to verify the users authenticity. Only a hash of the phone number is saved to ensure it is not reused in the future.
@ -2792,7 +2638,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `deny_message` (string)
##### `PUT` /stages/deny/&#123;stage_uuid&#125;/
@ -2808,7 +2653,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `deny_message` (string)
##### `PATCH` /stages/deny/&#123;stage_uuid&#125;/
@ -2824,7 +2668,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `deny_message` (string)
##### `GET` /core/user_consent/
@ -2834,19 +2677,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > UserConsent Serializer
- Changed property `user` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /oauth2/access_tokens/
@ -2856,19 +2695,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `user` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /oauth2/authorization_codes/
@ -2878,19 +2713,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant
- Changed property `user` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `GET` /oauth2/refresh_tokens/
@ -2900,19 +2731,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `user` (object)
> User Serializer
New required properties:
- `uuid`
* Added property `uuid` (string)
##### `POST` /stages/authenticator/sms/
@ -2929,7 +2756,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `verify_only` (boolean)
> When enabled, the Phone number is only used during enrollment to verify the users authenticity. Only a hash of the phone number is saved to ensure it is not reused in the future.
@ -2940,11 +2766,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > AuthenticatorSMSStage Serializer
- Changed property `verify_only` (boolean)
> When enabled, the Phone number is only used during enrollment to verify the users authenticity. Only a hash of the phone number is saved to ensure it is not reused in the future.
@ -2961,7 +2785,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `deny_message` (string)
##### `GET` /stages/deny/
@ -2975,9 +2798,7 @@ Added: `deny_message` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > DenyStage Serializer
- Added property `deny_message` (string)

39
website/docs/releases/2023/v2023.2.md
View File

@ -132,13 +132,11 @@ image:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `PUT` /providers/oauth2/&#123;id&#125;/
@ -152,7 +150,6 @@ Changed content type : `application/json`
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
###### Return Type:
@ -160,13 +157,11 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `PATCH` /providers/oauth2/&#123;id&#125;/
@ -180,7 +175,6 @@ Changed content type : `application/json`
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
###### Return Type:
@ -188,13 +182,11 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `POST` /providers/oauth2/
@ -208,7 +200,6 @@ Changed content type : `application/json`
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
###### Return Type:
@ -216,13 +207,11 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /providers/oauth2/
@ -238,17 +227,14 @@ Changed: `sub_mode` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > OAuth2Provider Serializer
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /oauth2/authorization_codes/&#123;id&#125;/
@ -258,17 +244,14 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /oauth2/refresh_tokens/&#123;id&#125;/
@ -278,17 +261,14 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /oauth2/authorization_codes/
@ -298,21 +278,17 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /oauth2/refresh_tokens/
@ -322,21 +298,17 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /stages/prompt/prompts/&#123;prompt_uuid&#125;/
@ -348,9 +320,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `name`
* Added property `name` (string)
##### `PUT` /stages/prompt/prompts/&#123;prompt_uuid&#125;/
@ -372,9 +342,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `name`
* Added property `name` (string)
##### `PATCH` /stages/prompt/prompts/&#123;prompt_uuid&#125;/
@ -392,9 +360,7 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `name`
* Added property `name` (string)
##### `POST` /stages/prompt/prompts/
@ -416,9 +382,7 @@ Changed response : **201 Created**
- Changed content type : `application/json`
New required properties:
- `name`
* Added property `name` (string)
##### `GET` /stages/prompt/prompts/
@ -432,13 +396,10 @@ Added: `name` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Prompt Serializer
New required properties:
- `name`
* Added property `name` (string)

147
website/docs/releases/2023/v2023.3.md
View File

@ -16,7 +16,6 @@ slug: "/releases/2023.3"
Documentation: [SCIM Provider](../../add-secure-apps/providers/scim/index.md)
- Theming improvements
- The custom.css file is now loaded in ShadowDOMs, allowing for much greater customization, as previously it was only possible to style elements outside of the ShadowDOM. See docs for [Flow](../../customize/interfaces/flow/customization.mdx), [User](../../customize/interfaces/user/customization.mdx) and [Admin](../../customize/interfaces/admin/customization.mdx) interfaces.
- Previously, authentik would automatically switch between dark and light theme based on the users' browsers' settings. This can now be overridden to either force the light or dark theme, per user/group/tenant. See docs for [Flow](../../customize/interfaces/flow/customization.mdx), [User](../../customize/interfaces/user/customization.mdx) and [Admin](../../customize/interfaces/admin/customization.mdx) interfaces.
@ -156,13 +155,11 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.providers.scim`
##### `PUT` /policies/event_matcher/&#123;policy_uuid&#125;/
@ -176,7 +173,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.providers.scim`
###### Return Type:
@ -184,13 +180,11 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.providers.scim`
##### `PATCH` /policies/event_matcher/&#123;policy_uuid&#125;/
@ -204,7 +198,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.providers.scim`
###### Return Type:
@ -212,13 +205,11 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.providers.scim`
##### `GET` /providers/oauth2/&#123;id&#125;/
@ -230,7 +221,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `PUT` /providers/oauth2/&#123;id&#125;/
@ -250,7 +240,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `PATCH` /providers/oauth2/&#123;id&#125;/
@ -262,7 +251,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `GET` /providers/proxy/&#123;id&#125;/
@ -274,7 +262,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `PUT` /providers/proxy/&#123;id&#125;/
@ -294,7 +281,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `PATCH` /providers/proxy/&#123;id&#125;/
@ -306,7 +292,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `GET` /core/groups/&#123;group_uuid&#125;/
@ -316,15 +301,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `PUT` /core/groups/&#123;group_uuid&#125;/
@ -334,15 +316,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `PATCH` /core/groups/&#123;group_uuid&#125;/
@ -352,15 +331,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `GET` /core/tenants/current/
@ -372,13 +348,10 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `ui_theme`
* Added property `ui_theme` (object)
Enum values:
- `automatic`
- `light`
- `dark`
@ -390,19 +363,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `PUT` /events/rules/&#123;pbm_uuid&#125;/
@ -412,19 +381,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `PATCH` /events/rules/&#123;pbm_uuid&#125;/
@ -434,19 +399,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `GET` /policies/bindings/&#123;policy_binding_uuid&#125;/
@ -456,19 +417,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `PUT` /policies/bindings/&#123;policy_binding_uuid&#125;/
@ -478,19 +435,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `PATCH` /policies/bindings/&#123;policy_binding_uuid&#125;/
@ -500,19 +453,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `POST` /policies/event_matcher/
@ -526,7 +475,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.providers.scim`
###### Return Type:
@ -534,13 +482,11 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.providers.scim`
##### `GET` /policies/event_matcher/
@ -550,17 +496,14 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Event Matcher Policy Serializer
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.providers.scim`
##### `GET` /providers/ldap/&#123;id&#125;/
@ -572,7 +515,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `PUT` /providers/ldap/&#123;id&#125;/
@ -592,7 +534,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `PATCH` /providers/ldap/&#123;id&#125;/
@ -604,7 +545,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `POST` /providers/oauth2/
@ -624,7 +564,6 @@ Changed response : **201 Created**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `GET` /providers/oauth2/
@ -634,13 +573,11 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > OAuth2Provider Serializer
New optional properties:
- `authorization_flow`
##### `POST` /providers/proxy/
@ -660,7 +597,6 @@ Changed response : **201 Created**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `GET` /providers/proxy/
@ -670,13 +606,11 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > ProxyProvider Serializer
New optional properties:
- `authorization_flow`
##### `GET` /providers/saml/&#123;id&#125;/
@ -688,7 +622,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `PUT` /providers/saml/&#123;id&#125;/
@ -708,7 +641,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `PATCH` /providers/saml/&#123;id&#125;/
@ -720,7 +652,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `GET` /stages/invitation/invitations/&#123;invite_uuid&#125;/
@ -730,15 +661,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `created_by` (object)
> Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `PUT` /stages/invitation/invitations/&#123;invite_uuid&#125;/
@ -748,15 +676,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `created_by` (object)
> Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `PATCH` /stages/invitation/invitations/&#123;invite_uuid&#125;/
@ -766,15 +691,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `created_by` (object)
> Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `POST` /core/groups/
@ -784,15 +706,12 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `GET` /core/groups/
@ -802,19 +721,15 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Group Serializer
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `POST` /events/rules/
@ -824,19 +739,15 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `GET` /events/rules/
@ -846,23 +757,18 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > NotificationRule Serializer
- Changed property `group_obj` (object)
> Group Serializer
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `GET` /flows/bindings/&#123;fsb_uuid&#125;/
@ -872,7 +778,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `evaluate_on_plan` (boolean)
> Evaluate policies during the Flow planning process.
@ -890,7 +795,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `evaluate_on_plan` (boolean)
> Evaluate policies during the Flow planning process.
@ -908,7 +812,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `evaluate_on_plan` (boolean)
> Evaluate policies during the Flow planning process.
@ -919,13 +822,11 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
New optional properties:
- `authorization_flow`
##### `GET` /oauth2/authorization_codes/&#123;id&#125;/
@ -935,13 +836,11 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
New optional properties:
- `authorization_flow`
##### `GET` /oauth2/refresh_tokens/&#123;id&#125;/
@ -951,13 +850,11 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
New optional properties:
- `authorization_flow`
##### `POST` /policies/bindings/
@ -967,19 +864,15 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `group_obj` (object)
> Group Serializer
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `GET` /policies/bindings/
@ -989,23 +882,18 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > PolicyBinding Serializer
- Changed property `group_obj` (object)
> Group Serializer
- Changed property `users_obj` (array)
Changed items (object): > Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `POST` /providers/ldap/
@ -1025,7 +913,6 @@ Changed response : **201 Created**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `GET` /providers/ldap/
@ -1035,13 +922,11 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > LDAPProvider Serializer
New optional properties:
- `authorization_flow`
##### `POST` /providers/saml/
@ -1061,7 +946,6 @@ Changed response : **201 Created**
- Changed content type : `application/json`
New optional properties:
- `authorization_flow`
##### `GET` /providers/saml/
@ -1071,13 +955,11 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > SAMLProvider Serializer
New optional properties:
- `authorization_flow`
##### `GET` /sources/user_connections/all/
@ -1093,15 +975,12 @@ Added: `user` in `query`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `created_by` (object)
> Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `GET` /stages/invitation/invitations/
@ -1111,19 +990,15 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Invitation Serializer
- Changed property `created_by` (object)
> Stripped down user serializer to show relevant users for groups
New optional properties:
- `avatar`
* Deleted property `avatar` (string)
##### `GET` /stages/user_login/&#123;stage_uuid&#125;/
@ -1133,7 +1008,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `terminate_other_sessions` (boolean)
> Terminate all other sessions of the user logging in.
@ -1151,7 +1025,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `terminate_other_sessions` (boolean)
> Terminate all other sessions of the user logging in.
@ -1169,7 +1042,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `terminate_other_sessions` (boolean)
> Terminate all other sessions of the user logging in.
@ -1187,7 +1059,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `evaluate_on_plan` (boolean)
> Evaluate policies during the Flow planning process.
@ -1198,11 +1069,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > FlowStageBinding Serializer
- Changed property `evaluate_on_plan` (boolean)
> Evaluate policies during the Flow planning process.
@ -1213,22 +1082,18 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `plans` (array)
Changed items (object): > Serializer for an active FlowPlan
- Changed property `next_planned_stage` (object)
> FlowStageBinding Serializer
- Changed property `evaluate_on_plan` (boolean)
> Evaluate policies during the Flow planning process.
- Changed property `current_stage` (object)
> FlowStageBinding Serializer
- Changed property `evaluate_on_plan` (boolean)
> Evaluate policies during the Flow planning process.
@ -1239,17 +1104,14 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `provider` (object)
> OAuth2Provider Serializer
New optional properties:
- `authorization_flow`
##### `GET` /oauth2/authorization_codes/
@ -1259,17 +1121,14 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant
- Changed property `provider` (object)
> OAuth2Provider Serializer
New optional properties:
- `authorization_flow`
##### `GET` /oauth2/refresh_tokens/
@ -1279,17 +1138,14 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `provider` (object)
> OAuth2Provider Serializer
New optional properties:
- `authorization_flow`
##### `POST` /stages/user_login/
@ -1306,7 +1162,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `terminate_other_sessions` (boolean)
> Terminate all other sessions of the user logging in.
@ -1321,10 +1176,8 @@ Added: `terminate_other_sessions` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > UserLoginStage Serializer
- Added property `terminate_other_sessions` (boolean)
> Terminate all other sessions of the user logging in.

125
website/docs/releases/2023/v2023.4.md
View File

@ -152,7 +152,6 @@ image:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -204,7 +203,6 @@ Changed response : **200 OK**
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
##### `PUT` /policies/event_matcher/&#123;policy_uuid&#125;/
@ -264,7 +262,6 @@ Changed content type : `application/json`
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
###### Return Type:
@ -272,7 +269,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -324,7 +320,6 @@ Changed response : **200 OK**
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
##### `PATCH` /policies/event_matcher/&#123;policy_uuid&#125;/
@ -384,7 +379,6 @@ Changed content type : `application/json`
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
###### Return Type:
@ -392,7 +386,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -444,7 +437,6 @@ Changed response : **200 OK**
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
##### `GET` /providers/all/&#123;id&#125;/
@ -454,7 +446,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -465,7 +456,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -483,7 +473,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -501,7 +490,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -512,7 +500,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -530,7 +517,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -548,7 +534,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -559,11 +544,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -574,11 +557,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -589,11 +570,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -604,7 +583,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `type` (string)
> - `proxy` - Proxy
@ -612,13 +590,11 @@ Changed response : **200 OK**
> - `radius` - Radius
Added enum value:
- `radius`
- Changed property `providers_obj` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -635,7 +611,6 @@ Changed content type : `application/json`
> - `radius` - Radius
Added enum value:
- `radius`
###### Return Type:
@ -643,7 +618,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `type` (string)
> - `proxy` - Proxy
@ -651,13 +625,11 @@ Changed response : **200 OK**
> - `radius` - Radius
Added enum value:
- `radius`
- Changed property `providers_obj` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -674,7 +646,6 @@ Changed content type : `application/json`
> - `radius` - Radius
Added enum value:
- `radius`
###### Return Type:
@ -682,7 +653,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `type` (string)
> - `proxy` - Proxy
@ -690,13 +660,11 @@ Changed response : **200 OK**
> - `radius` - Radius
Added enum value:
- `radius`
- Changed property `providers_obj` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -757,7 +725,6 @@ Changed content type : `application/json`
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
###### Return Type:
@ -765,7 +732,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -817,7 +783,6 @@ Changed response : **201 Created**
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
##### `GET` /policies/event_matcher/
@ -827,11 +792,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Event Matcher Policy Serializer
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -883,7 +846,6 @@ Changed response : **200 OK**
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
##### `GET` /providers/all/
@ -893,11 +855,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -908,7 +868,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -926,7 +885,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -944,7 +902,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -962,7 +919,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -973,11 +929,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -995,7 +949,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1006,11 +959,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > ProxyProvider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1021,7 +972,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1039,7 +989,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1057,7 +1006,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1068,11 +1016,9 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1083,15 +1029,12 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Application Serializer
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1102,15 +1045,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `application` (object)
> Application Serializer
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1121,11 +1061,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1136,11 +1074,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1151,11 +1087,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1172,7 +1106,6 @@ Changed content type : `application/json`
> - `radius` - Radius
Added enum value:
- `radius`
###### Return Type:
@ -1180,7 +1113,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `type` (string)
> - `proxy` - Proxy
@ -1188,13 +1120,11 @@ Changed response : **201 Created**
> - `radius` - Radius
Added enum value:
- `radius`
- Changed property `providers_obj` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1205,11 +1135,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Outpost Serializer
- Changed property `type` (string)
> - `proxy` - Proxy
@ -1217,13 +1145,11 @@ Changed response : **200 OK**
> - `radius` - Radius
Added enum value:
- `radius`
- Changed property `providers_obj` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1241,7 +1167,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1252,11 +1177,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > LDAPProvider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1274,7 +1197,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1289,11 +1211,9 @@ Added: `authentication_flow` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > SAMLProvider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1304,7 +1224,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
@ -1322,7 +1241,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
@ -1340,7 +1258,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
@ -1351,19 +1268,15 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > UserConsent Serializer
- Changed property `application` (object)
> Application Serializer
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1376,7 +1289,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
Added 'ak-stage-user-login' component:
- Property `type` (string)
> - `native` - NATIVE
@ -1384,7 +1296,6 @@ Changed response : **200 OK**
> - `redirect` - REDIRECT
Enum values:
- `native`
- `shell`
- `redirect`
@ -1392,7 +1303,6 @@ Changed response : **200 OK**
- Property `flow_info` (object)
> Contextual flow information for a challenge
- Property `title` (string)
- Property `background` (string)
@ -1408,7 +1318,6 @@ Changed response : **200 OK**
> - `sidebar_right` - SIDEBAR_RIGHT
Enum values:
- `stacked`
- `content_left`
- `content_right`
@ -1424,15 +1333,12 @@ Changed response : **200 OK**
- Property `pending_user_avatar` (string)
Updated `ak-stage-prompt` component:
- Changed property `fields` (array)
Changed items (object): > Serializer for a single Prompt field
New required properties:
- `choices`
* Added property `choices` (array)
Items (string):
@ -1459,7 +1365,6 @@ Changed response : **200 OK**
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
@ -1485,15 +1390,12 @@ Changed response : **200 OK**
Added 'ak-stage-user-login' component:
Updated `ak-stage-prompt` component:
- Changed property `fields` (array)
Changed items (object): > Serializer for a single Prompt field
New required properties:
- `choices`
* Added property `choices` (array)
* Changed property `type` (string)
@ -1518,7 +1420,6 @@ Changed response : **200 OK**
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
@ -1531,15 +1432,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1550,15 +1448,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1569,15 +1464,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
@ -1588,7 +1480,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
@ -1615,7 +1506,6 @@ Changed response : **200 OK**
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
@ -1653,7 +1543,6 @@ Changed content type : `application/json`
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
@ -1664,7 +1553,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
@ -1691,7 +1579,6 @@ Changed response : **200 OK**
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
@ -1729,7 +1616,6 @@ Changed content type : `application/json`
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
@ -1740,7 +1626,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
@ -1767,7 +1652,6 @@ Changed response : **200 OK**
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
@ -1787,7 +1671,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
@ -1802,11 +1685,9 @@ Added: `remember_me_offset` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > UserLoginStage Serializer
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
@ -1842,7 +1723,6 @@ Changed content type : `application/json`
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
@ -1853,7 +1733,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
@ -1880,7 +1759,6 @@ Changed response : **201 Created**
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
@ -1934,11 +1812,9 @@ Changed: `type` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Prompt Serializer
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
@ -1965,7 +1841,6 @@ Changed response : **200 OK**
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`

602
website/docs/releases/2023/v2023.5.md
View File

File diff suppressed because it is too large Load Diff

28
website/docs/releases/2023/v2023.6.md
View File

@ -111,7 +111,6 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.6
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `model` (object)
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
@ -188,7 +187,6 @@ Changed response : **200 OK**
> - `authentik_core.token` - Token
Enum values:
- `authentik_crypto.certificatekeypair`
- `authentik_events.event`
- `authentik_events.notificationtransport`
@ -345,7 +343,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `model` (object)
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
>
@ -505,7 +502,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `model` (object)
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
>
@ -587,7 +583,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -684,7 +679,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `model` (object)
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
>
@ -770,11 +764,9 @@ Added: `model` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Event Matcher Policy Serializer
- Added property `model` (object)
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
>
@ -856,7 +848,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -890,7 +881,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -924,7 +914,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -943,7 +932,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `client_certificate` (string)
> Client certificate to authenticate against the LDAP Server's Certificate.
@ -967,7 +955,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `client_certificate` (string)
> Client certificate to authenticate against the LDAP Server's Certificate.
@ -991,7 +978,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `client_certificate` (string)
> Client certificate to authenticate against the LDAP Server's Certificate.
@ -1005,7 +991,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `verification_kp` (string)
> When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.
@ -1031,7 +1016,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `verification_kp` (string)
> When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.
@ -1057,7 +1041,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `verification_kp` (string)
> When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.
@ -1094,11 +1077,9 @@ Changed: `mode` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > LDAPProvider Serializer
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -1132,7 +1113,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -1151,11 +1131,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > LDAPProvider Serializer
- Added property `mfa_support` (boolean)
> When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.
@ -1203,7 +1181,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `client_certificate` (string)
> Client certificate to authenticate against the LDAP Server's Certificate.
@ -1223,11 +1200,9 @@ Added: `sni` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > LDAP Source Serializer
- Added property `client_certificate` (string)
> Client certificate to authenticate against the LDAP Server's Certificate.
@ -1270,7 +1245,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `verification_kp` (string)
> When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.
@ -1315,11 +1289,9 @@ Changed: `signature_algorithm` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > SAMLSource Serializer
- Added property `verification_kp` (string)
> When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.

71
website/docs/releases/2023/v2023.8.md
View File

@ -208,7 +208,6 @@ image:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -260,7 +259,6 @@ Changed response : **200 OK**
> - `authentik.enterprise` - authentik Enterprise
Removed enum value:
- `authentik.lib`
##### `PUT` /policies/event_matcher/&#123;policy_uuid&#125;/
@ -320,7 +318,6 @@ Changed content type : `application/json`
> - `authentik.enterprise` - authentik Enterprise
Removed enum value:
- `authentik.lib`
###### Return Type:
@ -328,7 +325,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -380,7 +376,6 @@ Changed response : **200 OK**
> - `authentik.enterprise` - authentik Enterprise
Removed enum value:
- `authentik.lib`
##### `PATCH` /policies/event_matcher/&#123;policy_uuid&#125;/
@ -440,7 +435,6 @@ Changed content type : `application/json`
> - `authentik.enterprise` - authentik Enterprise
Removed enum value:
- `authentik.lib`
###### Return Type:
@ -448,7 +442,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -500,7 +493,6 @@ Changed response : **200 OK**
> - `authentik.enterprise` - authentik Enterprise
Removed enum value:
- `authentik.lib`
##### `GET` /schema/
@ -548,11 +540,9 @@ Changed: `web_certificate` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
@ -561,7 +551,6 @@ Changed response : **200 OK**
> - `internal_service_account` - Internal Service Account
Enum values:
- `internal`
- `external`
- `service_account`
@ -574,11 +563,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -592,11 +579,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -610,7 +595,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -634,7 +618,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -658,7 +641,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -680,11 +662,9 @@ Changed: `name` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -698,11 +678,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -716,11 +694,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -784,7 +760,6 @@ Changed content type : `application/json`
> - `authentik.enterprise` - authentik Enterprise
Removed enum value:
- `authentik.lib`
###### Return Type:
@ -792,7 +767,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -844,7 +818,6 @@ Changed response : **201 Created**
> - `authentik.enterprise` - authentik Enterprise
Removed enum value:
- `authentik.lib`
##### `GET` /policies/event_matcher/
@ -854,11 +827,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Event Matcher Policy Serializer
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
@ -910,7 +881,6 @@ Changed response : **200 OK**
> - `authentik.enterprise` - authentik Enterprise
Removed enum value:
- `authentik.lib`
##### `POST` /core/tokens/
@ -920,11 +890,9 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -938,15 +906,12 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Token Serializer
- Changed property `user_obj` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -960,11 +925,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -988,7 +951,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1013,11 +975,9 @@ Changed: `uuid` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1031,11 +991,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer for information a user can retrieve about themselves
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1049,11 +1007,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1067,11 +1023,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1085,11 +1039,9 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `user` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1103,11 +1055,9 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `user_obj` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1121,15 +1071,12 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > PolicyBinding Serializer
- Changed property `user_obj` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1143,7 +1090,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `token_length` (integer)
- Changed property `token_count` (integer)
@ -1163,7 +1109,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `token_length` (integer)
- Changed property `token_count` (integer)
@ -1183,7 +1128,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `token_length` (integer)
- Changed property `token_count` (integer)
@ -1195,15 +1139,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > UserConsent Serializer
- Changed property `user` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1217,15 +1158,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `user` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1239,15 +1177,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant
- Changed property `user` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1261,15 +1196,12 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `user` (object)
> User Serializer
- Added property `type` (string)
> - `internal` - Internal
> - `external` - External
@ -1291,7 +1223,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `token_length` (integer)
- Changed property `token_count` (integer)
@ -1307,11 +1238,9 @@ Added: `token_length` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > AuthenticatorStaticStage Serializer
- Added property `token_length` (integer)
- Changed property `token_count` (integer)

359
website/docs/releases/2024/v2024.10.md
View File

File diff suppressed because it is too large Load Diff

194
website/docs/releases/2024/v2024.12.md
View File

File diff suppressed because it is too large Load Diff

697
website/docs/releases/2024/v2024.2.md
View File

File diff suppressed because it is too large Load Diff

764
website/docs/releases/2024/v2024.4.md
View File

File diff suppressed because it is too large Load Diff

81
website/docs/releases/2024/v2024.6.md
View File

@ -389,21 +389,17 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.6
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `runtime` (object)
> Get versions
New required properties:
- `authentik_version`
- `openssl_fips_mode`
- `openssl_version`
New optional properties:
- `gunicorn_version`
* Added property `openssl_version` (string)
* Added property `openssl_fips_mode` (boolean)
@ -419,21 +415,17 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `runtime` (object)
> Get versions
New required properties:
- `authentik_version`
- `openssl_fips_mode`
- `openssl_version`
New optional properties:
- `gunicorn_version`
* Added property `openssl_version` (string)
* Added property `openssl_fips_mode` (boolean)
@ -451,7 +443,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
Changed items (object): > Types of an object that can be created
- Added property `icon_url` (string)
##### `GET` /outposts/instances/{#123;uuid}#125;/health/
@ -465,12 +456,10 @@ Changed response : **200 OK**
Changed items (object): > Outpost health status
New required properties:
- `fips_enabled`
- `golang_version`
- `openssl_enabled`
- `openssl_version`
* Added property `golang_version` (string)
* Added property `openssl_enabled` (boolean)
@ -489,7 +478,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
Changed items (object): > Types of an object that can be created
- Added property `icon_url` (string)
##### `GET` /policies/all/types/
@ -501,7 +489,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
Changed items (object): > Types of an object that can be created
- Added property `icon_url` (string)
##### `GET` /policies/event_matcher/{#123;policy_uuid}#125;/
@ -511,13 +498,11 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum values:
- `authentik.enterprise.providers.google_workspace`
- `authentik.enterprise.providers.microsoft_entra`
@ -526,7 +511,6 @@ Changed response : **200 OK**
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -543,7 +527,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Added enum values:
- `authentik.enterprise.providers.google_workspace`
- `authentik.enterprise.providers.microsoft_entra`
@ -552,7 +535,6 @@ Changed content type : `application/json`
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -563,13 +545,11 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum values:
- `authentik.enterprise.providers.google_workspace`
- `authentik.enterprise.providers.microsoft_entra`
@ -578,7 +558,6 @@ Changed response : **200 OK**
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -595,7 +574,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Added enum values:
- `authentik.enterprise.providers.google_workspace`
- `authentik.enterprise.providers.microsoft_entra`
@ -604,7 +582,6 @@ Changed content type : `application/json`
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -615,13 +592,11 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum values:
- `authentik.enterprise.providers.google_workspace`
- `authentik.enterprise.providers.microsoft_entra`
@ -630,7 +605,6 @@ Changed response : **200 OK**
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -657,7 +631,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
Changed items (object): > Types of an object that can be created
- Added property `icon_url` (string)
##### `GET` /providers/all/types/
@ -669,7 +642,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
Changed items (object): > Types of an object that can be created
- Added property `icon_url` (string)
##### `GET` /sources/all/types/
@ -681,7 +653,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
Changed items (object): > Types of an object that can be created
- Added property `icon_url` (string)
##### `GET` /stages/all/types/
@ -693,7 +664,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
Changed items (object): > Types of an object that can be created
- Added property `icon_url` (string)
##### `GET` /stages/email/templates/
@ -705,7 +675,6 @@ Changed response : **200 OK**
- Changed content type : `application/json`
Changed items (object): > Types of an object that can be created
- Added property `icon_url` (string)
##### `GET` /core/groups/{#123;group_uuid}#125;/
@ -725,7 +694,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Added enum values:
- `authentik.enterprise.providers.google_workspace`
- `authentik.enterprise.providers.microsoft_entra`
@ -734,7 +702,6 @@ Changed content type : `application/json`
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -745,13 +712,11 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum values:
- `authentik.enterprise.providers.google_workspace`
- `authentik.enterprise.providers.microsoft_entra`
@ -760,7 +725,6 @@ Changed response : **201 Created**
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -773,17 +737,14 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Event Matcher Policy Serializer
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum values:
- `authentik.enterprise.providers.google_workspace`
- `authentik.enterprise.providers.microsoft_entra`
@ -792,7 +753,6 @@ Changed response : **200 OK**
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -817,7 +777,6 @@ Changed content type : `application/json`
- Changed property `model` (string)
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -832,7 +791,6 @@ Changed content type : `application/json`
- Changed property `model` (string)
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -847,7 +805,6 @@ Changed content type : `application/json`
- Changed property `model` (string)
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -862,7 +819,6 @@ Changed content type : `application/json`
- Changed property `model` (string)
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_google_workspace.googleworkspaceprovidermapping`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
@ -875,7 +831,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `PUT` /sources/ldap/{#123;slug}#125;/
@ -885,7 +840,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `PATCH` /sources/ldap/{#123;slug}#125;/
@ -895,7 +849,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `GET` /sources/oauth/{#123;slug}#125;/
@ -905,7 +858,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `PUT` /sources/oauth/{#123;slug}#125;/
@ -915,7 +867,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `PATCH` /sources/oauth/{#123;slug}#125;/
@ -925,7 +876,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `GET` /sources/plex/{#123;slug}#125;/
@ -935,7 +885,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `PUT` /sources/plex/{#123;slug}#125;/
@ -945,7 +894,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `PATCH` /sources/plex/{#123;slug}#125;/
@ -955,7 +903,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `GET` /sources/saml/{#123;slug}#125;/
@ -965,7 +912,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `PUT` /sources/saml/{#123;slug}#125;/
@ -975,7 +921,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `PATCH` /sources/saml/{#123;slug}#125;/
@ -985,7 +930,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `GET` /events/system_tasks/{#123;uuid}#125;/
@ -995,7 +939,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `expires` (string)
- Added property `expiring` (boolean)
@ -1019,7 +962,6 @@ Changed: `model` in `query`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `GET` /sources/ldap/
@ -1029,11 +971,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > LDAP Source Serializer
- Changed property `icon` (string)
##### `POST` /sources/oauth/
@ -1043,7 +983,6 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `GET` /sources/oauth/
@ -1053,11 +992,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > OAuth Source Serializer
- Changed property `icon` (string)
##### `POST` /sources/plex/
@ -1067,7 +1004,6 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `GET` /sources/plex/
@ -1077,11 +1013,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Plex Source Serializer
- Changed property `icon` (string)
##### `POST` /sources/saml/
@ -1091,7 +1025,6 @@ Changed response : **200 OK**
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `icon` (string)
##### `GET` /sources/saml/
@ -1101,11 +1034,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > SAMLSource Serializer
- Changed property `icon` (string)
##### `GET` /stages/captcha/{#123;stage_uuid}#125;/
@ -1115,7 +1046,6 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `score_min_threshold` (number)
- Added property `score_max_threshold` (number)
@ -1141,7 +1071,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `score_min_threshold` (number)
- Added property `score_max_threshold` (number)
@ -1167,7 +1096,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `score_min_threshold` (number)
- Added property `score_max_threshold` (number)
@ -1184,14 +1112,12 @@ Changed content type : `application/json`
- Changed property `provider_model` (string)
Added enum values:
- `authentik_providers_google_workspace.googleworkspaceprovider`
- `authentik_providers_microsoft_entra.microsoftentraprovider`
- Changed property `provider` (object)
Added 'authentik_providers_google_workspace.googleworkspaceprovider' provider_model:
- Property `name` (string)
- Property `property_mappings` (array)
@ -1217,7 +1143,6 @@ Changed content type : `application/json`
- Property `user_delete_action` (string)
Enum values:
- `do_nothing`
- `delete`
- `suspend`
@ -1227,7 +1152,6 @@ Changed content type : `application/json`
- Property `default_group_email_domain` (string)
Added 'authentik_providers_microsoft_entra.microsoftentraprovider' provider_model:
- Property `name` (string)
- Property `property_mappings` (array)
@ -1257,11 +1181,9 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serialize TaskInfo and TaskResult
- Added property `expires` (string)
- Added property `expiring` (boolean)
@ -1284,7 +1206,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `score_min_threshold` (number)
- Added property `score_max_threshold` (number)
@ -1299,11 +1220,9 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > CaptchaStage Serializer
- Added property `score_min_threshold` (number)
- Added property `score_max_threshold` (number)

412
website/docs/releases/2024/v2024.8.md
View File

File diff suppressed because it is too large Load Diff

254
website/docs/releases/2025/v2025.2.md
View File

File diff suppressed because it is too large Load Diff

341
website/docs/releases/2025/v2025.4.md
View File

File diff suppressed because it is too large Load Diff

39
website/docs/releases/2025/v2025.6.md
View File

@ -14,7 +14,6 @@ slug: "/releases/2025.6"
## Breaking changes
- **Helm chart dependencies upgrades**:
- The PostgreSQL chart has been updated to version 16.7.4. The PostgreSQL image is no longer pinned in authentik's default values and has been upgraded from version 15 to 17. Follow our [PostgreSQL upgrade instructions](../../troubleshooting/postgres/upgrade_kubernetes.md) to update to the latest PostgreSQL version.
- The Redis chart has been updated to version 21.1.6. There are no breaking changes and Redis has been upgraded from version 7 to 8.
@ -184,7 +183,6 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2025.6
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `client_certificates` (array)
> Certificates used for client authentication.
@ -205,7 +203,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `client_certificates` (array)
> Certificates used for client authentication.
@ -223,7 +220,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `client_certificates` (array)
> Certificates used for client authentication.
@ -234,13 +230,11 @@ Changed response : **200 OK**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.enterprise.stages.mtls`
- Changed property `model` (string)
@ -248,7 +242,6 @@ Changed response : **200 OK**
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
##### `PUT` /policies/event_matcher/&#123;policy_uuid&#125;/
@ -262,7 +255,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.enterprise.stages.mtls`
- Changed property `model` (string)
@ -270,7 +262,6 @@ Changed content type : `application/json`
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
###### Return Type:
@ -278,13 +269,11 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.enterprise.stages.mtls`
- Changed property `model` (string)
@ -292,7 +281,6 @@ Changed response : **200 OK**
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
##### `PATCH` /policies/event_matcher/&#123;policy_uuid&#125;/
@ -306,7 +294,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.enterprise.stages.mtls`
- Changed property `model` (string)
@ -314,7 +301,6 @@ Changed content type : `application/json`
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
###### Return Type:
@ -322,13 +308,11 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.enterprise.stages.mtls`
- Changed property `model` (string)
@ -336,7 +320,6 @@ Changed response : **200 OK**
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
##### `POST` /core/brands/
@ -353,7 +336,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `client_certificates` (array)
> Certificates used for client authentication.
@ -368,11 +350,9 @@ Added: `client_certificates` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Brand Serializer
- Added property `client_certificates` (array)
> Certificates used for client authentication.
@ -387,7 +367,6 @@ Changed content type : `application/json`
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.enterprise.stages.mtls`
- Changed property `model` (string)
@ -395,7 +374,6 @@ Changed content type : `application/json`
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
###### Return Type:
@ -403,13 +381,11 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.enterprise.stages.mtls`
- Changed property `model` (string)
@ -417,7 +393,6 @@ Changed response : **201 Created**
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
##### `GET` /policies/event_matcher/
@ -427,17 +402,14 @@ Changed response : **201 Created**
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Event Matcher Policy Serializer
- Changed property `app` (string)
> Match events created by selected application. When left empty, all applications are matched.
Added enum value:
- `authentik.enterprise.stages.mtls`
- Changed property `model` (string)
@ -445,7 +417,6 @@ Changed response : **200 OK**
> Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
##### `POST` /rbac/permissions/assigned_by_roles/&#123;uuid&#125;/assign/
@ -457,7 +428,6 @@ Changed content type : `application/json`
- Changed property `model` (string)
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
##### `PATCH` /rbac/permissions/assigned_by_roles/&#123;uuid&#125;/unassign/
@ -469,7 +439,6 @@ Changed content type : `application/json`
- Changed property `model` (string)
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
##### `POST` /rbac/permissions/assigned_by_users/&#123;id&#125;/assign/
@ -481,7 +450,6 @@ Changed content type : `application/json`
- Changed property `model` (string)
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
##### `PATCH` /rbac/permissions/assigned_by_users/&#123;id&#125;/unassign/
@ -493,7 +461,6 @@ Changed content type : `application/json`
- Changed property `model` (string)
Added enum value:
- `authentik_stages_mtls.mutualtlsstage`
##### `GET` /sources/ldap/&#123;slug&#125;/
@ -503,7 +470,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `delete_not_found_objects` (boolean)
> Delete authentik users and groups which were previously supplied by this source, but are now missing from it.
@ -521,7 +487,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `delete_not_found_objects` (boolean)
> Delete authentik users and groups which were previously supplied by this source, but are now missing from it.
@ -539,7 +504,6 @@ Changed content type : `application/json`
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `delete_not_found_objects` (boolean)
> Delete authentik users and groups which were previously supplied by this source, but are now missing from it.
@ -569,7 +533,6 @@ Changed content type : `application/json`
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `delete_not_found_objects` (boolean)
> Delete authentik users and groups which were previously supplied by this source, but are now missing from it.
@ -584,10 +547,8 @@ Added: `delete_not_found_objects` in `query`
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > LDAP Source Serializer
- Added property `delete_not_found_objects` (boolean)
> Delete authentik users and groups which were previously supplied by this source, but are now missing from it.

1
website/docs/releases/old/v0.14.md
View File

@ -12,7 +12,6 @@ slug: "/releases/0.14"
- Events now have a more general purpose, rather than just logging audit actions.
The following new events are now logged:
- Policy Execution (Has to be enabled on a per-policy basis)
- Policy Exceptions
- Property Mapping Exceptions

2
website/docs/sys-mgmt/certificates.md
View File

@ -70,12 +70,10 @@ These commands import certificates under the specified names. They are safe to r
authentik uses the following rules to import certificates:
- **Root directory files**: Files in the root directory are imported based on their filename
- `/foo.pem` will be imported as the keypair `foo`
- Files are classified as private keys if they contain `PRIVATE KEY`, otherwise as certificates
- **Certbot convention**: Files named `fullchain.pem` or `privkey.pem` will use their parent folder's name
- Files in paths containing `archive` are ignored (to better support certbot setups)
- **Flexible organization**: Files can use any directory structure and extension

1
website/docs/sys-mgmt/settings.md
View File

@ -16,7 +16,6 @@ Default: `gravatar,initials`
- Any URL: If you want to use images hosted on another server, you can set any URL.
Additionally, these placeholders can be used:
- `%(username)s`: The user's username
- `%(mail_hash)s`: The email address, md5 hashed
- `%(upn)s`: The user's UPN, if set (otherwise an empty string)

3
website/docs/users-sources/access-control/initial_permissions.mdx
View File

@ -43,18 +43,15 @@ To create a new set of initial permissions and apply them to either a single use
2. [Create a new role](../roles/manage_roles.md): navigate to **Directory** > **Roles** and click **Create**.
3. [Create a new group](../groups/manage_groups.mdx): navigate to **Directory** > **Groups** and click **Create**. After creating the group:
- [assign the new role to the group](../groups/manage_groups.mdx#assign-a-role-to-a-group)
- [add any members](../user/user_basic_operations.md#add-a-user-to-a-group) that require the initial permissions. You can add already existing users, or [create new users](../user/user_basic_operations.md#create-a-user).
4. Create an initial permissions object: navigate to **Directory** > **Initial Permissions** and click **Create**. Configure the following settings:
- **Name**: Provide a descriptive name for the new initial permissions object.
- **Role**: Select the role to which you want to apply initial permissions. When a member of a group with this assigned role creates an object, initial permissions will be applied to that object.
- **Mode**: select whether you want to attach the initial permission to a _role_ or to a _single user_.
- **Role**: select this to allow everyone with that role (i.e. everyone in a group to which this role is assigned) to be able to see each others' objects.
- **User**: select this to apply the initial permissions _only_ to a user

4
website/docs/users-sources/sources/directory-sync/active-directory/index.md
View File

@ -48,7 +48,6 @@ To support the integration of authentik with Active Directory, you will need to
4. Provide a name, slug, and the following required configurations:
Under **Connection Settings**:
- **Server URI**: `ldap://ad.company`
:::note
@ -56,18 +55,15 @@ To support the integration of authentik with Active Directory, you will need to
Multiple servers can be specified by separating URIs with a comma (e.g. `ldap://dc1.ad.company,ldap://dc2.ad.company`). If a DNS entry with multiple records is used, authentik will select a random entry when first connecting.
:::
- **Bind CN**: `<service account>@ad.company`
- **Bind Password**: the password of the service account created in the previous section.
- **Base DN**: the base DN which you want authentik to sync.
Under **LDAP Attribute Mapping**:
- **User Property Mappings**: select all Mappings which start with "authentik default LDAP" and "authentik default Active Directory"
- **Group Property Mappings**: select "authentik default LDAP Mapping: Name"
Under **Additional Settings** _(optional)_ configurations that may need to be adjusted based on the setup of your domain:
- **Group**: if enabled, all synchronized groups will be given this group as a parent.
- **Addition User/Group DN**: additional DN which is _prepended_ to your Base DN configured above, to limit the scope of synchronization for Users and Groups.
- **User object filter**: which objects should be considered users (e.g. `(objectClass=user)`). For Active Directory set it to `(&(objectClass=user)(!(objectClass=computer)))` to exclude Computer accounts.

1
website/docs/users-sources/sources/protocols/ldap/index.md
View File

@ -24,7 +24,6 @@ To create or edit a source in authentik, open the Admin interface and navigate t
#### Connection settings
- **Server URI**: URI to your LDAP server/Domain Controller. You can specify multiple servers by separating URIs with a comma, like `ldap://ldap1.company,ldap://ldap2.company`. When using a DNS entry with multiple Records, authentik will select a random entry when first connecting.
- **Enable StartTLS**: Enables StartTLS functionality. To use LDAPS instead, use port `636`.
- **Use Server URI for SNI verification**: this setting is required for servers using TLS 1.3+