diff --git a/website/docs/releases/2024/v2024.6.md b/website/docs/releases/2024/v2024.6.md
new file mode 100644
index 0000000000..5ef12d27e8
--- /dev/null
+++ b/website/docs/releases/2024/v2024.6.md
@@ -0,0 +1,1248 @@
+---
+title: Release 2024.6
+slug: /releases/2024.6
+---
+
+:::::note
+2024.6 has not been released yet! We're publishing these release notes as a preview of what's to come, and for our awesome beta testers trying out release candidates.
+
+To try out the release candidate, replace your Docker image tag with the latest release candidate number, such as 2024.6.0-rc1. You can find the latest one in [the latest releases on GitHub](https://github.com/goauthentik/authentik/releases). If you don't find any, it means we haven't released one yet.
+:::::
+
+## Highlights
+
+- **PostgreSQL read-replica** Optimize database query routing by using read-replicas to balance the load
+- **New Enterprise providers** Enterprise Preview Google Workspace and Microsoft Entra ID providers allows for user synchronization with authentik
+- **Improved CAPTCHA stage** Allows configurable dynamic use of CAPTCHAs
+
+## Breaking changes
+
+### PostgreSQL minimum supported version upgrade
+
+With this release, authentik now requires PostgreSQL version 14 or later. We recommend upgrading to the latest version if you are running an older version.
+
+The provided Helm chart defaults to PostgreSQL 15. If you are using the Helm chart with the default values, no action is required.
+
+The provided Compose file was updated with PostgreSQL 16. You can follow the procedure [here](../../troubleshooting/postgres/upgrade_docker.md) to upgrade.
+
+## New features
+
+- **Google Workspace Provider** Enterprise Preview
+
+ With the Google Workspace provider, authentik serves as the single source of truth for all users and groups, when using Google products like Gmail.
+
+ For details refer to the [Google Workspace Provider documentation](../../providers/gws/index.md)
+
+- **Microsoft Entra ID Provider** Enterprise Preview
+
+ With the Microsoft Entra ID provider, authentik serves as the single source of truth for all users and groups. Configuring Entra ID as a provider allows for auto-discovery of user and group accounts, on-going synchronization of user data such as email address, name, and status, and integrated data mapping of field names and values.
+
+ For details refer to the [Microsoft Entra ID documentation](../../providers/entra/index.md)
+
+- **Read-replica DB support**
+
+ Multiple read-only databases can be configured to route read-only requests to the non-primary database instance so that the main database can be reserved to write requests.
+
+ For details refer to the [PostgreSQL configuration](../../installation/configuration.mdx#postgresql-settings)
+
+- **Improved CAPTCHA stage**
+
+ Thresholds can now be configured on the CAPTCHA stage to customize its result. Additionally, the stage can be configured to continue the flow if the CAPTCHA score is outside of those thresholds for further decision making via expression policies.
+
+ For details refer to the [CAPTCHA stage](../../flow/stages/captcha/index.md)
+
+- **Optimize sync and property mapping execution**
+
+ The synchronization process from sources has been optimized to avoid unnecessary operations. Additionally, the Python compilation of property mappings is now cached so that it only happens once per sync.
+
+- **Wizards now use a grid layout**
+
+ The provider and source creation wizards now use a grid layout showing logos and descriptions of available protocols and services.
+
+## Fixes
+
+- **Reworked proxy provider redirect**
+
+ Following-up on a [highly requested issue](https://github.com/goauthentik/authentik/issues/6886), we've reworked our [Proxy provider](../../providers/proxy/index.md) to avoid invalid user-facing redirects.
+
+## Upgrading
+
+With this release, authentik now requires PostgreSQL version 14 or later. We recommend upgrading to the latest version if needed. Follow the instructions [here](../../troubleshooting/postgres/upgrade_docker.md) if you need to upgrade PostgreSQL with docker-compose.
+
+### Docker Compose
+
+To upgrade, download the new `docker-compose.yml` file and update the Docker stack with the new version, using these commands:
+
+```shell
+wget -O docker-compose.yml https://goauthentik.io/version/2024.6/docker-compose.yml
+docker compose up -d
+```
+
+The `-O` flag retains the downloaded file's name, overwriting any existing local file with the same name.
+
+### Kubernetes
+
+Upgrade the Helm Chart to the new version, using the following commands:
+
+```shell
+helm repo update
+helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.6
+```
+
+## Minor changes/fixes
+
+- admin: system api: do not show FIPS status if no valid license (#10091)
+- core: FIPS (#9683)
+- core: add include_users flag to single group retrieval (#9721)
+- core: add option to select group for property mapping testing (#9834)
+- core: fix auth_method and auth_method_args being overwritten by password stage (#9782)
+- core: fix condition in task clean_expiring_models (#9603)
+- core: fix logic for token expiration (#9426)
+- core: fix source flow_manager not always appending save stage (#9659)
+- core: fix source_flow_manager saving user-source connection too early (#9559)
+- core: fix task clean_expiring_models removing valid sessions with using database storage (#9598)
+- core: groups api: always prefetch users (#9974)
+- core: groups: optimize recursive children query (#9931)
+- core: only prefetch related objects when required (#9476)
+- crypto: update fingerprint at same time as certificate (#10036)
+- enterprise/audit: fix audit logging with m2m relations (#9571)
+- enterprise/providers/google: initial account sync to google workspace (#9384)
+- enterprise/providers/google_workspace: ensure no group is created when no property mappings are set (#9783)
+- enterprise/providers/microsoft_entra: fix error when updating connection attributes (#10039)
+- enterprise/providers/microsoft_entra: initial account sync to microsoft entra (#9632)
+- enterprise/stages/source: fix error when creating source stage from blueprint (#9810)
+- events: ensure all models' **str** can be called without any further lookups (#9480)
+- events: fix geoip enrich context not converting to json-seriazable data (#9885)
+- flows: fix execute API endpoint (#9478)
+- lib/providers/sync: improve outgoing sync (#9835)
+- lib/providers/sync: multiple minor fixes (#9667)
+- lib/sync/outgoing, sources/ldap: fix sync status endpoint (#9855)
+- lib/sync: fix json error (#9827)
+- lifecycle/migrate: only acquire lock once (#9856)
+- lifecycle: always try custom redis URL (#9441)
+- lifecycle: close database connection after migrating (#9516)
+- lifecycle: fix ak test-all command
+- policies: fix ak_call_policy failing when used in testing (#9853)
+- providers/oauth2: don't handle api scope as special scope (#9910)
+- providers/proxy: rework redirect mechanism (#8594)
+- providers/rac: bump guacd to 1.5.5 (#9514)
+- providers/saml: fix ecdsa support (#9537)
+- providers/scim, sources/ldap: switch to using postgres advisory locks instead of redis locks (#9511)
+- providers/scim: fix SCIM ID incorrectly used as primary key (#9557)
+- providers/scim: fix time_limit not set correctly (#9546)
+- providers/scim: optimize PropertyMapping fetching and execution (#9689)
+- providers/sync: improve v3 (#9966)
+- providers/sync: update attributes on update (#10012)
+- rbac: filters: fix missing attribute for unauthenticated requests (#10061)
+- rbac: fix some rough edges and inconsistencies (#9771)
+- root: add configuration option to enable fips (#10088)
+- root: add primary-replica db router (#9479)
+- root: bump blueprint schema version
+- root: docker-compose: remove version top level element (#9631)
+- root: handle asgi exception (#10085)
+- root: include task_id in events and logs (#9749)
+- sources/oauth: ensure all UI sources return a valid source (#9401)
+- sources/oauth: fix OAuth Client sending token request incorrectly (#9474)
+- sources/oauth: modernizes discord icon (#9817)
+- sources/saml: fix FlowPlanner error due to pickle (#9708)
+- sources/scim: fix duplicate groups and invalid schema (#9466)
+- sources/scim: fix service account user path (#9463)
+- stages/authenticator_validate: fix priority of auth_method being set to auth_webauthn_pwl (#9909)
+- stages/authenticator_webauthn: migrate device type import to systemtask and schedule (#9958)
+- stages/authenticator_webauthn: optimize device types creation (#9932)
+- stages/captcha: rework (#9959)
+- stages/email: fix sanitization of email addresses (#9999)
+- stages/identification: don't check source component (#9410)
+- stages/user_login: fix non-json-serializable being used (#9886)
+- tenants: fix scheduled tasks not running on default tenant (#9583)
+- web/admin: add link to enterprise docs on license page (#9811)
+- web/admin: fix disabled button color with dark theme (#9465)
+- web/admin: fix document title for admin interface (#9362)
+- web/admin: fix entra provider mapping form (#9767)
+- web/admin: fix scim provider user list (#10028)
+- web/admin: only show non-backchannel providers in application provider select (#9658)
+- web/admin: rework initial wizard pages and add grid layout (#9668)
+- web/admin: show user internal service account as disabled (#9464)
+- web/admin: use chips to display permissions/scopes (#9912)
+- web/common: fix locale detection for user-set locale (#9436)
+- web/flows: fix error when enrolling multiple WebAuthn devices consecutively (#9545)
+- web/flows: fix error when using consecutive webauthn validator stages (#9629)
+- web/flows: fix missing fallback for flow logo (#9487)
+- web: Add enterprise / FIPS notification to the AdminOverviewPage (#10090)
+- web: Add missing integrity hashes to package-lock.json (#9527)
+- web: Add resolved and integrity fields back to package-lock.json (#9419)
+- web: clean up some repetitive types (#9241)
+- web: clean up the options rendering in PromptForm (#9564)
+- web: fix value handling inside controlled components (#9648)
+- web: markdown: display markdown even when frontmatter is missing (#9404)
+
+## API Changes
+
+#### What's New
+
+---
+
+##### `GET` /propertymappings/provider/google_workspace/
+
+##### `POST` /propertymappings/provider/google_workspace/
+
+##### `GET` /propertymappings/provider/google_workspace/{#123;pm_uuid}#125;/
+
+##### `PUT` /propertymappings/provider/google_workspace/{#123;pm_uuid}#125;/
+
+##### `DELETE` /propertymappings/provider/google_workspace/{#123;pm_uuid}#125;/
+
+##### `PATCH` /propertymappings/provider/google_workspace/{#123;pm_uuid}#125;/
+
+##### `GET` /propertymappings/provider/google_workspace/{#123;pm_uuid}#125;/used_by/
+
+##### `GET` /propertymappings/provider/microsoft_entra/
+
+##### `POST` /propertymappings/provider/microsoft_entra/
+
+##### `GET` /propertymappings/provider/microsoft_entra/{#123;pm_uuid}#125;/
+
+##### `PUT` /propertymappings/provider/microsoft_entra/{#123;pm_uuid}#125;/
+
+##### `DELETE` /propertymappings/provider/microsoft_entra/{#123;pm_uuid}#125;/
+
+##### `PATCH` /propertymappings/provider/microsoft_entra/{#123;pm_uuid}#125;/
+
+##### `GET` /propertymappings/provider/microsoft_entra/{#123;pm_uuid}#125;/used_by/
+
+##### `GET` /providers/google_workspace/
+
+##### `POST` /providers/google_workspace/
+
+##### `GET` /providers/google_workspace/{#123;id}#125;/
+
+##### `PUT` /providers/google_workspace/{#123;id}#125;/
+
+##### `DELETE` /providers/google_workspace/{#123;id}#125;/
+
+##### `PATCH` /providers/google_workspace/{#123;id}#125;/
+
+##### `GET` /providers/google_workspace/{#123;id}#125;/sync/status/
+
+##### `GET` /providers/google_workspace/{#123;id}#125;/used_by/
+
+##### `GET` /providers/google_workspace_groups/
+
+##### `POST` /providers/google_workspace_groups/
+
+##### `GET` /providers/google_workspace_groups/{#123;id}#125;/
+
+##### `DELETE` /providers/google_workspace_groups/{#123;id}#125;/
+
+##### `GET` /providers/google_workspace_groups/{#123;id}#125;/used_by/
+
+##### `GET` /providers/google_workspace_users/
+
+##### `POST` /providers/google_workspace_users/
+
+##### `GET` /providers/google_workspace_users/{#123;id}#125;/
+
+##### `DELETE` /providers/google_workspace_users/{#123;id}#125;/
+
+##### `GET` /providers/google_workspace_users/{#123;id}#125;/used_by/
+
+##### `GET` /providers/microsoft_entra/
+
+##### `POST` /providers/microsoft_entra/
+
+##### `GET` /providers/microsoft_entra/{#123;id}#125;/
+
+##### `PUT` /providers/microsoft_entra/{#123;id}#125;/
+
+##### `DELETE` /providers/microsoft_entra/{#123;id}#125;/
+
+##### `PATCH` /providers/microsoft_entra/{#123;id}#125;/
+
+##### `GET` /providers/microsoft_entra/{#123;id}#125;/sync/status/
+
+##### `GET` /providers/microsoft_entra/{#123;id}#125;/used_by/
+
+##### `GET` /providers/microsoft_entra_groups/
+
+##### `POST` /providers/microsoft_entra_groups/
+
+##### `GET` /providers/microsoft_entra_groups/{#123;id}#125;/
+
+##### `DELETE` /providers/microsoft_entra_groups/{#123;id}#125;/
+
+##### `GET` /providers/microsoft_entra_groups/{#123;id}#125;/used_by/
+
+##### `GET` /providers/microsoft_entra_users/
+
+##### `POST` /providers/microsoft_entra_users/
+
+##### `GET` /providers/microsoft_entra_users/{#123;id}#125;/
+
+##### `DELETE` /providers/microsoft_entra_users/{#123;id}#125;/
+
+##### `GET` /providers/microsoft_entra_users/{#123;id}#125;/used_by/
+
+##### `GET` /providers/scim/{#123;id}#125;/sync/status/
+
+##### `GET` /providers/scim_groups/
+
+##### `POST` /providers/scim_groups/
+
+##### `GET` /providers/scim_groups/{#123;id}#125;/
+
+##### `DELETE` /providers/scim_groups/{#123;id}#125;/
+
+##### `GET` /providers/scim_groups/{#123;id}#125;/used_by/
+
+##### `GET` /providers/scim_users/
+
+##### `POST` /providers/scim_users/
+
+##### `GET` /providers/scim_users/{#123;id}#125;/
+
+##### `DELETE` /providers/scim_users/{#123;id}#125;/
+
+##### `GET` /providers/scim_users/{#123;id}#125;/used_by/
+
+##### `GET` /sources/ldap/{#123;slug}#125;/sync/status/
+
+#### What's Deleted
+
+---
+
+##### `GET` /providers/scim/{#123;id}#125;/sync_status/
+
+##### `GET` /sources/ldap/{#123;slug}#125;/sync_status/
+
+#### What's Changed
+
+---
+
+##### `GET` /admin/system/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `runtime` (object)
+
+ > Get versions
+
+ New required properties:
+
+ - `authentik_version`
+ - `openssl_fips_mode`
+ - `openssl_version`
+
+ New optional properties:
+
+ - `gunicorn_version`
+
+ * Added property `openssl_version` (string)
+
+ * Added property `openssl_fips_mode` (boolean)
+
+ * Added property `authentik_version` (string)
+
+ * Deleted property `gunicorn_version` (string)
+
+##### `POST` /admin/system/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `runtime` (object)
+
+ > Get versions
+
+ New required properties:
+
+ - `authentik_version`
+ - `openssl_fips_mode`
+ - `openssl_version`
+
+ New optional properties:
+
+ - `gunicorn_version`
+
+ * Added property `openssl_version` (string)
+
+ * Added property `openssl_fips_mode` (boolean)
+
+ * Added property `authentik_version` (string)
+
+ * Deleted property `gunicorn_version` (string)
+
+##### `GET` /events/events/actions/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ Changed items (object): > Types of an object that can be created
+
+ - Added property `icon_url` (string)
+
+##### `GET` /outposts/instances/{#123;uuid}#125;/health/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ Changed items (object): > Outpost health status
+
+ New required properties:
+
+ - `fips_enabled`
+ - `golang_version`
+ - `openssl_enabled`
+ - `openssl_version`
+
+ * Added property `golang_version` (string)
+
+ * Added property `openssl_enabled` (boolean)
+
+ * Added property `openssl_version` (string)
+
+ * Added property `fips_enabled` (boolean)
+ > Get FIPS enabled
+
+##### `GET` /outposts/service_connections/all/types/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ Changed items (object): > Types of an object that can be created
+
+ - Added property `icon_url` (string)
+
+##### `GET` /policies/all/types/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ Changed items (object): > Types of an object that can be created
+
+ - Added property `icon_url` (string)
+
+##### `GET` /policies/event_matcher/{#123;policy_uuid}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `app` (string)
+
+ > Match events created by selected application. When left empty, all applications are matched.
+
+ Added enum values:
+
+ - `authentik.enterprise.providers.google_workspace`
+ - `authentik.enterprise.providers.microsoft_entra`
+
+ - Changed property `model` (string)
+
+ > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+##### `PUT` /policies/event_matcher/{#123;policy_uuid}#125;/
+
+###### Request:
+
+Changed content type : `application/json`
+
+- Changed property `app` (string)
+
+ > Match events created by selected application. When left empty, all applications are matched.
+
+ Added enum values:
+
+ - `authentik.enterprise.providers.google_workspace`
+ - `authentik.enterprise.providers.microsoft_entra`
+
+- Changed property `model` (string)
+
+ > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `app` (string)
+
+ > Match events created by selected application. When left empty, all applications are matched.
+
+ Added enum values:
+
+ - `authentik.enterprise.providers.google_workspace`
+ - `authentik.enterprise.providers.microsoft_entra`
+
+ - Changed property `model` (string)
+
+ > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+##### `PATCH` /policies/event_matcher/{#123;policy_uuid}#125;/
+
+###### Request:
+
+Changed content type : `application/json`
+
+- Changed property `app` (string)
+
+ > Match events created by selected application. When left empty, all applications are matched.
+
+ Added enum values:
+
+ - `authentik.enterprise.providers.google_workspace`
+ - `authentik.enterprise.providers.microsoft_entra`
+
+- Changed property `model` (string)
+
+ > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `app` (string)
+
+ > Match events created by selected application. When left empty, all applications are matched.
+
+ Added enum values:
+
+ - `authentik.enterprise.providers.google_workspace`
+ - `authentik.enterprise.providers.microsoft_entra`
+
+ - Changed property `model` (string)
+
+ > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+##### `POST` /propertymappings/all/{#123;pm_uuid}#125;/test/
+
+###### Request:
+
+Changed content type : `application/json`
+
+New optional properties:
+
+- `user`
+
+* Added property `group` (string)
+
+##### `GET` /propertymappings/all/types/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ Changed items (object): > Types of an object that can be created
+
+ - Added property `icon_url` (string)
+
+##### `GET` /providers/all/types/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ Changed items (object): > Types of an object that can be created
+
+ - Added property `icon_url` (string)
+
+##### `GET` /sources/all/types/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ Changed items (object): > Types of an object that can be created
+
+ - Added property `icon_url` (string)
+
+##### `GET` /stages/all/types/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ Changed items (object): > Types of an object that can be created
+
+ - Added property `icon_url` (string)
+
+##### `GET` /stages/email/templates/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ Changed items (object): > Types of an object that can be created
+
+ - Added property `icon_url` (string)
+
+##### `GET` /core/groups/{#123;group_uuid}#125;/
+
+###### Parameters:
+
+Added: `include_users` in `query`
+
+##### `POST` /policies/event_matcher/
+
+###### Request:
+
+Changed content type : `application/json`
+
+- Changed property `app` (string)
+
+ > Match events created by selected application. When left empty, all applications are matched.
+
+ Added enum values:
+
+ - `authentik.enterprise.providers.google_workspace`
+ - `authentik.enterprise.providers.microsoft_entra`
+
+- Changed property `model` (string)
+
+ > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+###### Return Type:
+
+Changed response : **201 Created**
+
+- Changed content type : `application/json`
+
+ - Changed property `app` (string)
+
+ > Match events created by selected application. When left empty, all applications are matched.
+
+ Added enum values:
+
+ - `authentik.enterprise.providers.google_workspace`
+ - `authentik.enterprise.providers.microsoft_entra`
+
+ - Changed property `model` (string)
+
+ > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+##### `GET` /policies/event_matcher/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `results` (array)
+
+ Changed items (object): > Event Matcher Policy Serializer
+
+ - Changed property `app` (string)
+
+ > Match events created by selected application. When left empty, all applications are matched.
+
+ Added enum values:
+
+ - `authentik.enterprise.providers.google_workspace`
+ - `authentik.enterprise.providers.microsoft_entra`
+
+ - Changed property `model` (string)
+
+ > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+##### `GET` /providers/all/
+
+###### Parameters:
+
+Added: `backchannel` in `query`
+
+> When not set all providers are returned. When set to true, only backchannel providers are returned. When set to false, backchannel providers are excluded
+
+Deleted: `backchannel_only` in `query`
+
+##### `POST` /rbac/permissions/assigned_by_roles/{#123;uuid}#125;/assign/
+
+###### Request:
+
+Changed content type : `application/json`
+
+- Changed property `model` (string)
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+##### `PATCH` /rbac/permissions/assigned_by_roles/{#123;uuid}#125;/unassign/
+
+###### Request:
+
+Changed content type : `application/json`
+
+- Changed property `model` (string)
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+##### `POST` /rbac/permissions/assigned_by_users/{#123;id}#125;/assign/
+
+###### Request:
+
+Changed content type : `application/json`
+
+- Changed property `model` (string)
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+##### `PATCH` /rbac/permissions/assigned_by_users/{#123;id}#125;/unassign/
+
+###### Request:
+
+Changed content type : `application/json`
+
+- Changed property `model` (string)
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_google_workspace.googleworkspaceprovidermapping`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovidermapping`
+
+##### `GET` /sources/ldap/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `PUT` /sources/ldap/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `PATCH` /sources/ldap/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `GET` /sources/oauth/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `PUT` /sources/oauth/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `PATCH` /sources/oauth/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `GET` /sources/plex/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `PUT` /sources/plex/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `PATCH` /sources/plex/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `GET` /sources/saml/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `PUT` /sources/saml/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `PATCH` /sources/saml/{#123;slug}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `GET` /events/system_tasks/{#123;uuid}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Added property `expires` (string)
+
+ - Added property `expiring` (boolean)
+
+##### `GET` /rbac/permissions/assigned_by_roles/
+
+###### Parameters:
+
+Changed: `model` in `query`
+
+##### `GET` /rbac/permissions/assigned_by_users/
+
+###### Parameters:
+
+Changed: `model` in `query`
+
+##### `POST` /sources/ldap/
+
+###### Return Type:
+
+Changed response : **201 Created**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `GET` /sources/ldap/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `results` (array)
+
+ Changed items (object): > LDAP Source Serializer
+
+ - Changed property `icon` (string)
+
+##### `POST` /sources/oauth/
+
+###### Return Type:
+
+Changed response : **201 Created**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `GET` /sources/oauth/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `results` (array)
+
+ Changed items (object): > OAuth Source Serializer
+
+ - Changed property `icon` (string)
+
+##### `POST` /sources/plex/
+
+###### Return Type:
+
+Changed response : **201 Created**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `GET` /sources/plex/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `results` (array)
+
+ Changed items (object): > Plex Source Serializer
+
+ - Changed property `icon` (string)
+
+##### `POST` /sources/saml/
+
+###### Return Type:
+
+Changed response : **201 Created**
+
+- Changed content type : `application/json`
+
+ - Changed property `icon` (string)
+
+##### `GET` /sources/saml/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `results` (array)
+
+ Changed items (object): > SAMLSource Serializer
+
+ - Changed property `icon` (string)
+
+##### `GET` /stages/captcha/{#123;stage_uuid}#125;/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Added property `score_min_threshold` (number)
+
+ - Added property `score_max_threshold` (number)
+
+ - Added property `error_on_invalid_score` (boolean)
+ > When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions
+
+##### `PUT` /stages/captcha/{#123;stage_uuid}#125;/
+
+###### Request:
+
+Changed content type : `application/json`
+
+- Added property `score_min_threshold` (number)
+
+- Added property `score_max_threshold` (number)
+
+- Added property `error_on_invalid_score` (boolean)
+ > When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Added property `score_min_threshold` (number)
+
+ - Added property `score_max_threshold` (number)
+
+ - Added property `error_on_invalid_score` (boolean)
+ > When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions
+
+##### `PATCH` /stages/captcha/{#123;stage_uuid}#125;/
+
+###### Request:
+
+Changed content type : `application/json`
+
+- Added property `score_min_threshold` (number)
+
+- Added property `score_max_threshold` (number)
+
+- Added property `error_on_invalid_score` (boolean)
+ > When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Added property `score_min_threshold` (number)
+
+ - Added property `score_max_threshold` (number)
+
+ - Added property `error_on_invalid_score` (boolean)
+ > When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions
+
+##### `PUT` /core/transactional/applications/
+
+###### Request:
+
+Changed content type : `application/json`
+
+- Changed property `provider_model` (string)
+
+ Added enum values:
+
+ - `authentik_providers_google_workspace.googleworkspaceprovider`
+ - `authentik_providers_microsoft_entra.microsoftentraprovider`
+
+- Changed property `provider` (object)
+
+ Added 'authentik_providers_google_workspace.googleworkspaceprovider' provider_model:
+
+ - Property `name` (string)
+
+ - Property `property_mappings` (array)
+
+ Items (string):
+
+ - Property `property_mappings_group` (array)
+
+ > Property mappings used for group creation/updating.
+
+ Items (string):
+
+ - Property `delegated_subject` (string)
+
+ - Property `credentials` (object)
+
+ - Property `scopes` (string)
+
+ - Property `exclude_users_service_account` (boolean)
+
+ - Property `filter_group` (string)
+
+ - Property `user_delete_action` (string)
+
+ Enum values:
+
+ - `do_nothing`
+ - `delete`
+ - `suspend`
+
+ - Property `group_delete_action` (string)
+
+ - Property `default_group_email_domain` (string)
+
+ Added 'authentik_providers_microsoft_entra.microsoftentraprovider' provider_model:
+
+ - Property `name` (string)
+
+ - Property `property_mappings` (array)
+
+ - Property `property_mappings_group` (array)
+
+ > Property mappings used for group creation/updating.
+
+ - Property `client_id` (string)
+
+ - Property `client_secret` (string)
+
+ - Property `tenant_id` (string)
+
+ - Property `exclude_users_service_account` (boolean)
+
+ - Property `filter_group` (string)
+
+ - Property `user_delete_action` (string)
+
+ - Property `group_delete_action` (string)
+
+##### `GET` /events/system_tasks/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `results` (array)
+
+ Changed items (object): > Serialize TaskInfo and TaskResult
+
+ - Added property `expires` (string)
+
+ - Added property `expiring` (boolean)
+
+##### `POST` /stages/captcha/
+
+###### Request:
+
+Changed content type : `application/json`
+
+- Added property `score_min_threshold` (number)
+
+- Added property `score_max_threshold` (number)
+
+- Added property `error_on_invalid_score` (boolean)
+ > When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions
+
+###### Return Type:
+
+Changed response : **201 Created**
+
+- Changed content type : `application/json`
+
+ - Added property `score_min_threshold` (number)
+
+ - Added property `score_max_threshold` (number)
+
+ - Added property `error_on_invalid_score` (boolean)
+ > When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions
+
+##### `GET` /stages/captcha/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+- Changed content type : `application/json`
+
+ - Changed property `results` (array)
+
+ Changed items (object): > CaptchaStage Serializer
+
+ - Added property `score_min_threshold` (number)
+
+ - Added property `score_max_threshold` (number)
+
+ - Added property `error_on_invalid_score` (boolean)
+ > When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions
diff --git a/website/docs/releases/2024/v2024.next.md b/website/docs/releases/2024/v2024.next.md
deleted file mode 100644
index 00824ed771..0000000000
--- a/website/docs/releases/2024/v2024.next.md
+++ /dev/null
@@ -1,54 +0,0 @@
----
-title: Release 2024.next
-slug: "/releases/2024.next"
----
-
-:::::note
-2024.next has not been released yet! We're publishing these release notes as a preview of what's to come, and for our awesome beta testers trying out release candidates.
-
-To try out the release candidate, replace your Docker image tag with the latest release candidate number, such as 2024.next.0-rc1. You can find the latest one in [the latest releases on GitHub](https://github.com/goauthentik/authentik/releases). If you don't find any, it means we haven't released one yet.
-:::::
-
-## Breaking changes
-
-### PostgreSQL minimum supported version upgrade
-
-authentik now requires PostgreSQL version 14 or later. We recommend upgrading to the latest version if you are running an older version.
-
-The provided Helm chart defaults to PostgreSQL 15. If you are using the Helm chart with the default values, no action is required.
-
-The provided Compose file was updated with PostgreSQL 16. You can follow the procedure [here](../../troubleshooting/postgres/upgrade_docker.md) to upgrade.
-
-## New features
-
-## Upgrading
-
-authentik now requires PostgreSQL version 14 or later. We recommend upgrading to the latest version if needed. Follow the instructions [here](../../troubleshooting/postgres/upgrade_docker.md) if you need to upgrade PostgreSQL with docker-compose.
-
-### Docker Compose
-
-To upgrade, download the new Compose file and update the Docker stack with the new version, using these commands:
-
-```shell
-wget -O docker-compose.yml https://goauthentik.io/version/2024.next/docker-compose.yml
-docker compose up -d
-```
-
-The `-O` flag retains the downloaded file's name, overwriting any existing local file with the same name.
-
-### Kubernetes
-
-Upgrade the Helm Chart to the new version, using the following commands:
-
-```shell
-helm repo update
-helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.next
-```
-
-## Minor changes/fixes
-
-
-
-## API Changes
-
-
diff --git a/website/sidebars.js b/website/sidebars.js
index 736f0c69f7..4230093a86 100644
--- a/website/sidebars.js
+++ b/website/sidebars.js
@@ -409,16 +409,17 @@ const docsSidebar = {
type: "generated-index",
title: "Releases",
slug: "releases",
- description: "Release notes for recent authentik versions",
+ description: "Release Notes for recent authentik versions",
},
items: [
+ "releases/2024/v2024.6",
"releases/2024/v2024.4",
"releases/2024/v2024.2",
- "releases/2023/v2023.10",
{
type: "category",
label: "Previous versions",
items: [
+ "releases/2023/v2023.10",
"releases/2023/v2023.8",
"releases/2023/v2023.6",
"releases/2023/v2023.5",