habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

website/docs: 2024.4 release notes (#9267)

Browse Source 
* website/docs: 2024.4 release notes WIP

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix .next

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* reword

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add python api client

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix consistency

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* expand scim docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add release notes to sidebar

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update release notes and add disclaimer

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add disclaimer to template

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add list of API Clients to developer docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add performance improvements

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix build

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L
2024-04-19 15:32:48 +02:00
committed by GitHub
parent 6f3dc2eafd
commit 53f8699deb
11 changed files with 149 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
website/docs/releases/2024/next.md
View File

@ -1,60 +0,0 @@
---
title: Release next
slug: /releases/next
---
<!-- ## Breaking changes -->
## Breaking changes
### Manual action is required
### Manual action may be required
- **Configuration options migrated to the Admin interface**
The following config options have been moved from the config file and can now be set using the Admin interface (under **System** -> **Settings**) or the API:
- `AUTHENTIK_DEFAULT_TOKEN_LENGTH`
When upgrading to 2024.next, the currently configured options will be automatically migrated to the database, and can be removed from the `.env` or helm values file afterwards.
## New features
- Configurable app password token expiring
Thanks @jmdilly for contributing this feature!
Admins can now configure the default token duration (which defaults to `minutes=30`) in the admin interface as specified above. This value can also be overridden per-user with the `goauthentik.io/user/token-maximum-lifetime` attribute.
## Upgrading
This release does not introduce any new requirements.
### docker-compose
To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands:
```shell
wget -O docker-compose.yml https://goauthentik.io/version/xxxx.x/docker-compose.yml
docker compose up -d
```
The `-O` flag retains the downloaded file's name, overwriting any existing local file with the same name.
### Kubernetes
Upgrade the Helm Chart to the new version, using the following commands:
```shell
helm repo update
helm upgrade authentik authentik/authentik -f values.yaml --version ^xxxx.x
```
## Minor changes/fixes
<!-- _Insert the output of `make gen-changelog` here_ -->
## API Changes
<!-- _Insert output of `make gen-diff` here_ -->

104
website/docs/releases/2024/v2024.4.md Normal file
View File

@ -0,0 +1,104 @@
---
title: Release 2024.4
slug: /releases/2024.4
---
:::::note
2024.4 has not been released yet! We're publishing these release notes as a preview of what's to come, and for our awesome beta testers trying out release candidates.
To try out the release candidate, replace your Docker image tag with the latest release candidate number, such as 2024.4.0-rc1. You can find the latest one in [the latest releases on GitHub](https://github.com/goauthentik/authentik/releases). If you don't find any, it means we haven't released one yet.
:::::
## Highlights
- **OAuth/SAML as authentication factor** <span class="badge badge--primary">Enterprise</span> Use an external provider as part of an MFA authentication flow, including custom implementations
- **SCIM Source** <span class="badge badge--info">Preview</span> Provision users and groups in authentik using an SCIM API
- **Configurable WebAuthn device restrictions** Configure which types of WebAuthn devices can be used to enroll and validate for different authorization levels.
- **Performance improvements** The API Endpoints to list Users, Groups, and Events have been optimized by 100%, y% and z% respectively
## Breaking changes
### Manual action may be required
- **Configuration options migrated to the Admin interface**
The following config options have been moved from the config file and can now be set using the Admin interface (under **System** -> **Settings**) or the API:
- `AUTHENTIK_DEFAULT_TOKEN_LENGTH`
When upgrading to 2024.4, the currently configured options will be automatically migrated to the database, and can be removed from the `.env` or helm values file afterwards.
## New features
- **Source stage** <span class="badge badge--primary">Enterprise</span>
The source stage allows for an inclusion of a source as part of a flow. This can be used to link a user to a source as part of their authentication/enrollment, or it can be used as an external multi-factor to provide device health attestation for example.
For details refer to [Source stage](../../flow/stages/source/index.md)
- **SCIM Source** <span class="badge badge--info">Preview</span>
Provision users and groups in authentik using an SCIM API.
For details refer to [SCIM Source](../../../integrations/sources/scim/)
- **Configurable WebAuthn device restrictions**
Configure which types of WebAuthn devices can be used to enroll and validate for different authorization levels.
For details refer to [WebAuthn authenticator setup stage](../../flow/stages/authenticator_webauthn/index.md)
- **Revamped UI for log messages**
Log messages from several API endpoints are now shown with much greater detail, which helps with implementing custom policies and property mappings.
- **Python API Client**
There's now an official API Client for Python: https://pypi.org/project/authentik-client/. This API Client can be used to create/update/delete objects within authentik as well as using the Flow executor to authenticate.
- **Configure LDAP sources to not store hashed password in authentik**
When authentik is configured to federate with an LDAP source, upon authentication, authentik hashed the password and stored it in its own database. This allows authentication to function when LDAP is unreachable. Admins can now configure this behavior for when this is not desirable.
For details refer to [LDAP Source](../../../integrations/sources/ldap/)
- **Configurable app password token expiring**
Thanks @jmdilly for contributing this feature!
Admins can now configure the default token duration (which defaults to `minutes=30`) in the admin interface as specified above. This value can also be overridden per-user with the `goauthentik.io/user/token-maximum-lifetime` attribute.
## Upgrading
This release does not introduce any new requirements.
### docker-compose
To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands:
```shell
wget -O docker-compose.yml https://goauthentik.io/version/2024.4/docker-compose.yml
docker compose up -d
```
The `-O` flag retains the downloaded file's name, overwriting any existing local file with the same name.
### Kubernetes
Upgrade the Helm Chart to the new version, using the following commands:
```shell
helm repo update
helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.4
```
## Minor changes/fixes
<!-- _Insert the output of `make gen-changelog` here_ -->
## API Changes
<!-- _Insert output of `make gen-diff` here_ -->

6
website/docs/releases/_template.md
View File

@ -3,6 +3,12 @@ title: Release xxxx.x
slug: "/releases/xxxx.x"
---
:::::note
xxxx.x has not been released yet! We're publishing these release notes as a preview of what's to come, and for our awesome beta testers trying out release candidates.
To try out the release candidate, replace your Docker image tag with the latest release candidate number, such as xxxx.x.0-rc1. You can find the latest one in [the latest releases on GitHub](https://github.com/goauthentik/authentik/releases). If you don't find any, it means we haven't released one yet.
:::::
<!-- ## Breaking changes -->
## New features