website: latest PR for new Docs structure (#11639)
* first pass
* dependency shenanigans
* move blueprints
* few broken links
* change config the throw errors
* internal file edits
* fighting links
* remove sidebarDev
* fix subdomain
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix relative URL
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix mismatched package versions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix api reference build
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* test tweak
* links hell
* more links hell
* links hell2
* yep last of the links
* last broken link fixed
* re-add cves
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add devdocs redirects
* add dir
* tweak netlify.toml
* move latest 2 CVES into dir
* fix links to moved cves
* typoed title fix
* fix link
* remove banner
* remove committed api docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* integrations: remove version dropdown
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* Update Makefile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* change doc links in web as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix some more docs paths
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix more docs paths
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* ci: require ci-web.build for merging
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* Revert "ci: require ci-web.build for merging"
This reverts commit b99a4842a9.
* remove sluf for Application
* put slug back in
* minor fix to trigger deploy
* Spelled out Documentation in menu bar
* remove image redirects...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove explicit index.md
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove mdx first
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* then remove .md
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add missing prefix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
This commit is contained in:
Tana M Berry
@ -17,7 +17,7 @@ slug: "/releases/2023.1"
|
||||
|
||||
- Proxy provider now accepts HTTP Basic and Bearer authentication
|
||||
|
||||
See [Header authentication](../../providers/proxy/header_authentication.md).
|
||||
See [Header authentication](../../add-secure-apps/providers/proxy/header_authentication.md).
|
||||
|
||||
- LDAP provider now works with Code-based MFA stages
|
||||
|
||||
@ -121,7 +121,7 @@ image:
|
||||
|
||||
## Fixed in 2023.1.3
|
||||
|
||||
- \*: fix [CVE-2023-26481](../security/CVE-2023-26481), Reported by [@fuomag9](https://github.com/fuomag9)
|
||||
- \*: fix [CVE-2023-26481](../../security/cves/CVE-2023-26481.md), Reported by [@fuomag9](https://github.com/fuomag9)
|
||||
|
||||
## API Changes
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@ slug: "/releases/2023.10"
|
||||
|
||||
- RBAC (preview)
|
||||
|
||||
With this release we're introducing the ability to finely configure permissions within authentik. These permissions can be used to delegate different tasks, such as user management, application creation and more to users without granting them full superuser permissions. With this system, a least-privilege system can also be implemented much more easily. See more info [here](../../user-group-role/access-control/index.mdx)
|
||||
With this release we're introducing the ability to finely configure permissions within authentik. These permissions can be used to delegate different tasks, such as user management, application creation and more to users without granting them full superuser permissions. With this system, a least-privilege system can also be implemented much more easily. See more info [here](../../users-sources/access-control/index.mdx)
|
||||
|
||||
- LDAP Provider improvements
|
||||
|
||||
@ -127,7 +127,7 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.10
|
||||
|
||||
## Fixed in 2023.10.2
|
||||
|
||||
- \*: fix [GHSA-rjvp-29xq-f62w](../security/GHSA-rjvp-29xq-f62w), Reported by [@devSparkle](https://github.com/devSparkle)
|
||||
- \*: fix [GHSA-rjvp-29xq-f62w.md](../../security/cves/GHSA-rjvp-29xq-f62w.md), reported by [@devSparkle](https://github.com/devSparkle)
|
||||
- blueprints: fix entries with state: absent not being deleted if their serializer has errors (#7345)
|
||||
- crypto: fix race conditions when creating self-signed certificates on startup (#7344)
|
||||
- lifecycle: rework otp_merge migration (#7359)
|
||||
@ -161,7 +161,7 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.10
|
||||
- providers/proxy: Fix duplicate cookies when using file system store. (cherry-pick #7541) (#7544)
|
||||
- providers/scim: fix missing schemas attribute for User and Group (cherry-pick #7477) (#7596)
|
||||
- root: specify node and python versions in respective config files, deduplicate in CI (#7620)
|
||||
- security: fix [CVE-2023-48228](../../security/CVE-2023-48228.md), Reported by [@Sapd](https://github.com/Sapd) (#7666)
|
||||
- security: fix [CVE-2023-48228](../../security/cves/CVE-2023-48228.md), Reported by [@Sapd](https://github.com/Sapd) (#7666)
|
||||
- stages/email: use uuid for email confirmation token instead of username (cherry-pick #7581) (#7584)
|
||||
- web/admin: fix admins not able to delete MFA devices (#7660)
|
||||
|
||||
@ -186,7 +186,7 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.10
|
||||
- core: fix PropertyMapping context not being available in request context
|
||||
- outposts: disable deployment and secret reconciler for embedded outpost in code instead of in config (cherry-pick #8021) (#8024)
|
||||
- outposts: fix Outpost reconcile not re-assigning managed attribute (cherry-pick #8014) (#8020)
|
||||
- providers/oauth2: fix [CVE-2024-21637](../../security/CVE-2024-21637.md), Reported by [@lauritzh](https://github.com/lauritzh) (#8104)
|
||||
- providers/oauth2: fix [CVE-2024-21637](../../security/cves/CVE-2024-21637.md), Reported by [@lauritzh](https://github.com/lauritzh) (#8104)
|
||||
- providers/oauth2: remember session_id from initial token (cherry-pick #7976) (#7977)
|
||||
- providers/proxy: use access token (cherry-pick #8022) (#8023)
|
||||
- rbac: fix error when looking up permissions for now uninstalled apps (cherry-pick #8068) (#8070)
|
||||
@ -195,7 +195,7 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.10
|
||||
|
||||
## Fixed in 2023.10.7
|
||||
|
||||
- providers/oauth2: fix fix [CVE-2024-23647](../../security/CVE-2024-23647.md) (cherry-pick #8345) (#8347)
|
||||
- providers/oauth2: fix fix [CVE-2024-23647](../../security/cves/CVE-2024-23647.md) (cherry-pick #8345) (#8347)
|
||||
- rbac: fix invitations listing with restricted permissions (cherry-pick #8227) (#8229)
|
||||
- root: fix listen trusted_proxy_cidrs config loading from environment (#8075)
|
||||
- root: fix redis config not being updated to match previous change
|
||||
|
||||
@ -21,7 +21,7 @@ slug: "/releases/2023.2"
|
||||
|
||||
- Generated avatars, multiple avatar modes
|
||||
|
||||
authentik now supports multiple avatar modes, and will use the next configured mode when a mode doesn't have an avatar. For example, the new default configuration attempts to use gravatar, but if the user's email does not have a gravatar setup, it will instead use the new generated avatars. See [Configuration](../../core/settings.md#avatars)
|
||||
authentik now supports multiple avatar modes, and will use the next configured mode when a mode doesn't have an avatar. For example, the new default configuration attempts to use gravatar, but if the user's email does not have a gravatar setup, it will instead use the new generated avatars. See [Configuration](../../sys-mgmt/settings.md#avatars)
|
||||
|
||||
## Upgrading
|
||||
|
||||
@ -109,7 +109,7 @@ image:
|
||||
|
||||
## Fixed in 2023.2.3
|
||||
|
||||
- \*: fix [CVE-2023-26481](../security/CVE-2023-26481), Reported by [@fuomag9](https://github.com/fuomag9)
|
||||
- \*: fix [CVE-2023-26481.md](../../security/cves/CVE-2023-26481.md), Reported by [@fuomag9](https://github.com/fuomag9)
|
||||
|
||||
## API Changes
|
||||
|
||||
|
||||
@ -13,12 +13,12 @@ slug: "/releases/2023.3"
|
||||
|
||||
authentik can now provision users into other IT systems via the SCIM (System for Cross-domain Identity Management) protocol. The provider synchronizes Users, Groups and the user membership. Objects are synced both when they are saved and based on a pre-defined schedule in the background.
|
||||
|
||||
Documentation: [SCIM Provider](../../../docs/providers/scim/index.md)
|
||||
Documentation: [SCIM Provider](../../add-secure-apps/providers/scim/index.md)
|
||||
|
||||
- Theming improvements
|
||||
|
||||
- The custom.css file is now loaded in ShadowDOMs, allowing for much greater customization, as previously it was only possible to style elements outside of the ShadowDOM. See docs for [Flow](../../interfaces/flow/customization.mdx), [User](../../interfaces/user/customization.mdx) and [Admin](../../interfaces/admin/customization.mdx) interfaces.
|
||||
- Previously, authentik would automatically switch between dark and light theme based on the users' browsers' settings. This can now be overridden to either force the light or dark theme, per user/group/tenant. See docs for [Flow](../../interfaces/flow/customization.mdx), [User](../../interfaces/user/customization.mdx) and [Admin](../../interfaces/admin/customization.mdx) interfaces.
|
||||
- The custom.css file is now loaded in ShadowDOMs, allowing for much greater customization, as previously it was only possible to style elements outside of the ShadowDOM. See docs for [Flow](../../customize/interfaces/flow/customization.mdx), [User](../../customize/interfaces/user/customization.mdx) and [Admin](../../customize/interfaces/admin/customization.mdx) interfaces.
|
||||
- Previously, authentik would automatically switch between dark and light theme based on the users' browsers' settings. This can now be overridden to either force the light or dark theme, per user/group/tenant. See docs for [Flow](../../customize/interfaces/flow/customization.mdx), [User](../../customize/interfaces/user/customization.mdx) and [Admin](../../customize/interfaces/admin/customization.mdx) interfaces.
|
||||
|
||||
## Upgrading
|
||||
|
||||
|
||||
@ -21,9 +21,9 @@ slug: "/releases/2023.4"
|
||||
|
||||
authentik now supports the [RADIUS protocol](https://en.wikipedia.org/wiki/RADIUS) for authentication, allowing for the integration of a wider variety of systems such as VPN software, network switches/routers, and others.
|
||||
|
||||
The RADIUS provider also uses a flow to authenticate users, and supports the same stages as the [LDAP Provider](../../../docs/providers/ldap/index.md).
|
||||
The RADIUS provider also uses a flow to authenticate users, and supports the same stages as the [LDAP Provider](../../add-secure-apps/providers/ldap/index.md).
|
||||
|
||||
Documentation: [RADIUS Provider](../../../docs/providers/radius/index.mdx)
|
||||
Documentation: [RADIUS Provider](../../add-secure-apps/providers/radius/index.mdx)
|
||||
|
||||
- Decreased CPU usage for workers
|
||||
|
||||
@ -35,11 +35,11 @@ slug: "/releases/2023.4"
|
||||
|
||||
- "Stay logged in" prompt
|
||||
|
||||
In the [User login stage](../../../docs/flow/stages/user_login/index.md), an admin can use the new "Stay Logged In" option to add additional minutes or hours to the defined `session duration` value. When this "Stay Logged In" offset time is configured, the user logging in is presented with a prompt asking if they want to extend their session.
|
||||
In the [User login stage](../../add-secure-apps/flows-stages/stages/user_login/index.md), an admin can use the new "Stay Logged In" option to add additional minutes or hours to the defined `session duration` value. When this "Stay Logged In" offset time is configured, the user logging in is presented with a prompt asking if they want to extend their session.
|
||||
|
||||
- Prompt preview
|
||||
|
||||
When creating a single prompt for use with a [Prompt stage](../../../docs/flow/stages/prompt/index.md), a live preview of the prompt is now shown. This makes it easier to test how a prompt will behave, and also shows what data it will send, and how it will be available in the flow context.
|
||||
When creating a single prompt for use with a [Prompt stage](../../add-secure-apps/flows-stages/stages/prompt/index.md), a live preview of the prompt is now shown. This makes it easier to test how a prompt will behave, and also shows what data it will send, and how it will be available in the flow context.
|
||||
|
||||
## Upgrading
|
||||
|
||||
@ -109,11 +109,11 @@ image:
|
||||
|
||||
## Fixed in 2023.4.2
|
||||
|
||||
- security: Address pen-test findings from the [2023-06 Cure53 Code audit](../../security/2023-06-cure53.md)
|
||||
- security: Address pen-test findings from the [2023-06 Cure53 Code audit](../../security/audits-and-certs/2023-06-cure53.md)
|
||||
|
||||
## Fixed in 2023.4.3
|
||||
|
||||
- \*: fix [CVE-2023-36456](../security/CVE-2023-36456), Reported by [@thijsa](https://github.com/thijsa)
|
||||
- \*: fix [CVE-2023-36456](../../security/cves/CVE-2023-36456.md), Reported by [@thijsa](https://github.com/thijsa)
|
||||
|
||||
## API Changes
|
||||
|
||||
|
||||
@ -23,7 +23,7 @@ slug: "/releases/2023.5"
|
||||
|
||||
- Backchannel providers
|
||||
|
||||
Backchannel providers can augment the functionality of applications by using additional protocols. The main provider of an application provides the SSO protocol that is used for logging into the application. Then, additional backchannel providers can be used for protocols such as [SCIM](../../providers/scim/index.md) and [LDAP](../../providers/ldap/index.md) to provide directory syncing.
|
||||
Backchannel providers can augment the functionality of applications by using additional protocols. The main provider of an application provides the SSO protocol that is used for logging into the application. Then, additional backchannel providers can be used for protocols such as [SCIM](../../add-secure-apps/providers/scim/index.md) and [LDAP](../../add-secure-apps/providers/ldap/index.md) to provide directory syncing.
|
||||
|
||||
Access restrictions that are configured on an application apply to all of its backchannel providers.
|
||||
|
||||
@ -146,15 +146,15 @@ image:
|
||||
|
||||
## Fixed in 2023.5.4
|
||||
|
||||
- security: Address pen-test findings from the [2023-06 Cure53 Code audit](../../security/2023-06-cure53.md)
|
||||
- security: Address pen-test findings from the [2023-06 Cure53 Code audit](../../security/audits-and-certs/2023-06-cure53.md)
|
||||
|
||||
## Fixed in 2023.5.5
|
||||
|
||||
- \*: fix [CVE-2023-36456](../security/CVE-2023-36456), Reported by [@thijsa](https://github.com/thijsa)
|
||||
- \*: fix [CVE-2023-36456](../../security/cves/CVE-2023-36456.md), Reported by [@thijsa](https://github.com/thijsa)
|
||||
|
||||
## Fixed in 2023.5.6
|
||||
|
||||
- \*: fix [CVE-2023-39522](../security/CVE-2023-39522), Reported by [@markrassamni](https://github.com/markrassamni)
|
||||
- \*: fix [CVE-2023-39522](../../security/cves/CVE-2023-39522.md), Reported by [@markrassamni](https://github.com/markrassamni)
|
||||
|
||||
## API Changes
|
||||
|
||||
|
||||
@ -9,7 +9,7 @@ slug: "/releases/2023.6"
|
||||
|
||||
- LDAP StartTLS support
|
||||
|
||||
authentik's [LDAP Provider](../../providers/ldap/index.md) now supports StartTLS in addition to supporting SSL. The StartTLS is a more modern method of encrypting LDAP traffic. With this added support, the LDAP [Outpost](../../outposts/index.mdx) can now support multiple certificates.
|
||||
authentik's [LDAP Provider](../../add-secure-apps/providers/ldap/index.md) now supports StartTLS in addition to supporting SSL. The StartTLS is a more modern method of encrypting LDAP traffic. With this added support, the LDAP [Outpost](../../add-secure-apps/outposts/index.mdx) can now support multiple certificates.
|
||||
|
||||
- LDAP Schema improvements
|
||||
|
||||
@ -90,7 +90,7 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.6
|
||||
|
||||
## Fixed in 2023.6.2
|
||||
|
||||
- \*: fix [CVE-2023-39522](../security/CVE-2023-39522), Reported by [@markrassamni](https://github.com/markrassamni)
|
||||
- \*: fix [CVE-2023-39522](../security/cves/CVE-2023-39522), Reported by [@markrassamni](https://github.com/markrassamni)
|
||||
|
||||
## API Changes
|
||||
|
||||
|
||||
@ -157,19 +157,19 @@ image:
|
||||
|
||||
## Fixed in 2023.8.4
|
||||
|
||||
- security: fix [GHSA-rjvp-29xq-f62w](../security/GHSA-rjvp-29xq-f62w), Reported by [@devSparkle](https://github.com/devSparkle)
|
||||
- security: fix [GHSA-rjvp-29xq-f62w.md](../../security/cves/GHSA-rjvp-29xq-f62w.md), Reported by [@devSparkle](https://github.com/devSparkle)
|
||||
|
||||
## Fixed in 2023.8.5
|
||||
|
||||
- security: fix [CVE-2023-48228](../../security/CVE-2023-48228.md), Reported by [@Sapd](https://github.com/Sapd) (#7666)
|
||||
- security: fix [CVE-2023-48228](../../security/cves/CVE-2023-48228.md), Reported by [@Sapd](https://github.com/Sapd) (#7666)
|
||||
|
||||
## Fixed in 2023.8.6
|
||||
|
||||
- providers/oauth2: fix [CVE-2024-21637](../../security/CVE-2024-21637.md), Reported by [@lauritzh](https://github.com/lauritzh) (#8104)
|
||||
- providers/oauth2: fix [CVE-2024-21637](../../security/cves/CVE-2024-21637.md), Reported by [@lauritzh](https://github.com/lauritzh) (#8104)
|
||||
|
||||
## Fixed in 2023.8.7
|
||||
|
||||
- providers/oauth2: fix fix [CVE-2024-23647](../../security/CVE-2024-23647.md) (cherry-pick #8345) (#8347)
|
||||
- providers/oauth2: fix fix [CVE-2024-23647](../../security/cves/CVE-2024-23647.md) (cherry-pick #8345) (#8347)
|
||||
|
||||
## API Changes
|
||||
|
||||
|
||||
Reference in New Issue
Block a user