Merge branch 'master' into version-2021.12

website/docs/core/applications.md

@@ -3,7 +3,7 @@ title: Applications
 slug: /applications
 ---
 
-Applications in authentik are the counterpart of providers. They exist in a 1-to-1 relationship, each application needs a provider and every provider can be used with one application.
+Applications in authentik are the other half of providers. They exist in a 1-to-1 relationship, each application needs a provider and every provider can be used with one application.
 
 Applications are used to configure and separate the authorization / access control and the appearance in the Library page.
 
@@ -15,23 +15,23 @@ By default, all users can access applications when no policies are bound.
 
 When multiple policies/groups/users are attached, you can configure the *Policy engine mode* to either
 
-    - Require users to pass all bindings/be member of all groups (ALL), or
-    - Require users to pass either binding/be member of either group (ANY)
+- Require users to pass all bindings/be member of all groups (ALL), or
+- Require users to pass either binding/be member of either group (ANY)
 
 ## Appearance
 
 The following aspects can be configured:
 
-    - *Name*: This is the name shown for the application card
-    - *Launch URL*: The URL that is opened when a user clicks on the application. When left empty, authentik tries to guess it based on the provider
-    - *Icon (URL)*: Optionally configure an Icon for the application
-    - *Publisher*: Text shown below the application
-    - *Description*: Subtext shown on the application card below the publisher
+- *Name*: This is the name shown for the application card
+- *Launch URL*: The URL that is opened when a user clicks on the application. When left empty, authentik tries to guess it based on the provider
+- *Icon (URL)*: Optionally configure an Icon for the application
+- *Publisher*: Text shown below the application
+- *Description*: Subtext shown on the application card below the publisher
 
 Applications are shown to users when
 
-    - The user has access defined via policies (or the application has no policies bound)
-    - A Valid Launch URL is configured/could be guessed, this consists of URLs starting with http:// and https://
+- The user has access defined via policies (or the application has no policies bound)
+- A Valid Launch URL is configured/could be guessed, this consists of URLs starting with http:// and https://
 
 
 #### Hiding applications

website/docs/releases/v2021.12.md

@@ -151,6 +151,19 @@ This release does not have any headline features, and mostly fixes bugs.
 - web/admin: update overview page
 - web/flows: fix error when attempting to enroll new webauthn device
 
+## Fixed in 2021.12.1
+
+- core: fix error when attempting to provider from cached application
+- events: improve app lookup for event creation
+- internal: cleanup duplicate and redundant code, properly set sentry SDK scope settings
+- lifecycle: add -Ofair to celery
+- web/admin: add sidebar to applications
+- web/admin: fix notification unread colours not matching on user and admin interface
+- web/admin: fix stage related flows not being shown in a list
+- web/elements: add Markdown component to improve rendering
+- web/elements: add support for sidebar on table page
+- web/elements: close notification drawer when clearing all notifications
+
 ## Upgrading
 
 This release does not introduce any new requirements.

website/integrations/services/bookstack/index.md

@@ -101,3 +101,9 @@ BookStack will attempt to match the SAML user to an existing BookStack user base
 :::note
 SAML Group Sync is supported by Bookstack.  Review the BookStack documentation on the required Environment variables.  https://www.bookstackapp.com/docs/admin/saml2-auth/
 :::
+
+:::note
+In some cases you might need to define the full SAML property name.
+i.e.: `SAML2_GROUP_ATTRIBUTE="http://schemas.xmlsoap.org/claims/Group"`
+See https://github.com/BookStackApp/BookStack/issues/3109 for more details.
+:::