habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: habsi:web/legibility/dual-select-events
Branches Tags
habsi:main habsi:eap-but-actually habsi:next habsi:docusaurus-3.8 habsi:api/nested habsi:dependabot/npm_and_yarn/website/docusaurus-theme-openapi-docs-4.5.1 habsi:dependabot/npm_and_yarn/website/goauthentik-f1651fdd03 habsi:dependabot/npm_and_yarn/website/docusaurus-plugin-openapi-docs-4.5.1 habsi:version-2025.6 habsi:website/docs--add-notification-rule-expression-policies-subpage habsi:website/docs--fix-upgrade-advice habsi:sources/oauth--change-azure-ad-UI-to-entra-id habsi:celery-2-dramatiq habsi:dependabot/npm_and_yarn/website/docusaurus-1d15a11bad habsi:enterprise/apple-platform-sso habsi:docs-events habsi:version-2025.4 habsi:imports-formatter habsi:import-organization habsi:dependabot/npm_and_yarn/packages/docusaurus-config/goauthentik-870c30f3e8 habsi:website/integrations/add-ironclad habsi:website/docs--updarte-azure-ad-source-doc-to-entra-id habsi:providers/oauth2/conformance-automated-tests habsi:events/improved-error-events habsi:stages/user_login/unknown-device habsi:website/integrations--add-papra habsi:website/integrations--add-planka habsi:providers/saml/default-name-id-policy habsi:webdriver-typechecking habsi:revert-revert-flow-buffer habsi:dependabot/npm_and_yarn/packages/docusaurus-config/goauthentik-cd500f49dc habsi:providers/oauth2/more-tests habsi:web/add-command-palette habsi:files-in-db habsi:flows/buffer-ng habsi:website/docs--update-nginx-config habsi:policies/optimize-engine habsi:stages/prompt/dry-run habsi:better-version-bump habsi:website/docs--add-credentials-prompt-for-rac-doc habsi:lib/sync/direct-delete-no-wait habsi:rfc8414 habsi:endpoints habsi:website-docs-scaling habsi:dependabot/uv/django-5.2.1 habsi:openapi-generators-tidy habsi:channels-postgres habsi:consistent-imports habsi:workspace-lint-format habsi:version-2025.2 habsi:npm-workspaces-sfe habsi:navbar-revisions-v2 habsi:remove-session-migration-code habsi:workspace-lint-format-v3 habsi:esbuild-ts-types habsi:tests/e2e/refactor-better-ws-support habsi:core/fix-group-creation habsi:core/refactor habsi:manualdeps/boto3/v1.38.12 habsi:website/integrations--fix-indentation-paperless-ngx habsi:docusaurus-version-picker habsi:monorepo-docs-tidy-v2 habsi:docusaurus-config-1.0.6 habsi:server-context-cleanup habsi:openapi-generators-v1 habsi:patch-1 habsi:website/docs/stylize-2025-4-release habsi:build-script-labeling habsi:dependabot/npm_and_yarn/website/multi-bb7dbf9f58 habsi:dependabot/npm_and_yarn/website/react-dom-19.1.0 habsi:safari-follow-up-fixes habsi:safari-crash-theme-toggle habsi:admin-layout-fixes habsi:safari-locale-reflow-fix habsi:safari-admin-interface-crash habsi:fix-shared-entrypoints habsi:safari-crash-fix habsi:policies-engine-rework habsi:policies-no-forking habsi:template-format habsi:monorepo-v3 habsi:docs-test-pr habsi:static-config-v1 habsi:version-2024.12 habsi:sfe-package-v1 habsi:router-tidy-v1 habsi:linter-fixes habsi:typescript-project-compile habsi:fix/issue_12164 habsi:feature/source_ldap_lookup_groups_from_user habsi:tests/e2e/dont-rely-on-socket-ip habsi:flows/concurrent habsi:permissions-based-ui-rendering habsi:web/parts/common habsi:enterprise-audit habsi:flow-no-websocket habsi:deny-unauthenticated-ws habsi:web/legibility/dual-select-events habsi:enterprise/reporting habsi:admin/add-explicit-token-expiry-modal habsi:outposts/scim habsi:policies/preview-test2 habsi:web/design/make-application-help-optional habsi:root/move-root-dir habsi:enterprise/rac/e2e habsi:root/more-cleanup habsi:reduce-memory-usage-batch-delete habsi:blueprints-find-object habsi:ci/push-to-new-dockerhub habsi:blueprint-apply-pglock habsi:version-2024.10 habsi:website/integrations/hoarder habsi:core/make-group-name-unique-db habsi:docs-read-replicas habsi:version-2024.8 habsi:web/update-provider-forms-for-invalidation habsi:web/flow/table-driven-executor habsi:root/maint/upgrade-openapi-generator habsi:website/edit/links-to-schemas habsi:web/cleanup/20240516-simple-element-docs-1 habsi:docs-vmware-update habsi:expiring-model-dont-sync-delete habsi:web/bug/fix-wdio-and-lint habsi:version-2024.6 habsi:analytics habsi:docs-api habsi:web/sdk/embed habsi:stages/identification/captcha-embed habsi:version-2024.4 habsi:docs-certs-webhook habsi:web/packages/common-package habsi:web/testing/update-wdio-tests habsi:docs-scripts habsi:web/add-htmltagmaps-to-activate-lit-analyzer habsi:web/use-oauth habsi:user-directory habsi:outpost-force-refresh habsi:core/improve-app-launch-url habsi:version-2024.2 habsi:web/sidebar-with-live-content-3 habsi:5165-password-strength-indicator habsi:healthcheck-force-connection-reload habsi:core/soft-delete habsi:web/legibility/applications habsi:web/request/7864-application-list-view habsi:restricted-python habsi:sources/ldap/support-dn-uniq habsi:benchmarks habsi:providers/radius/logout habsi:core/b2c-improvements habsi:web/cleanup/analyzable-routes habsi:web/fix-css-shandydom habsi:add_mappings_to_azure_ad_documentation habsi:version-test habsi:20240219-monorepo-step-1-move-authentik habsi:smusali/event-batching habsi:version-2023.10 habsi:version-2023.8 habsi:root/remove-if-help habsi:version-2024.1 habsi:web/config-provider-2a-branded habsi:stages/authenticator_mobile_with_connector habsi:sources/ldap/optimize-sync habsi:sources/ldap/track-sources habsi:blog-ent habsi:version-2023.5 habsi:version-2023.6 habsi:hack-close habsi:tanberry-patch-1 habsi:version-2023.4 habsi:smusali/qr_code habsi:beta-upgrade-edits habsi:stages/email/fix-pending-user habsi:dev/devcontainers habsi:outposts/fix-docker-ssh-integration habsi:interfaces habsi:version-2023.3 habsi:version-2022.12 habsi:version-2023.1 habsi:version-2023.2 habsi:root/config-file-watch habsi:version-2022.10 habsi:version-2022.11 habsi:version-2022.9 habsi:version-2022.8 habsi:version-2022.7 habsi:version-2022.6 habsi:version-2022.5 habsi:version-2022.4 habsi:version-2022.3 habsi:version-2022.2 habsi:version-2022.1 habsi:version-2021.12 habsi:version-2021.10 habsi:version-2021.9 habsi:version-2021.8 habsi:version-2021.7 habsi:version-2021.6 habsi:version-2021.5 habsi:version-2021.4 habsi:version-2021.3 habsi:version-2021.2 habsi:version-2021.1 habsi:version-0.14 habsi:version-0.13
habsi:version/2025.6.3 habsi:version/2025.4.3 habsi:version/2025.6.2 habsi:version/2025.6.1 habsi:version/2025.4.2 habsi:version/2025.6.0 habsi:version/2025.6.0-rc1 habsi:version/2025.4.1 habsi:version/2025.4.0 habsi:version/2025.4.0-rc2 habsi:version/2025.4.0-rc1 habsi:version/2025.2.4 habsi:version/2024.12.5 habsi:version/2025.2.3 habsi:version/2024.12.4 habsi:version/2025.2.2 habsi:version/2025.2.1 habsi:version/2025.2.0 habsi:version/2025.2.0-rc3 habsi:version/2025.2.0-rc2 habsi:version/2025.2.0-rc1 habsi:version/2024.12.3 habsi:version/2024.12.2 habsi:version/2024.12.1 habsi:version/2024.12.0 habsi:version/2024.12.0-rc1 habsi:version/2024.10.5 habsi:version/2024.10.4 habsi:version/2024.8.6 habsi:version/2024.10.3 habsi:version/2024.8.5 habsi:version/2024.10.2 habsi:version/2024.10.1 habsi:version/2024.10.0 habsi:version/2024.8.4 habsi:version/2024.10.0-rc1 habsi:version/2024.8.3 habsi:version/2024.6.5 habsi:version/2024.8.2 habsi:version/2024.8.1 habsi:version/2024.8.0 habsi:version/2024.8.0-rc2 habsi:version/2024.8.0-rc1 habsi:version/2024.4.4 habsi:version/2024.6.4 habsi:version/2024.6.3 habsi:version/2024.6.2 habsi:version/2024.6.1 habsi:version/2024.6.0 habsi:version/2024.4.3 habsi:version/2024.2.4 habsi:version/2024.6.0-rc2 habsi:version/2024.6.0-rc1 habsi:version/2024.4.2 habsi:version/2024.4.1 habsi:version/2024.4.0 habsi:version/2024.4.0-rc1 habsi:version/2024.2.3 habsi:version/2024.2.2 habsi:version/2024.2.1 habsi:version/2024.2.0 habsi:version/2024.2.0-rc2 habsi:version/2024.2.0-rc1 habsi:version/2023.10.7 habsi:version/2023.8.7 habsi:version/2023.10.6 habsi:version/2023.8.6 habsi:version/2023.10.5 habsi:version/2023.8.5 habsi:version/2023.10.4 habsi:version/2023.10.3 habsi:version/2023.8.4 habsi:version/2023.10.2 habsi:version/2023.10.1 habsi:version/2023.10.0 habsi:version/2023.8.3 habsi:version/2023.8.2 habsi:version/2023.8.1 habsi:version/2023.8.0 habsi:version/2023.5.6 habsi:version/2023.6.2 habsi:version/2023.6.1 habsi:version/2023.6.0 habsi:version/2023.5.5 habsi:version/2023.4.3 habsi:version/2023.4.2 habsi:version/2023.5.4 habsi:version/2023.5.3 habsi:version/2023.5.2 habsi:version/2023.5.1 habsi:version/2023.5.0 habsi:version/2023.4.1 habsi:version/2023.4.0 habsi:version/2023.3.1 habsi:version/2023.3.0 habsi:version/2022.12.3 habsi:version/2023.1.3 habsi:version/2023.2.3 habsi:version/2023.2.2 habsi:version/2023.2.1 habsi:version/2023.2.0 habsi:version/2023.1.2 habsi:version/2023.1.1 habsi:version/2023.1.0 habsi:version/2022.12.2 habsi:version/2022.12.1 habsi:version/2022.12.0 habsi:version/2022.10.4 habsi:version/2022.11.4 habsi:version/2022.10.3 habsi:version/2022.11.3 habsi:version/2022.11.2 habsi:version/2022.10.2 habsi:version/2022.11.1 habsi:version/2022.11.0 habsi:version/2022.10.1 habsi:version/2022.10.0 habsi:version/2022.9.0 habsi:version/2022.8.2 habsi:version/2022.8.1 habsi:version/2022.7.3 habsi:version/2022.7.2 habsi:version/2022.7.1 habsi:version/2022.6.3 habsi:version/2022.6.2 habsi:version/2022.6.1 habsi:version/2022.5.3 habsi:version/2022.5.2 habsi:version/2022.5.1 habsi:version/2022.4.1 habsi:version/2022.3.3 habsi:version/2022.3.2 habsi:version/2022.3.1 habsi:version/2022.2.1 habsi:version/2022.1.5 habsi:version/2022.1.4 habsi:version/2022.1.3 habsi:version/2022.1.2 habsi:version/2022.1.1 habsi:version/2021.12.5 habsi:version/2021.12.4 habsi:version/2021.12.3 habsi:version/2021.12.2 habsi:version/2021.12.1 habsi:version/2021.12.1-rc5 habsi:version/2021.12.1-rc4 habsi:version/2021.12.1-rc3 habsi:version/2021.12.1-rc2 habsi:version/2021.12.1-rc1 habsi:version/2021.10.4 habsi:version/2021.10.3 habsi:version/2021.10.2 habsi:version/2021.10.1 habsi:version/2021.10.1-rc3 habsi:version/2021.10.1-rc2 habsi:version/2021.10.1-rc1 habsi:version/2021.9.8 habsi:version/2021.9.7 habsi:version/2021.9.6 habsi:version/2021.9.5 habsi:version/2021.9.4 habsi:version/2021.9.3 habsi:version/2021.9.2 habsi:version/2021.9.1 habsi:version/2021.9.1-rc3 habsi:version/2021.9.1-rc2 habsi:version/2021.9.1-rc1 habsi:version/2021.8.5 habsi:version/2021.8.4 habsi:version/2021.8.3 habsi:version/2021.8.2 habsi:version/2021.8.1 habsi:version/2021.8.1-rc2 habsi:version/2021.8.1-rc1 habsi:version/2021.7.3 habsi:version/2021.7.2 habsi:version/2021.7.1 habsi:version/2021.7.1-rc2 habsi:version/2021.7.1-rc1 habsi:version/2021.6.4 habsi:version/2021.6.3 habsi:version/2021.6.2 habsi:version/2021.6.1 habsi:version/2021.6.1-rc6 habsi:version/2021.6.1-rc5 habsi:version/2021.6.1-rc4 habsi:version/2021.6.1-rc3 habsi:version/2021.6.1-rc2 habsi:version/2021.6.1-rc1 habsi:version/2021.5.4 habsi:version/2021.5.3 habsi:version/2021.5.2 habsi:version/2021.5.1 habsi:version/2021.5.1-rc10 habsi:version/2021.5.1-rc9 habsi:version/2021.5.1-rc8 habsi:version/2021.4.6 habsi:version/2021.5.1-rc7 habsi:version/2021.5.1-rc6 habsi:version/2021.5.1-rc5 habsi:version/2021.5.1-rc4 habsi:version/2021.5.1-rc3 habsi:version/2021.5.1-rc2 habsi:version/2021.5.1-rc1 habsi:version/2021.4.5 habsi:version/2021.4.4 habsi:version/2021.4.3 habsi:version/2021.4.2 habsi:version/2021.4.1 habsi:version/2021.4.1-rc2 habsi:version/2021.4.1-rc1 habsi:version/2021.3.4 habsi:version/2021.3.3 habsi:version/2021.3.2 habsi:version/2021.3.1 habsi:version/2021.3.1-rc2 habsi:version/2021.3.1-rc1 habsi:version/2021.2.6-stable habsi:version/2021.2.5-stable habsi:version/2021.2.4-stable habsi:version/2021.2.3-stable habsi:version/2021.2.2-stable habsi:version/2021.2.1-stable habsi:version/2021.2.1-rc2 habsi:version/2021.2.1-rc1 habsi:version/2021.1.4-stable habsi:version/2021.1.3-stable habsi:version/2021.1.2-stable habsi:version/2021.1.1-stable habsi:version/2021.1.1-rc2 habsi:version/2021.1.1-rc1 habsi:version/0.14.2-stable habsi:version/0.14.1-stable habsi:version/0.14.0-stable habsi:version/0.14.0-rc2 habsi:version/0.14.0-rc1 habsi:version/0.13.5-stable habsi:version/0.13.4-stable habsi:version/0.13.3-stable habsi:version/0.13.2-stable habsi:version/0.13.1-stable habsi:version/0.13.0-stable habsi:version/0.13.0-rc4 habsi:version/0.13.0-rc3 habsi:version/0.13.0-rc2 habsi:version/0.13.0-rc1 habsi:version/0.12.11-stable habsi:version/0.12.10-stable habsi:version/0.12.9-stable habsi:version/0.12.8-stable habsi:version/0.12.7-stable habsi:version/0.12.6-stable habsi:version/0.12.5-stable habsi:version/0.12.4-stable habsi:version/0.12.3-stable habsi:version/0.12.2-stable habsi:version/0.12.1-stable habsi:version/0.12.0-stable habsi:version/0.11.0-stable habsi:version/0.10.9-stable habsi:version/0.10.8-stable habsi:version/0.10.7-stable habsi:version/0.10.6-stable habsi:version/0.10.5-stable habsi:version/0.10.4-stable habsi:version/0.10.3-stable habsi:version/0.10.2-stable habsi:version/0.10.1-stable habsi:version/0.10.0-stable habsi:version/0.10.0-rc6 habsi:version/0.10.0-rc5 habsi:version/0.10.0-rc4 habsi:version/0.10.0-rc3 habsi:version/0.10.0-rc2 habsi:version/0.10.0-rc1 habsi:version/0.9.0-stable habsi:version/0.9.0-rc2 habsi:version/0.9.0-rc1 habsi:version/0.9.0-pre7 habsi:version/0.9.0-pre6 habsi:version/0.9.0-pre5 habsi:version/0.9.0-pre4 habsi:version/0.9.0-pre3 habsi:version/0.9.0-pre2 habsi:version/0.9.0-pre1 habsi:version/0.8.15-beta habsi:version/0.8.14-beta habsi:version/0.8.12-beta habsi:version/0.8.11-beta habsi:version/0.8.10-beta habsi:version/0.8.9-beta habsi:version/0.8.8-beta habsi:version/0.8.7-beta habsi:version/0.8.6-beta habsi:version/0.8.5-beta habsi:version/0.8.4-beta habsi:version/0.8.3-beta habsi:version/0.8.2-beta habsi:version/0.8.1-beta habsi:version/0.8.0-beta habsi:version/0.7.17-beta habsi:version/0.7.16-beta habsi:version/0.7.15-beta habsi:version/0.7.14-beta habsi:version/0.7.13-beta habsi:version/0.7.12-beta habsi:version/0.7.11-beta habsi:version/0.7.10-beta habsi:version/0.7.9-beta habsi:version/0.7.8-beta habsi:version/0.7.7-beta habsi:version/0.7.6-beta habsi:version/0.7.5-beta habsi:version/0.7.4-beta habsi:version/0.7.3-beta habsi:version/0.7.2-beta habsi:version/0.7.1-beta habsi:version/0.7.0-beta habsi:version/0.6.11-beta habsi:version/0.6.10-beta habsi:version/0.6.9-beta habsi:version/0.6.8-beta habsi:version/0.6.7-beta habsi:version/0.6.6-beta habsi:version/0.6.5-beta habsi:version/0.6.4-beta habsi:version/0.6.3-beta habsi:version/0.6.2-beta habsi:version/0.6.1-beta habsi:version/0.6.0-beta habsi:version/0.5.0-beta habsi:version/0.4.2-beta habsi:version/0.4.1-beta habsi:version/0.4.0-beta habsi:version/0.3.0-beta habsi:version/0.2.8-beta habsi:version/0.2.7-beta habsi:version/0.2.6-beta habsi:version/0.2.5-beta habsi:version/0.2.4-beta habsi:version/0.2.3-beta habsi:version/0.2.2-beta habsi:version/0.2.1-beta habsi:version/0.2.0-beta habsi:version/0.1.38-beta habsi:version/0.1.37-beta habsi:version/0.1.36-beta habsi:version/0.1.35-beta habsi:version/0.1.34-beta habsi:version/0.1.33-beta habsi:version/0.1.32-beta habsi:version/0.1.31-beta habsi:version/0.1.30-beta habsi:version/0.1.29-beta habsi:version/0.1.28-beta habsi:version/0.1.27-beta habsi:version/0.1.26-beta habsi:version/0.1.25-beta habsi:version/0.1.24-beta habsi:version/0.1.23-beta habsi:version/0.1.22-beta habsi:version/0.1.21-beta habsi:version/0.1.20-beta habsi:version/0.1.19-beta habsi:version/0.1.18-beta habsi:version/0.1.17-beta habsi:version/0.1.16-beta habsi:version/0.1.15-beta habsi:version/0.1.14-beta habsi:version/0.1.13-beta habsi:version/0.1.12-beta habsi:version/0.1.11-beta habsi:version/0.1.10-beta habsi:version/0.1.9-beta habsi:version/0.1.8-beta habsi:version/0.1.7-beta habsi:version/0.1.6-beta habsi:version/0.1.5-beta habsi:version/0.1.4-beta habsi:version/0.1.3-beta habsi:version/0.1.2-beta habsi:version/0.1.1-beta habsi:version/0.1.0-beta habsi:version/0.0.13-alpha habsi:version/0.0.12-alpha habsi:version/0.0.11-alpha habsi:version/0.0.10-alpha habsi:version/0.0.9-alpha habsi:version/0.0.8-alpha habsi:version/0.0.7-alpha habsi:version/0.0.6-alpha habsi:version/0.0.5-alpha habsi:version/0.0.4-alpha habsi:version/0.0.3-alpha habsi:version/0.0.2-alpha
..
compare: habsi:version/2025.2.1
Branches Tags
habsi:main habsi:eap-but-actually habsi:next habsi:docusaurus-3.8 habsi:api/nested habsi:dependabot/npm_and_yarn/website/docusaurus-theme-openapi-docs-4.5.1 habsi:dependabot/npm_and_yarn/website/goauthentik-f1651fdd03 habsi:dependabot/npm_and_yarn/website/docusaurus-plugin-openapi-docs-4.5.1 habsi:version-2025.6 habsi:website/docs--add-notification-rule-expression-policies-subpage habsi:website/docs--fix-upgrade-advice habsi:sources/oauth--change-azure-ad-UI-to-entra-id habsi:celery-2-dramatiq habsi:dependabot/npm_and_yarn/website/docusaurus-1d15a11bad habsi:enterprise/apple-platform-sso habsi:docs-events habsi:version-2025.4 habsi:imports-formatter habsi:import-organization habsi:dependabot/npm_and_yarn/packages/docusaurus-config/goauthentik-870c30f3e8 habsi:website/integrations/add-ironclad habsi:website/docs--updarte-azure-ad-source-doc-to-entra-id habsi:providers/oauth2/conformance-automated-tests habsi:events/improved-error-events habsi:stages/user_login/unknown-device habsi:website/integrations--add-papra habsi:website/integrations--add-planka habsi:providers/saml/default-name-id-policy habsi:webdriver-typechecking habsi:revert-revert-flow-buffer habsi:dependabot/npm_and_yarn/packages/docusaurus-config/goauthentik-cd500f49dc habsi:providers/oauth2/more-tests habsi:web/add-command-palette habsi:files-in-db habsi:flows/buffer-ng habsi:website/docs--update-nginx-config habsi:policies/optimize-engine habsi:stages/prompt/dry-run habsi:better-version-bump habsi:website/docs--add-credentials-prompt-for-rac-doc habsi:lib/sync/direct-delete-no-wait habsi:rfc8414 habsi:endpoints habsi:website-docs-scaling habsi:dependabot/uv/django-5.2.1 habsi:openapi-generators-tidy habsi:channels-postgres habsi:consistent-imports habsi:workspace-lint-format habsi:version-2025.2 habsi:npm-workspaces-sfe habsi:navbar-revisions-v2 habsi:remove-session-migration-code habsi:workspace-lint-format-v3 habsi:esbuild-ts-types habsi:tests/e2e/refactor-better-ws-support habsi:core/fix-group-creation habsi:core/refactor habsi:manualdeps/boto3/v1.38.12 habsi:website/integrations--fix-indentation-paperless-ngx habsi:docusaurus-version-picker habsi:monorepo-docs-tidy-v2 habsi:docusaurus-config-1.0.6 habsi:server-context-cleanup habsi:openapi-generators-v1 habsi:patch-1 habsi:website/docs/stylize-2025-4-release habsi:build-script-labeling habsi:dependabot/npm_and_yarn/website/multi-bb7dbf9f58 habsi:dependabot/npm_and_yarn/website/react-dom-19.1.0 habsi:safari-follow-up-fixes habsi:safari-crash-theme-toggle habsi:admin-layout-fixes habsi:safari-locale-reflow-fix habsi:safari-admin-interface-crash habsi:fix-shared-entrypoints habsi:safari-crash-fix habsi:policies-engine-rework habsi:policies-no-forking habsi:template-format habsi:monorepo-v3 habsi:docs-test-pr habsi:static-config-v1 habsi:version-2024.12 habsi:sfe-package-v1 habsi:router-tidy-v1 habsi:linter-fixes habsi:typescript-project-compile habsi:fix/issue_12164 habsi:feature/source_ldap_lookup_groups_from_user habsi:tests/e2e/dont-rely-on-socket-ip habsi:flows/concurrent habsi:permissions-based-ui-rendering habsi:web/parts/common habsi:enterprise-audit habsi:flow-no-websocket habsi:deny-unauthenticated-ws habsi:web/legibility/dual-select-events habsi:enterprise/reporting habsi:admin/add-explicit-token-expiry-modal habsi:outposts/scim habsi:policies/preview-test2 habsi:web/design/make-application-help-optional habsi:root/move-root-dir habsi:enterprise/rac/e2e habsi:root/more-cleanup habsi:reduce-memory-usage-batch-delete habsi:blueprints-find-object habsi:ci/push-to-new-dockerhub habsi:blueprint-apply-pglock habsi:version-2024.10 habsi:website/integrations/hoarder habsi:core/make-group-name-unique-db habsi:docs-read-replicas habsi:version-2024.8 habsi:web/update-provider-forms-for-invalidation habsi:web/flow/table-driven-executor habsi:root/maint/upgrade-openapi-generator habsi:website/edit/links-to-schemas habsi:web/cleanup/20240516-simple-element-docs-1 habsi:docs-vmware-update habsi:expiring-model-dont-sync-delete habsi:web/bug/fix-wdio-and-lint habsi:version-2024.6 habsi:analytics habsi:docs-api habsi:web/sdk/embed habsi:stages/identification/captcha-embed habsi:version-2024.4 habsi:docs-certs-webhook habsi:web/packages/common-package habsi:web/testing/update-wdio-tests habsi:docs-scripts habsi:web/add-htmltagmaps-to-activate-lit-analyzer habsi:web/use-oauth habsi:user-directory habsi:outpost-force-refresh habsi:core/improve-app-launch-url habsi:version-2024.2 habsi:web/sidebar-with-live-content-3 habsi:5165-password-strength-indicator habsi:healthcheck-force-connection-reload habsi:core/soft-delete habsi:web/legibility/applications habsi:web/request/7864-application-list-view habsi:restricted-python habsi:sources/ldap/support-dn-uniq habsi:benchmarks habsi:providers/radius/logout habsi:core/b2c-improvements habsi:web/cleanup/analyzable-routes habsi:web/fix-css-shandydom habsi:add_mappings_to_azure_ad_documentation habsi:version-test habsi:20240219-monorepo-step-1-move-authentik habsi:smusali/event-batching habsi:version-2023.10 habsi:version-2023.8 habsi:root/remove-if-help habsi:version-2024.1 habsi:web/config-provider-2a-branded habsi:stages/authenticator_mobile_with_connector habsi:sources/ldap/optimize-sync habsi:sources/ldap/track-sources habsi:blog-ent habsi:version-2023.5 habsi:version-2023.6 habsi:hack-close habsi:tanberry-patch-1 habsi:version-2023.4 habsi:smusali/qr_code habsi:beta-upgrade-edits habsi:stages/email/fix-pending-user habsi:dev/devcontainers habsi:outposts/fix-docker-ssh-integration habsi:interfaces habsi:version-2023.3 habsi:version-2022.12 habsi:version-2023.1 habsi:version-2023.2 habsi:root/config-file-watch habsi:version-2022.10 habsi:version-2022.11 habsi:version-2022.9 habsi:version-2022.8 habsi:version-2022.7 habsi:version-2022.6 habsi:version-2022.5 habsi:version-2022.4 habsi:version-2022.3 habsi:version-2022.2 habsi:version-2022.1 habsi:version-2021.12 habsi:version-2021.10 habsi:version-2021.9 habsi:version-2021.8 habsi:version-2021.7 habsi:version-2021.6 habsi:version-2021.5 habsi:version-2021.4 habsi:version-2021.3 habsi:version-2021.2 habsi:version-2021.1 habsi:version-0.14 habsi:version-0.13
habsi:version/2025.6.3 habsi:version/2025.4.3 habsi:version/2025.6.2 habsi:version/2025.6.1 habsi:version/2025.4.2 habsi:version/2025.6.0 habsi:version/2025.6.0-rc1 habsi:version/2025.4.1 habsi:version/2025.4.0 habsi:version/2025.4.0-rc2 habsi:version/2025.4.0-rc1 habsi:version/2025.2.4 habsi:version/2024.12.5 habsi:version/2025.2.3 habsi:version/2024.12.4 habsi:version/2025.2.2 habsi:version/2025.2.1 habsi:version/2025.2.0 habsi:version/2025.2.0-rc3 habsi:version/2025.2.0-rc2 habsi:version/2025.2.0-rc1 habsi:version/2024.12.3 habsi:version/2024.12.2 habsi:version/2024.12.1 habsi:version/2024.12.0 habsi:version/2024.12.0-rc1 habsi:version/2024.10.5 habsi:version/2024.10.4 habsi:version/2024.8.6 habsi:version/2024.10.3 habsi:version/2024.8.5 habsi:version/2024.10.2 habsi:version/2024.10.1 habsi:version/2024.10.0 habsi:version/2024.8.4 habsi:version/2024.10.0-rc1 habsi:version/2024.8.3 habsi:version/2024.6.5 habsi:version/2024.8.2 habsi:version/2024.8.1 habsi:version/2024.8.0 habsi:version/2024.8.0-rc2 habsi:version/2024.8.0-rc1 habsi:version/2024.4.4 habsi:version/2024.6.4 habsi:version/2024.6.3 habsi:version/2024.6.2 habsi:version/2024.6.1 habsi:version/2024.6.0 habsi:version/2024.4.3 habsi:version/2024.2.4 habsi:version/2024.6.0-rc2 habsi:version/2024.6.0-rc1 habsi:version/2024.4.2 habsi:version/2024.4.1 habsi:version/2024.4.0 habsi:version/2024.4.0-rc1 habsi:version/2024.2.3 habsi:version/2024.2.2 habsi:version/2024.2.1 habsi:version/2024.2.0 habsi:version/2024.2.0-rc2 habsi:version/2024.2.0-rc1 habsi:version/2023.10.7 habsi:version/2023.8.7 habsi:version/2023.10.6 habsi:version/2023.8.6 habsi:version/2023.10.5 habsi:version/2023.8.5 habsi:version/2023.10.4 habsi:version/2023.10.3 habsi:version/2023.8.4 habsi:version/2023.10.2 habsi:version/2023.10.1 habsi:version/2023.10.0 habsi:version/2023.8.3 habsi:version/2023.8.2 habsi:version/2023.8.1 habsi:version/2023.8.0 habsi:version/2023.5.6 habsi:version/2023.6.2 habsi:version/2023.6.1 habsi:version/2023.6.0 habsi:version/2023.5.5 habsi:version/2023.4.3 habsi:version/2023.4.2 habsi:version/2023.5.4 habsi:version/2023.5.3 habsi:version/2023.5.2 habsi:version/2023.5.1 habsi:version/2023.5.0 habsi:version/2023.4.1 habsi:version/2023.4.0 habsi:version/2023.3.1 habsi:version/2023.3.0 habsi:version/2022.12.3 habsi:version/2023.1.3 habsi:version/2023.2.3 habsi:version/2023.2.2 habsi:version/2023.2.1 habsi:version/2023.2.0 habsi:version/2023.1.2 habsi:version/2023.1.1 habsi:version/2023.1.0 habsi:version/2022.12.2 habsi:version/2022.12.1 habsi:version/2022.12.0 habsi:version/2022.10.4 habsi:version/2022.11.4 habsi:version/2022.10.3 habsi:version/2022.11.3 habsi:version/2022.11.2 habsi:version/2022.10.2 habsi:version/2022.11.1 habsi:version/2022.11.0 habsi:version/2022.10.1 habsi:version/2022.10.0 habsi:version/2022.9.0 habsi:version/2022.8.2 habsi:version/2022.8.1 habsi:version/2022.7.3 habsi:version/2022.7.2 habsi:version/2022.7.1 habsi:version/2022.6.3 habsi:version/2022.6.2 habsi:version/2022.6.1 habsi:version/2022.5.3 habsi:version/2022.5.2 habsi:version/2022.5.1 habsi:version/2022.4.1 habsi:version/2022.3.3 habsi:version/2022.3.2 habsi:version/2022.3.1 habsi:version/2022.2.1 habsi:version/2022.1.5 habsi:version/2022.1.4 habsi:version/2022.1.3 habsi:version/2022.1.2 habsi:version/2022.1.1 habsi:version/2021.12.5 habsi:version/2021.12.4 habsi:version/2021.12.3 habsi:version/2021.12.2 habsi:version/2021.12.1 habsi:version/2021.12.1-rc5 habsi:version/2021.12.1-rc4 habsi:version/2021.12.1-rc3 habsi:version/2021.12.1-rc2 habsi:version/2021.12.1-rc1 habsi:version/2021.10.4 habsi:version/2021.10.3 habsi:version/2021.10.2 habsi:version/2021.10.1 habsi:version/2021.10.1-rc3 habsi:version/2021.10.1-rc2 habsi:version/2021.10.1-rc1 habsi:version/2021.9.8 habsi:version/2021.9.7 habsi:version/2021.9.6 habsi:version/2021.9.5 habsi:version/2021.9.4 habsi:version/2021.9.3 habsi:version/2021.9.2 habsi:version/2021.9.1 habsi:version/2021.9.1-rc3 habsi:version/2021.9.1-rc2 habsi:version/2021.9.1-rc1 habsi:version/2021.8.5 habsi:version/2021.8.4 habsi:version/2021.8.3 habsi:version/2021.8.2 habsi:version/2021.8.1 habsi:version/2021.8.1-rc2 habsi:version/2021.8.1-rc1 habsi:version/2021.7.3 habsi:version/2021.7.2 habsi:version/2021.7.1 habsi:version/2021.7.1-rc2 habsi:version/2021.7.1-rc1 habsi:version/2021.6.4 habsi:version/2021.6.3 habsi:version/2021.6.2 habsi:version/2021.6.1 habsi:version/2021.6.1-rc6 habsi:version/2021.6.1-rc5 habsi:version/2021.6.1-rc4 habsi:version/2021.6.1-rc3 habsi:version/2021.6.1-rc2 habsi:version/2021.6.1-rc1 habsi:version/2021.5.4 habsi:version/2021.5.3 habsi:version/2021.5.2 habsi:version/2021.5.1 habsi:version/2021.5.1-rc10 habsi:version/2021.5.1-rc9 habsi:version/2021.5.1-rc8 habsi:version/2021.4.6 habsi:version/2021.5.1-rc7 habsi:version/2021.5.1-rc6 habsi:version/2021.5.1-rc5 habsi:version/2021.5.1-rc4 habsi:version/2021.5.1-rc3 habsi:version/2021.5.1-rc2 habsi:version/2021.5.1-rc1 habsi:version/2021.4.5 habsi:version/2021.4.4 habsi:version/2021.4.3 habsi:version/2021.4.2 habsi:version/2021.4.1 habsi:version/2021.4.1-rc2 habsi:version/2021.4.1-rc1 habsi:version/2021.3.4 habsi:version/2021.3.3 habsi:version/2021.3.2 habsi:version/2021.3.1 habsi:version/2021.3.1-rc2 habsi:version/2021.3.1-rc1 habsi:version/2021.2.6-stable habsi:version/2021.2.5-stable habsi:version/2021.2.4-stable habsi:version/2021.2.3-stable habsi:version/2021.2.2-stable habsi:version/2021.2.1-stable habsi:version/2021.2.1-rc2 habsi:version/2021.2.1-rc1 habsi:version/2021.1.4-stable habsi:version/2021.1.3-stable habsi:version/2021.1.2-stable habsi:version/2021.1.1-stable habsi:version/2021.1.1-rc2 habsi:version/2021.1.1-rc1 habsi:version/0.14.2-stable habsi:version/0.14.1-stable habsi:version/0.14.0-stable habsi:version/0.14.0-rc2 habsi:version/0.14.0-rc1 habsi:version/0.13.5-stable habsi:version/0.13.4-stable habsi:version/0.13.3-stable habsi:version/0.13.2-stable habsi:version/0.13.1-stable habsi:version/0.13.0-stable habsi:version/0.13.0-rc4 habsi:version/0.13.0-rc3 habsi:version/0.13.0-rc2 habsi:version/0.13.0-rc1 habsi:version/0.12.11-stable habsi:version/0.12.10-stable habsi:version/0.12.9-stable habsi:version/0.12.8-stable habsi:version/0.12.7-stable habsi:version/0.12.6-stable habsi:version/0.12.5-stable habsi:version/0.12.4-stable habsi:version/0.12.3-stable habsi:version/0.12.2-stable habsi:version/0.12.1-stable habsi:version/0.12.0-stable habsi:version/0.11.0-stable habsi:version/0.10.9-stable habsi:version/0.10.8-stable habsi:version/0.10.7-stable habsi:version/0.10.6-stable habsi:version/0.10.5-stable habsi:version/0.10.4-stable habsi:version/0.10.3-stable habsi:version/0.10.2-stable habsi:version/0.10.1-stable habsi:version/0.10.0-stable habsi:version/0.10.0-rc6 habsi:version/0.10.0-rc5 habsi:version/0.10.0-rc4 habsi:version/0.10.0-rc3 habsi:version/0.10.0-rc2 habsi:version/0.10.0-rc1 habsi:version/0.9.0-stable habsi:version/0.9.0-rc2 habsi:version/0.9.0-rc1 habsi:version/0.9.0-pre7 habsi:version/0.9.0-pre6 habsi:version/0.9.0-pre5 habsi:version/0.9.0-pre4 habsi:version/0.9.0-pre3 habsi:version/0.9.0-pre2 habsi:version/0.9.0-pre1 habsi:version/0.8.15-beta habsi:version/0.8.14-beta habsi:version/0.8.12-beta habsi:version/0.8.11-beta habsi:version/0.8.10-beta habsi:version/0.8.9-beta habsi:version/0.8.8-beta habsi:version/0.8.7-beta habsi:version/0.8.6-beta habsi:version/0.8.5-beta habsi:version/0.8.4-beta habsi:version/0.8.3-beta habsi:version/0.8.2-beta habsi:version/0.8.1-beta habsi:version/0.8.0-beta habsi:version/0.7.17-beta habsi:version/0.7.16-beta habsi:version/0.7.15-beta habsi:version/0.7.14-beta habsi:version/0.7.13-beta habsi:version/0.7.12-beta habsi:version/0.7.11-beta habsi:version/0.7.10-beta habsi:version/0.7.9-beta habsi:version/0.7.8-beta habsi:version/0.7.7-beta habsi:version/0.7.6-beta habsi:version/0.7.5-beta habsi:version/0.7.4-beta habsi:version/0.7.3-beta habsi:version/0.7.2-beta habsi:version/0.7.1-beta habsi:version/0.7.0-beta habsi:version/0.6.11-beta habsi:version/0.6.10-beta habsi:version/0.6.9-beta habsi:version/0.6.8-beta habsi:version/0.6.7-beta habsi:version/0.6.6-beta habsi:version/0.6.5-beta habsi:version/0.6.4-beta habsi:version/0.6.3-beta habsi:version/0.6.2-beta habsi:version/0.6.1-beta habsi:version/0.6.0-beta habsi:version/0.5.0-beta habsi:version/0.4.2-beta habsi:version/0.4.1-beta habsi:version/0.4.0-beta habsi:version/0.3.0-beta habsi:version/0.2.8-beta habsi:version/0.2.7-beta habsi:version/0.2.6-beta habsi:version/0.2.5-beta habsi:version/0.2.4-beta habsi:version/0.2.3-beta habsi:version/0.2.2-beta habsi:version/0.2.1-beta habsi:version/0.2.0-beta habsi:version/0.1.38-beta habsi:version/0.1.37-beta habsi:version/0.1.36-beta habsi:version/0.1.35-beta habsi:version/0.1.34-beta habsi:version/0.1.33-beta habsi:version/0.1.32-beta habsi:version/0.1.31-beta habsi:version/0.1.30-beta habsi:version/0.1.29-beta habsi:version/0.1.28-beta habsi:version/0.1.27-beta habsi:version/0.1.26-beta habsi:version/0.1.25-beta habsi:version/0.1.24-beta habsi:version/0.1.23-beta habsi:version/0.1.22-beta habsi:version/0.1.21-beta habsi:version/0.1.20-beta habsi:version/0.1.19-beta habsi:version/0.1.18-beta habsi:version/0.1.17-beta habsi:version/0.1.16-beta habsi:version/0.1.15-beta habsi:version/0.1.14-beta habsi:version/0.1.13-beta habsi:version/0.1.12-beta habsi:version/0.1.11-beta habsi:version/0.1.10-beta habsi:version/0.1.9-beta habsi:version/0.1.8-beta habsi:version/0.1.7-beta habsi:version/0.1.6-beta habsi:version/0.1.5-beta habsi:version/0.1.4-beta habsi:version/0.1.3-beta habsi:version/0.1.2-beta habsi:version/0.1.1-beta habsi:version/0.1.0-beta habsi:version/0.0.13-alpha habsi:version/0.0.12-alpha habsi:version/0.0.11-alpha habsi:version/0.0.10-alpha habsi:version/0.0.9-alpha habsi:version/0.0.8-alpha habsi:version/0.0.7-alpha habsi:version/0.0.6-alpha habsi:version/0.0.5-alpha habsi:version/0.0.4-alpha habsi:version/0.0.3-alpha habsi:version/0.0.2-alpha

38 Commits
web/legibi ... version/20

Author SHA1 Message Date
Marc 'risson' Schmitt
31fe0e5923 release: 2025.2.1 2025-02-26 20:54:52 +01:00
gcp-cherry-pick-bot[bot]
8b619635ea stages/authenticator_email: fix session cleanup test b (cherry-pick #13264) (#13276) 
Co-authored-by: Marcelo Elizeche Landó <marcelo@goauthentik.io>
fix session cleanup test b (#13264)
 2025-02-26 20:46:05 +01:00
gcp-cherry-pick-bot[bot]
1f1db523c0 stages/email: Fix email stage serialization (cherry-pick #13256) (#13273) 
Co-authored-by: Marcelo Elizeche Landó <marcelo@goauthentik.io>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Fix email stage serialization (#13256)
 2025-02-26 20:44:50 +01:00
gcp-cherry-pick-bot[bot]
bbc23e1d77 core: add pre-hydrated relative URL (cherry-pick #13243) (#13246) 
core: add pre-hydrated relative URL (#13243)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-25 11:25:29 +01:00
gcp-cherry-pick-bot[bot]
c30b7ee3e9 website/docs: fix missing breaking entry for 2025.2 release notes (cherry-pick #13223) (#13224) 
website/docs: fix missing breaking entry for 2025.2 release notes (#13223)

* website/docs: fix missing breaking entry for 2025.2 release notes



* Update website/docs/releases/2025/v2025.2.md




---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Jens L. <jens@goauthentik.io>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
 2025-02-24 16:58:18 +01:00
Marc 'risson' Schmitt
2ba79627bc stages/authenticator_email: Email Authenticator Stage Documentation (cherry-pick #12853) (#13218) 
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
Co-authored-by: Marcelo Elizeche Landó <marcelo@goauthentik.io>
 2025-02-24 14:57:55 +01:00
gcp-cherry-pick-bot[bot]
198cbe1d9d website/docs: add paragraph about impossible travel (cherry-pick #13125) (#13220) 
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com>
 2025-02-24 14:55:34 +01:00
Marc 'risson' Schmitt
db6da159d5 website/docs: remove mention of wizard (cherry-pick #13126) (#13219) 
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
 2025-02-24 14:54:48 +01:00
Marc 'risson' Schmitt
9862e32078 website/docs: add info about new perms for super-user in groups (cherry-pick #13188) (#13217) 
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-24 14:49:15 +01:00
gcp-cherry-pick-bot[bot]
a7714e2892 website/docs: add new SSF provider docs (cherry-pick #13102) (#13215) 
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
 2025-02-24 14:49:05 +01:00
gcp-cherry-pick-bot[bot]
073e1d241b website/docs: remove Enterprise badge from RAC docs (cherry-pick #13069) (#13216) 
Co-authored-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
 2025-02-24 14:47:56 +01:00
Jens Langhammer
5c5cc1c7da release: 2025.2.0 2025-02-24 12:55:17 +01:00
gcp-cherry-pick-bot[bot]
3dccce1095 web/user: fix display for RAC tile (cherry-pick #13211) (#13212) 
web/user: fix display for RAC tile (#13211)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-24 12:18:36 +01:00
gcp-cherry-pick-bot[bot]
78f997fbee web/flow: fix translate extract (cherry-pick #13208) (#13210) 
web/flow: fix translate extract (#13208)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-24 11:59:29 +01:00
Jens Langhammer
ed83c2b0b1 release: 2025.2.0-rc3 2025-02-23 16:02:45 +01:00
gcp-cherry-pick-bot[bot]
af780deb27 core: add darkreader-lock (cherry-pick #13183) (#13184) 
core: add darkreader-lock (#13183)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-23 04:53:09 +01:00
gcp-cherry-pick-bot[bot]
a4be38567f web/admin: fix default selection for binding policy (cherry-pick #13180) (#13182) 
web/admin: fix default selection for binding policy (#13180)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-23 04:20:04 +01:00
gcp-cherry-pick-bot[bot]
39aafbb34a web/flow: grab focus to uid input field (cherry-pick #13177) (#13178) 
web/flow: grab focus to uid input field (#13177)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-23 00:52:37 +01:00
gcp-cherry-pick-bot[bot]
07eb5fe533 web/flow: update default flow background (cherry-pick #13175) (#13176) 
web/flow: update default flow background (#13175)

* web/flow: update default flow background



* Optimised images with calibre/image-actions

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
 2025-02-22 23:37:10 +01:00
gcp-cherry-pick-bot[bot]
301a89dd92 web/admin: only show message when not editing an application (cherry-pick #13165) (#13168) 
web/admin: only show message when not editing an application (#13165)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-21 23:37:14 +01:00
gcp-cherry-pick-bot[bot]
cd6d0a47f3 web/user: fix race condition in user settings flow executor (cherry-pick #13163) (#13169) 
web/user: fix race condition in user settings flow executor (#13163)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-21 23:36:59 +01:00
gcp-cherry-pick-bot[bot]
8a23eaef1e web/user: fix RAC launch not opening when clicking icon (cherry-pick #13164) (#13166) 
web/user: fix RAC launch not opening when clicking icon (#13164)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-21 19:21:40 +01:00
gcp-cherry-pick-bot[bot]
8f285fbcc5 web: Indicate when caps-lock is active during password input. (cherry-pick #12733) (#13160) 
web: Indicate when caps-lock is active during password input. (#12733)

Determining the state of the caps-lock key can be tricky as we're
dependant on a user-provided input to set a value. Thus, our initial
state defaults to not display any warning until the first keystroke.

- Revise to better use lit-html.

Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com>
 2025-02-21 17:09:35 +01:00
gcp-cherry-pick-bot[bot]
5d391424f7 web/user: fix post MFA creation link being invalid (cherry-pick #13157) (#13159) 
web/user: fix post MFA creation link being invalid (#13157)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-21 17:01:09 +01:00
Jens Langhammer
2de11f8a69 release: 2025.2.0-rc2 2025-02-20 23:47:15 +01:00
gcp-cherry-pick-bot[bot]
b2dcf94aba policies/geoip: fix math in impossible travel (cherry-pick #13141) (#13145) 
policies/geoip: fix math in impossible travel (#13141)

* policies/geoip: fix math in impossible travel



* fix threshold



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-20 23:46:21 +01:00
gcp-cherry-pick-bot[bot]
adb532fc5d enterprise/stages/source: fix Source stage not executing authentication/enrollment flow (cherry-pick #12875) (#13146) 
enterprise/stages/source: fix Source stage not executing authentication/enrollment flow (#12875)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-20 23:45:43 +01:00
gcp-cherry-pick-bot[bot]
5d3b35d1ba revert: rbac: exclude permissions for internal models (#12803) (cherry-pick #13138) (#13140) 
revert: rbac: exclude permissions for internal models (#12803) (#13138)

Revert "rbac: exclude permissions for internal models (#12803)"

This reverts commit e08ccf4ca0.

Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-20 16:07:21 +01:00
gcp-cherry-pick-bot[bot]
433a94d9ee web/flows: fix error on interactive Captcha stage when retrying captcha (cherry-pick #13119) (#13139) 
web/flows: fix error on interactive Captcha stage when retrying captcha (#13119)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-20 15:12:03 +01:00
gcp-cherry-pick-bot[bot]
f28d622d10 cmd: set version in outposts (cherry-pick #13116) (#13122) 
cmd: set version in outposts (#13116)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-19 18:20:28 +01:00
gcp-cherry-pick-bot[bot]
50a68c22c5 sources/oauth: add group sync for azure_ad (cherry-pick #12894) (#13123) 
sources/oauth: add group sync for azure_ad (#12894)

* sources/oauth: add group sync for azure_ad



* make group sync optional



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-19 18:20:16 +01:00
gcp-cherry-pick-bot[bot]
13c99c8546 web/user: fix opening application with Enter not respecting new tab setting (cherry-pick #13115) (#13118) 
web/user: fix opening application with Enter not respecting new tab setting (#13115)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-19 17:57:18 +01:00
gcp-cherry-pick-bot[bot]
7243add30f web/admin: update Application Wizard button placement (cherry-pick #12771) (#13121) 
web/admin: update Application Wizard button placement (#12771)

* web: Add InvalidationFlow to Radius Provider dialogues

## What

- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
  - Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
    to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`

## Note

Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.

* This (temporary) change is needed to prevent the unit tests from failing.

\# What

\# Why

\# How

\# Designs

\# Test Steps

\# Other Notes

* Revert "This (temporary) change is needed to prevent the unit tests from failing."

This reverts commit dddde09be5.

* web: Make using the wizard the default for new applications

# What

1. I removed the "Wizard Hint" bar and migrated the "Create With Wizard" button down to the default
   position as "Create With Provider," moving the "Create" button to a secondary position.
   Primary coloring has been kept for both.

2. Added an alert to the "Create" legacy dialog:

> Using this form will only create an Application. In order to authenticate with the application,
> you will have to manually pair it with a Provider.

3. Updated the subtitle on the Wizard dialog:

``` diff
-    wizardDescription = msg("Create a new application");
+    wizardDescription = msg("Create a new application and configure a provider for it.");
```

4. Updated the User page so that, if the User is-a Administrator and the number of Applications in
   the system is zero, the user will be invited to create a new Application using the Wizard rather
   than the legacy Form:

```diff
     renderNewAppButton() {
         const href = paramURL("/core/applications", {
-            createForm: true,
+            createWizard: true,
         });
```

5. Fixed a bug where, on initial render, if the `this.brand` field was not available, an error would
   appear in the console. The effects were usually harmless, as brand information came quickly and
   filled in before the user could notice, but it looked bad in the debugger.

6. Fixed a bug in testing where the wizard page "Configure Policy Bindings" had been changed to
   "Configure Policy/User/Group Binding".

# Testing

Since the wizard OUID didn't change (`data-ouia-component-id="start-application-wizard"`), the E2E
tests for "Application Wizard" completed without any substantial changes to the routine or to the
tests.

``` sh
npm run test:e2e:watch -- --spec ./tests/specs/new-application-by-wizard.ts
```

# User documentation changes required.

These changes were made at the request of docs, as an initial draft to show how the page looks with
the Application Wizard as he default tool for creating new Applications.

# Developer documentation changes required.

None.

Co-authored-by: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com>
 2025-02-19 17:57:03 +01:00
gcp-cherry-pick-bot[bot]
6611a64a62 web: bump API Client version (cherry-pick #13113) (#13114) 
web: bump API Client version (#13113)

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
 2025-02-19 13:16:48 +01:00
gcp-cherry-pick-bot[bot]
5262f61483 providers/rac: move to open source (cherry-pick #13015) (#13112) 
providers/rac: move to open source (#13015)

* move RAC to open source

* move web out of enterprise



* remove enterprise license requirements from RAC

* format



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2025-02-19 13:16:18 +01:00
Jens Langhammer
9dcbb4af9e release: 2025.2.0-rc1 2025-02-19 02:36:48 +01:00
gcp-cherry-pick-bot[bot]
0665bfac58 website/docs: add 2025.2 release notes (cherry-pick #13002) (#13108) 
website/docs: add 2025.2 release notes (#13002)

* website/docs: add 2025.2 release notes



* make compile



* ffs



* ffs



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-19 02:12:47 +01:00
gcp-cherry-pick-bot[bot]
790e0c4d80 core: clear expired database sessions (cherry-pick #13105) (#13106) 
core: clear expired database sessions (#13105)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2025-02-18 23:22:21 +01:00
290 changed files with 2323 additions and 5312 deletions
Expand all files Collapse all files

2
.bumpversion.cfg
View File

@ -1,5 +1,5 @@
[bumpversion]
current_version = 2025.2.0
current_version = 2025.2.1
tag = True
commit = True
parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)(?:-(?P<rc_t>[a-zA-Z-]+)(?P<rc_n>[1-9]\\d*))?

6
.github/ISSUE_TEMPLATE/bug_report.md vendored
View File

@ -28,11 +28,7 @@ Output of docker-compose logs or kubectl logs respectively
**Version and Deployment (please complete the following information):**
<!--
Notice: authentik supports installation via Docker, Kubernetes, and AWS CloudFormation only. Support is not available for other methods. For detailed installation and configuration instructions, please refer to the official documentation at https://docs.goauthentik.io/docs/install-config/.
-->
- authentik version: [e.g. 2025.2.0]
- authentik version: [e.g. 2021.8.5]
- Deployment: [e.g. docker-compose, helm]
**Additional context**

7
.github/ISSUE_TEMPLATE/question.md vendored
View File

@ -20,12 +20,7 @@ Output of docker-compose logs or kubectl logs respectively
**Version and Deployment (please complete the following information):**
<!--
Notice: authentik supports installation via Docker, Kubernetes, and AWS CloudFormation only. Support is not available for other methods. For detailed installation and configuration instructions, please refer to the official documentation at https://docs.goauthentik.io/docs/install-config/.
-->
- authentik version: [e.g. 2025.2.0]
- authentik version: [e.g. 2021.8.5]
- Deployment: [e.g. docker-compose, helm]
**Additional context**

2
.github/actions/setup/action.yml vendored
View File

@ -35,7 +35,7 @@ runs:
run: |
export PSQL_TAG=${{ inputs.postgresql_version }}
docker compose -f .github/actions/setup/docker-compose.yml up -d
poetry sync
poetry install --sync
cd web && npm ci
- name: Generate config
shell: poetry run python {0}

7
.github/workflows/translation-extract-compile.yml vendored
View File

@ -1,13 +1,9 @@
---
name: authentik-translate-extract-compile
name: authentik-backend-translate-extract-compile
on:
schedule:
- cron: "0 0 * * *" # every day at midnight
workflow_dispatch:
pull_request:
branches:
- main
- version-*
env:
POSTGRES_DB: authentik
@ -36,7 +32,6 @@ jobs:
poetry run ak compilemessages
make web-check-compile
- name: Create Pull Request
if: ${{ github.event_name != 'pull_request' }}
uses: peter-evans/create-pull-request@v7
with:
token: ${{ steps.generate_token.outputs.token }}

2
SECURITY.md
View File

@ -20,8 +20,8 @@ Even if the issue is not a CVE, we still greatly appreciate your help in hardeni
| Version | Supported |
| --------- | --------- |
| 2024.10.x | ✅ |
| 2024.12.x | ✅ |
| 2025.2.x | ✅ |
## Reporting a Vulnerability

2
authentik/__init__.py
View File

@ -2,7 +2,7 @@
from os import environ
__version__ = "2025.2.0"
__version__ = "2025.2.1"
ENV_GIT_HASH_KEY = "GIT_BUILD_HASH"

1
authentik/core/templates/base/header_js.html
View File

@ -11,6 +11,7 @@
build: "{{ build }}",
api: {
base: "{{ base_url }}",
relBase: "{{ base_url_rel }}",
},
};
window.addEventListener("DOMContentLoaded", function () {

1
authentik/core/views/interface.py
View File

@ -53,6 +53,7 @@ class InterfaceView(TemplateView):
kwargs["build"] = get_build_hash()
kwargs["url_kwargs"] = self.kwargs
kwargs["base_url"] = self.request.build_absolute_uri(CONFIG.get("web.path", "/"))
kwargs["base_url_rel"] = CONFIG.get("web.path", "/")
return super().get_context_data(**kwargs)

2
authentik/lib/default.yml
View File

@ -64,8 +64,6 @@ debugger: false
log_level: info
session_storage: cache
sessions:
unauthenticated_age: days=1
error_reporting:
enabled: false

4
authentik/root/settings.py
View File

@ -16,7 +16,6 @@ from authentik.lib.config import CONFIG, django_db_config, redis_url
from authentik.lib.logging import get_logger_config, structlog_configure
from authentik.lib.sentry import sentry_init
from authentik.lib.utils.reflection import get_env
from authentik.lib.utils.time import timedelta_from_string
from authentik.stages.password import BACKEND_APP_PASSWORD, BACKEND_INBUILT, BACKEND_LDAP
BASE_DIR = Path(__file__).absolute().parent.parent.parent
@ -243,9 +242,6 @@ SESSION_CACHE_ALIAS = "default"
# Configured via custom SessionMiddleware
# SESSION_COOKIE_SAMESITE = "None"
# SESSION_COOKIE_SECURE = True
SESSION_COOKIE_AGE = timedelta_from_string(
CONFIG.get("sessions.unauthenticated_age", "days=1")
).total_seconds()
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
MESSAGE_STORAGE = "authentik.root.messages.storage.ChannelsStorage"

8
authentik/stages/authenticator_email/tests.py
View File

@ -300,9 +300,11 @@ class TestAuthenticatorEmailStage(FlowTestCase):
)
self.assertEqual(response.status_code, 200)
self.assertTrue(device.confirmed)
# Session key should be removed after device is saved
device.save()
self.assertNotIn(SESSION_KEY_EMAIL_DEVICE, self.client.session)
# Get a fresh session to check if the key was removed
session = self.client.session
session.save()
session.load()
self.assertNotIn(SESSION_KEY_EMAIL_DEVICE, session)
def test_model_properties_and_methods(self):
"""Test model properties"""

13
authentik/stages/email/tasks.py
View File

@ -12,6 +12,7 @@ from structlog.stdlib import get_logger
from authentik.events.models import Event, EventAction, TaskStatus
from authentik.events.system_tasks import SystemTask
from authentik.lib.utils.reflection import class_to_path, path_to_class
from authentik.root.celery import CELERY_APP
from authentik.stages.authenticator_email.models import AuthenticatorEmailStage
from authentik.stages.email.models import EmailStage
@ -32,9 +33,10 @@ def send_mails(
Celery group promise for the email sending tasks
"""
tasks = []
stage_class = stage.__class__
# Use the class path instead of the class itself for serialization
stage_class_path = class_to_path(stage.__class__)
for message in messages:
tasks.append(send_mail.s(message.__dict__, stage_class, str(stage.pk)))
tasks.append(send_mail.s(message.__dict__, stage_class_path, str(stage.pk)))
lazy_group = group(*tasks)
promise = lazy_group()
return promise
@ -61,7 +63,7 @@ def get_email_body(email: EmailMultiAlternatives) -> str:
def send_mail(
self: SystemTask,
message: dict[Any, Any],
stage_class: EmailStage | AuthenticatorEmailStage = EmailStage,
stage_class_path: str | None = None,
email_stage_pk: str | None = None,
):
"""Send Email for Email Stage. Retries are scheduled automatically."""
@ -69,9 +71,10 @@ def send_mail(
message_id = make_msgid(domain=DNS_NAME)
self.set_uid(slugify(message_id.replace(".", "_").replace("@", "_")))
try:
if not email_stage_pk:
stage: EmailStage | AuthenticatorEmailStage = stage_class(use_global_settings=True)
if not stage_class_path or not email_stage_pk:
stage = EmailStage(use_global_settings=True)
else:
stage_class = path_to_class(stage_class_path)
stages = stage_class.objects.filter(pk=email_stage_pk)
if not stages.exists():
self.set_status(

58
authentik/stages/email/tests/test_tasks.py Normal file
View File

@ -0,0 +1,58 @@
"""Test email stage tasks"""
from unittest.mock import patch
from django.core.mail import EmailMultiAlternatives
from django.test import TestCase
from authentik.core.tests.utils import create_test_admin_user
from authentik.lib.utils.reflection import class_to_path
from authentik.stages.authenticator_email.models import AuthenticatorEmailStage
from authentik.stages.email.models import EmailStage
from authentik.stages.email.tasks import get_email_body, send_mails
class TestEmailTasks(TestCase):
"""Test email stage tasks"""
def setUp(self):
self.user = create_test_admin_user()
self.stage = EmailStage.objects.create(
name="test-email",
use_global_settings=True,
)
self.auth_stage = AuthenticatorEmailStage.objects.create(
name="test-auth-email",
use_global_settings=True,
)
def test_get_email_body_html(self):
"""Test get_email_body with HTML alternative"""
message = EmailMultiAlternatives()
message.body = "plain text"
message.attach_alternative("<p>html content</p>", "text/html")
self.assertEqual(get_email_body(message), "<p>html content</p>")
def test_get_email_body_plain(self):
"""Test get_email_body with plain text only"""
message = EmailMultiAlternatives()
message.body = "plain text"
self.assertEqual(get_email_body(message), "plain text")
def test_send_mails_email_stage(self):
"""Test send_mails with EmailStage"""
message = EmailMultiAlternatives()
with patch("authentik.stages.email.tasks.send_mail") as mock_send:
send_mails(self.stage, message)
mock_send.s.assert_called_once_with(
message.__dict__, class_to_path(EmailStage), str(self.stage.pk)
)
def test_send_mails_authenticator_stage(self):
"""Test send_mails with AuthenticatorEmailStage"""
message = EmailMultiAlternatives()
with patch("authentik.stages.email.tasks.send_mail") as mock_send:
send_mails(self.auth_stage, message)
mock_send.s.assert_called_once_with(
message.__dict__, class_to_path(AuthenticatorEmailStage), str(self.auth_stage.pk)
)

2
blueprints/schema.json
View File

@ -2,7 +2,7 @@
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "https://goauthentik.io/blueprints/schema.json",
"type": "object",
"title": "authentik 2025.2.0 Blueprint schema",
"title": "authentik 2025.2.1 Blueprint schema",
"required": [
"version",
"entries"

4
docker-compose.yml
View File

@ -31,7 +31,7 @@ services:
volumes:
- redis:/data
server:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.0}
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.1}
restart: unless-stopped
command: server
environment:
@ -54,7 +54,7 @@ services:
redis:
condition: service_healthy
worker:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.0}
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.1}
restart: unless-stopped
command: worker
environment:

24
go.mod
View File

@ -1,8 +1,8 @@
module goauthentik.io
go 1.23.0
go 1.23
toolchain go1.24.0
toolchain go1.23.0
require (
beryju.io/ldap v0.1.0
@ -22,16 +22,16 @@ require (
github.com/mitchellh/mapstructure v1.5.0
github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484
github.com/pires/go-proxyproto v0.8.0
github.com/prometheus/client_golang v1.21.0
github.com/redis/go-redis/v9 v9.7.1
github.com/prometheus/client_golang v1.20.5
github.com/redis/go-redis/v9 v9.7.0
github.com/sethvargo/go-envconfig v1.1.1
github.com/sirupsen/logrus v1.9.3
github.com/spf13/cobra v1.9.1
github.com/stretchr/testify v1.10.0
github.com/wwt/guac v1.3.2
goauthentik.io/api/v3 v3.2025020.1
goauthentik.io/api/v3 v3.2024123.6
golang.org/x/exp v0.0.0-20230210204819-062eb4c674ab
golang.org/x/oauth2 v0.27.0
golang.org/x/oauth2 v0.26.0
golang.org/x/sync v0.11.0
gopkg.in/yaml.v2 v2.4.0
layeh.com/radius v0.0.0-20210819152912-ad72663a72ab
@ -48,7 +48,7 @@ require (
github.com/go-asn1-ber/asn1-ber v1.5.7 // indirect
github.com/go-http-utils/fresh v0.0.0-20161124030543-7231e26a4b27 // indirect
github.com/go-http-utils/headers v0.0.0-20181008091004-fed159eddc2a // indirect
github.com/go-jose/go-jose/v4 v4.0.5 // indirect
github.com/go-jose/go-jose/v4 v4.0.2 // indirect
github.com/go-logr/logr v1.4.1 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-openapi/analysis v0.23.0 // indirect
@ -62,23 +62,23 @@ require (
github.com/go-openapi/validate v0.24.0 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/klauspost/compress v1.17.11 // indirect
github.com/klauspost/compress v1.17.9 // indirect
github.com/mailru/easyjson v0.7.7 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/oklog/ulid v1.3.1 // indirect
github.com/opentracing/opentracing-go v1.2.0 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/client_model v0.6.1 // indirect
github.com/prometheus/common v0.62.0 // indirect
github.com/prometheus/common v0.55.0 // indirect
github.com/prometheus/procfs v0.15.1 // indirect
github.com/spf13/pflag v1.0.6 // indirect
go.mongodb.org/mongo-driver v1.14.0 // indirect
go.opentelemetry.io/otel v1.24.0 // indirect
go.opentelemetry.io/otel/metric v1.24.0 // indirect
go.opentelemetry.io/otel/trace v1.24.0 // indirect
golang.org/x/crypto v0.32.0 // indirect
golang.org/x/sys v0.29.0 // indirect
golang.org/x/crypto v0.31.0 // indirect
golang.org/x/sys v0.28.0 // indirect
golang.org/x/text v0.21.0 // indirect
google.golang.org/protobuf v1.36.1 // indirect
google.golang.org/protobuf v1.34.2 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)

38
go.sum
View File

@ -84,8 +84,8 @@ github.com/go-http-utils/fresh v0.0.0-20161124030543-7231e26a4b27 h1:O6yi4xa9b2D
github.com/go-http-utils/fresh v0.0.0-20161124030543-7231e26a4b27/go.mod h1:AYvN8omj7nKLmbcXS2dyABYU6JB1Lz1bHmkkq1kf4I4=
github.com/go-http-utils/headers v0.0.0-20181008091004-fed159eddc2a h1:v6zMvHuY9yue4+QkG/HQ/W67wvtQmWJ4SDo9aK/GIno=
github.com/go-http-utils/headers v0.0.0-20181008091004-fed159eddc2a/go.mod h1:I79BieaU4fxrw4LMXby6q5OS9XnoR9UIKLOzDFjUmuw=
github.com/go-jose/go-jose/v4 v4.0.5 h1:M6T8+mKZl/+fNNuFHvGIzDz7BTLQPIounk/b9dw3AaE=
github.com/go-jose/go-jose/v4 v4.0.5/go.mod h1:s3P1lRrkT8igV8D9OjyL4WRyHvjB6a4JSllnOrmmBOA=
github.com/go-jose/go-jose/v4 v4.0.2 h1:R3l3kkBds16bO7ZFAEEcofK0MkrAJt3jlJznWZG0nvk=
github.com/go-jose/go-jose/v4 v4.0.2/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY=
github.com/go-ldap/ldap/v3 v3.4.10 h1:ot/iwPOhfpNVgB1o+AVXljizWZ9JTp7YF5oeyONmcJU=
github.com/go-ldap/ldap/v3 v3.4.10/go.mod h1:JXh4Uxgi40P6E9rdsYqpUtbW46D9UTjJ9QSwGRznplY=
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
@ -207,8 +207,8 @@ github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFF
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc=
github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA=
github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
@ -239,17 +239,17 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/prometheus/client_golang v1.21.0 h1:DIsaGmiaBkSangBgMtWdNfxbMNdku5IK6iNhrEqWvdA=
github.com/prometheus/client_golang v1.21.0/go.mod h1:U9NM32ykUErtVBxdvD3zfi+EuFkkaBvMb09mIfe0Zgg=
github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y=
github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io=
github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I=
github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc=
github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8=
github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
github.com/redis/go-redis/v9 v9.7.1 h1:4LhKRCIduqXqtvCUlaq9c8bdHOkICjDMrr1+Zb3osAc=
github.com/redis/go-redis/v9 v9.7.1/go.mod h1:f6zhXITC7JUJIlPEiBOTXxJgPLdZcA93GewI7inzyWw=
github.com/redis/go-redis/v9 v9.7.0 h1:HhLSs+B6O021gwzl+locl0zEDnyNkxMtf/Z3NNBMa9E=
github.com/redis/go-redis/v9 v9.7.0/go.mod h1:f6zhXITC7JUJIlPEiBOTXxJgPLdZcA93GewI7inzyWw=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
@ -299,8 +299,8 @@ go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y
go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU=
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
goauthentik.io/api/v3 v3.2025020.1 h1:7922W4XiGif7lUCl2qlaeQJ3wSx1wDDDpXx8ryx0Hv0=
goauthentik.io/api/v3 v3.2025020.1/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
goauthentik.io/api/v3 v3.2024123.6 h1:AGOCa7Fc/9eONCPEW4sEhTiyEBvxN57Lfqz1zm6Gy98=
goauthentik.io/api/v3 v3.2024123.6/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
@ -312,9 +312,8 @@ golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@ -394,8 +393,8 @@ golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4Iltr
golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.27.0 h1:da9Vo7/tDv5RH/7nZDz1eMGS/q1Vv1N/7FCrBhI9I3M=
golang.org/x/oauth2 v0.27.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8=
golang.org/x/oauth2 v0.26.0 h1:afQXWNNaeC4nvZ0Ed9XvCCzXM6UHJG7iCg0W4fPqSBE=
golang.org/x/oauth2 v0.26.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@ -448,9 +447,8 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@ -597,8 +595,8 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk=
google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=

2
internal/constants/constants.go
View File

@ -29,4 +29,4 @@ func UserAgent() string {
return fmt.Sprintf("authentik@%s", FullVersion())
}
const VERSION = "2025.2.0"
const VERSION = "2025.2.1"

8
lifecycle/aws/package-lock.json generated
View File

@ -9,7 +9,7 @@
"version": "0.0.0",
"license": "MIT",
"devDependencies": {
"aws-cdk": "^2.1000.3",
"aws-cdk": "^2.179.0",
"cross-env": "^7.0.3"
},
"engines": {
@ -17,9 +17,9 @@
}
},
"node_modules/aws-cdk": {
"version": "2.1000.3",
"resolved": "https://registry.npmjs.org/aws-cdk/-/aws-cdk-2.1000.3.tgz",
"integrity": "sha512-y0sU603gGWpVTwqDw9MKVHg3e1t49Mvve6t3YDOvjeKY195Vu6dgHlHjW4h8n1vX04r49NKfpoApG60V8sMbdw==",
"version": "2.179.0",
"resolved": "https://registry.npmjs.org/aws-cdk/-/aws-cdk-2.179.0.tgz",
"integrity": "sha512-aA2+8S2g4UBQHkUEt0mYd16VLt/ucR+QfyUJi34LDKRAhOCNDjPCZ4z9z/JEDyuni0BdzsYA55pnpDN9tMULpA==",
"dev": true,
"license": "Apache-2.0",
"bin": {

2
lifecycle/aws/package.json
View File

@ -10,7 +10,7 @@
"node": ">=20"
},
"devDependencies": {
"aws-cdk": "^2.1000.3",
"aws-cdk": "^2.179.0",
"cross-env": "^7.0.3"
}
}

2
lifecycle/aws/template.yaml
View File

@ -26,7 +26,7 @@ Parameters:
Description: authentik Docker image
AuthentikVersion:
Type: String
Default: 2025.2.0
Default: 2025.2.1
Description: authentik Docker image tag
AuthentikServerCPU:
Type: Number

245
locale/en/LC_MESSAGES/django.po
View File

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2025-02-25 00:11+0000\n"
"POT-Creation-Date: 2025-02-14 14:49+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -109,10 +109,6 @@ msgstr ""
msgid "Extra description not available"
msgstr ""
#: authentik/core/api/groups.py
msgid "Cannot set group as parent of itself."
msgstr ""
#: authentik/core/api/providers.py
msgid ""
"When not set all providers are returned. When set to true, only backchannel "
@ -156,14 +152,6 @@ msgstr ""
msgid "Remove user from group"
msgstr ""
#: authentik/core/models.py
msgid "Enable superuser status"
msgstr ""
#: authentik/core/models.py
msgid "Disable superuser status"
msgstr ""
#: authentik/core/models.py
msgid "User's display name."
msgstr ""
@ -512,6 +500,57 @@ msgstr ""
msgid "Microsoft Entra Provider Mappings"
msgstr ""
#: authentik/enterprise/providers/rac/models.py
#: authentik/stages/user_login/models.py
msgid ""
"Determines how long a session lasts. Default of 0 means that the sessions "
"lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)"
msgstr ""
#: authentik/enterprise/providers/rac/models.py
msgid "When set to true, connection tokens will be deleted upon disconnect."
msgstr ""
#: authentik/enterprise/providers/rac/models.py
msgid "RAC Provider"
msgstr ""
#: authentik/enterprise/providers/rac/models.py
msgid "RAC Providers"
msgstr ""
#: authentik/enterprise/providers/rac/models.py
msgid "RAC Endpoint"
msgstr ""
#: authentik/enterprise/providers/rac/models.py
msgid "RAC Endpoints"
msgstr ""
#: authentik/enterprise/providers/rac/models.py
msgid "RAC Provider Property Mapping"
msgstr ""
#: authentik/enterprise/providers/rac/models.py
msgid "RAC Provider Property Mappings"
msgstr ""
#: authentik/enterprise/providers/rac/models.py
msgid "RAC Connection token"
msgstr ""
#: authentik/enterprise/providers/rac/models.py
msgid "RAC Connection tokens"
msgstr ""
#: authentik/enterprise/providers/rac/views.py
msgid "Maximum connection limit reached."
msgstr ""
#: authentik/enterprise/providers/rac/views.py
msgid "(You are already connected in another tab/window)"
msgstr ""
#: authentik/enterprise/providers/ssf/models.py
#: authentik/providers/oauth2/models.py
msgid "Signing Key"
@ -612,7 +651,7 @@ msgstr ""
msgid "Slack Webhook (Slack/Discord)"
msgstr ""
#: authentik/events/models.py authentik/stages/authenticator_validate/models.py
#: authentik/events/models.py
msgid "Email"
msgstr ""
@ -1066,14 +1105,6 @@ msgstr ""
msgid "Client IP is not in an allowed country."
msgstr ""
#: authentik/policies/geoip/models.py
msgid "Distance from previous authentication is larger than threshold."
msgstr ""
#: authentik/policies/geoip/models.py
msgid "Distance is further than possible."
msgstr ""
#: authentik/policies/geoip/models.py
msgid "GeoIP Policy"
msgstr ""
@ -1612,56 +1643,6 @@ msgstr ""
msgid "Proxy Providers"
msgstr ""
#: authentik/providers/rac/models.py authentik/stages/user_login/models.py
msgid ""
"Determines how long a session lasts. Default of 0 means that the sessions "
"lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)"
msgstr ""
#: authentik/providers/rac/models.py
msgid "When set to true, connection tokens will be deleted upon disconnect."
msgstr ""
#: authentik/providers/rac/models.py
msgid "RAC Provider"
msgstr ""
#: authentik/providers/rac/models.py
msgid "RAC Providers"
msgstr ""
#: authentik/providers/rac/models.py
msgid "RAC Endpoint"
msgstr ""
#: authentik/providers/rac/models.py
msgid "RAC Endpoints"
msgstr ""
#: authentik/providers/rac/models.py
msgid "RAC Provider Property Mapping"
msgstr ""
#: authentik/providers/rac/models.py
msgid "RAC Provider Property Mappings"
msgstr ""
#: authentik/providers/rac/models.py
msgid "RAC Connection token"
msgstr ""
#: authentik/providers/rac/models.py
msgid "RAC Connection tokens"
msgstr ""
#: authentik/providers/rac/views.py
msgid "Maximum connection limit reached."
msgstr ""
#: authentik/providers/rac/views.py
msgid "(You are already connected in another tab/window)"
msgstr ""
#: authentik/providers/radius/models.py
msgid "Shared secret between clients and server to hash packets."
msgstr ""
@ -2505,98 +2486,6 @@ msgstr ""
msgid "Duo Devices"
msgstr ""
#: authentik/stages/authenticator_email/models.py
msgid "Email OTP"
msgstr ""
#: authentik/stages/authenticator_email/models.py
#: authentik/stages/email/models.py
msgid ""
"When enabled, global Email connection settings will be used and connection "
"settings below will be ignored."
msgstr ""
#: authentik/stages/authenticator_email/models.py
msgid "Time the token sent is valid (Format: hours=3,minutes=17,seconds=300)."
msgstr ""
#: authentik/stages/authenticator_email/models.py
msgid "Email Authenticator Setup Stage"
msgstr ""
#: authentik/stages/authenticator_email/models.py
msgid "Email Authenticator Setup Stages"
msgstr ""
#: authentik/stages/authenticator_email/models.py
#: authentik/stages/authenticator_email/stage.py
#: authentik/stages/email/stage.py
msgid "Exception occurred while rendering E-mail template"
msgstr ""
#: authentik/stages/authenticator_email/models.py
msgid "Email Device"
msgstr ""
#: authentik/stages/authenticator_email/models.py
msgid "Email Devices"
msgstr ""
#: authentik/stages/authenticator_email/stage.py
#: authentik/stages/authenticator_sms/stage.py
#: authentik/stages/authenticator_totp/stage.py
msgid "Code does not match"
msgstr ""
#: authentik/stages/authenticator_email/stage.py
msgid "Invalid email"
msgstr ""
#: authentik/stages/authenticator_email/templates/email/email_otp.html
#: authentik/stages/email/templates/email/password_reset.html
#, python-format
msgid ""
"\n"
" Hi %(username)s,\n"
" "
msgstr ""
#: authentik/stages/authenticator_email/templates/email/email_otp.html
msgid ""
"\n"
" Email MFA code.\n"
" "
msgstr ""
#: authentik/stages/authenticator_email/templates/email/email_otp.html
#, python-format
msgid ""
"\n"
" If you did not request this code, please ignore this email. The code "
"above is valid for %(expires)s.\n"
" "
msgstr ""
#: authentik/stages/authenticator_email/templates/email/email_otp.txt
#: authentik/stages/email/templates/email/password_reset.txt
#, python-format
msgid "Hi %(username)s,"
msgstr ""
#: authentik/stages/authenticator_email/templates/email/email_otp.txt
msgid ""
"\n"
"Email MFA code\n"
msgstr ""
#: authentik/stages/authenticator_email/templates/email/email_otp.txt
#, python-format
msgid ""
"\n"
"If you did not request this code, please ignore this email. The code above "
"is valid for %(expires)s.\n"
msgstr ""
#: authentik/stages/authenticator_sms/models.py
msgid ""
"When enabled, the Phone number is only used during enrollment to verify the "
@ -2629,6 +2518,11 @@ msgstr ""
msgid "SMS Devices"
msgstr ""
#: authentik/stages/authenticator_sms/stage.py
#: authentik/stages/authenticator_totp/stage.py
msgid "Code does not match"
msgstr ""
#: authentik/stages/authenticator_sms/stage.py
msgid "Invalid phone number"
msgstr ""
@ -2851,6 +2745,12 @@ msgstr ""
msgid "Account Confirmation"
msgstr ""
#: authentik/stages/email/models.py
msgid ""
"When enabled, global Email connection settings will be used and connection "
"settings below will be ignored."
msgstr ""
#: authentik/stages/email/models.py
msgid "Activate users upon completion of stage."
msgstr ""
@ -2867,6 +2767,10 @@ msgstr ""
msgid "Email Stages"
msgstr ""
#: authentik/stages/email/stage.py
msgid "Exception occurred while rendering E-mail template"
msgstr ""
#: authentik/stages/email/stage.py
msgid "Successfully verified Email."
msgstr ""
@ -2941,6 +2845,14 @@ msgid ""
"This email was sent from the notification transport %(name)s.\n"
msgstr ""
#: authentik/stages/email/templates/email/password_reset.html
#, python-format
msgid ""
"\n"
" Hi %(username)s,\n"
" "
msgstr ""
#: authentik/stages/email/templates/email/password_reset.html
msgid ""
"\n"
@ -2958,6 +2870,11 @@ msgid ""
" "
msgstr ""
#: authentik/stages/email/templates/email/password_reset.txt
#, python-format
msgid "Hi %(username)s,"
msgstr ""
#: authentik/stages/email/templates/email/password_reset.txt
msgid ""
"\n"

BIN
locale/ru/LC_MESSAGES/django.mo
View File

Binary file not shown.

2
package.json
View File

@ -1,5 +1,5 @@
{
"name": "@goauthentik/authentik",
"version": "2025.2.0",
"version": "2025.2.1",
"private": true
}

264
poetry.lock generated
View File

@ -392,13 +392,13 @@ typeguard = ">=2.13.3,<4.3.0"
[[package]]
name = "aws-cdk-lib"
version = "2.180.0"
version = "2.179.0"
description = "Version 2 of the AWS Cloud Development Kit library"
optional = false
python-versions = "~=3.8"
files = [
{file = "aws_cdk_lib-2.180.0-py3-none-any.whl", hash = "sha256:5700a84dc4c2c6d323e596119fb4100e66aef6265a4d984bbe2e9341174d048b"},
{file = "aws_cdk_lib-2.180.0.tar.gz", hash = "sha256:28ba2c75bd55886eb5e686c58be656c9ab29b895f774f9129eaa3255ffcd6b42"},
{file = "aws_cdk_lib-2.179.0-py3-none-any.whl", hash = "sha256:1d7b88ee69067b8d58dac9eeb6697bbaf5d5c032a3070898389c41e7c4f3e3d7"},
{file = "aws_cdk_lib-2.179.0.tar.gz", hash = "sha256:b653a55754f4020a4b36e4ae183d213e76e27b18b842cbf9e430e9eccb700550"},
]
[package.dependencies]
@ -1694,17 +1694,18 @@ files = [
[[package]]
name = "duo-client"
version = "5.4.0"
version = "5.3.0"
description = "Reference client for Duo Security APIs"
optional = false
python-versions = "*"
files = [
{file = "duo_client-5.4.0-py3-none-any.whl", hash = "sha256:092d2f79ca2dd7107f944807a109c98c08b99c2dd7fc422b979a248787852068"},
{file = "duo_client-5.4.0.tar.gz", hash = "sha256:8e0fec41006951ce7d0ac5281ddfef59f154e194c71d5a00d717e1769e9077bb"},
{file = "duo_client-5.3.0-py3-none-any.whl", hash = "sha256:85614bb684cef96285268aef0c1e858df939f6e8a190fb2c707d700bb0215766"},
{file = "duo_client-5.3.0.tar.gz", hash = "sha256:afa5ef98a42f06965a2702ca41dba9c85c483abd945e0a440f0ec4871b7593bf"},
]
[package.dependencies]
setuptools = "*"
six = "*"
[[package]]
name = "durationpy"
@ -2523,13 +2524,13 @@ zookeeper = ["kazoo (>=2.8.0)"]
[[package]]
name = "kubernetes"
version = "32.0.1"
version = "32.0.0"
description = "Kubernetes python client"
optional = false
python-versions = ">=3.6"
files = [
{file = "kubernetes-32.0.1-py2.py3-none-any.whl", hash = "sha256:35282ab8493b938b08ab5526c7ce66588232df00ef5e1dbe88a419107dc10998"},
{file = "kubernetes-32.0.1.tar.gz", hash = "sha256:42f43d49abd437ada79a79a16bd48a604d3471a117a8347e87db693f2ba0ba28"},
{file = "kubernetes-32.0.0-py2.py3-none-any.whl", hash = "sha256:60fd8c29e8e43d9c553ca4811895a687426717deba9c0a66fb2dcc3f5ef96692"},
{file = "kubernetes-32.0.0.tar.gz", hash = "sha256:319fa840345a482001ac5d6062222daeb66ec4d1bcb3087402aed685adf0aecb"},
]
[package.dependencies]
@ -3717,36 +3718,36 @@ files = [
[[package]]
name = "psycopg"
version = "3.2.5"
version = "3.2.4"
description = "PostgreSQL database adapter for Python"
optional = false
python-versions = ">=3.8"
files = [
{file = "psycopg-3.2.5-py3-none-any.whl", hash = "sha256:b782130983e5b3de30b4c529623d3687033b4dafa05bb661fc6bf45837ca5879"},
{file = "psycopg-3.2.5.tar.gz", hash = "sha256:f5f750611c67cb200e85b408882f29265c66d1de7f813add4f8125978bfd70e8"},
{file = "psycopg-3.2.4-py3-none-any.whl", hash = "sha256:43665368ccd48180744cab26b74332f46b63b7e06e8ce0775547a3533883d381"},
{file = "psycopg-3.2.4.tar.gz", hash = "sha256:f26f1346d6bf1ef5f5ef1714dd405c67fb365cfd1c6cea07de1792747b167b92"},
]
[package.dependencies]
psycopg-c = {version = "3.2.5", optional = true, markers = "implementation_name != \"pypy\" and extra == \"c\""}
psycopg-c = {version = "3.2.4", optional = true, markers = "implementation_name != \"pypy\" and extra == \"c\""}
typing-extensions = {version = ">=4.6", markers = "python_version < \"3.13\""}
tzdata = {version = "*", markers = "sys_platform == \"win32\""}
[package.extras]
binary = ["psycopg-binary (==3.2.5)"]
c = ["psycopg-c (==3.2.5)"]
dev = ["ast-comments (>=1.1.2)", "black (>=24.1.0)", "codespell (>=2.2)", "dnspython (>=2.1)", "flake8 (>=4.0)", "isort-psycopg", "isort[colors] (>=6.0)", "mypy (>=1.14)", "pre-commit (>=4.0.1)", "types-setuptools (>=57.4)", "wheel (>=0.37)"]
binary = ["psycopg-binary (==3.2.4)"]
c = ["psycopg-c (==3.2.4)"]
dev = ["ast-comments (>=1.1.2)", "black (>=24.1.0)", "codespell (>=2.2)", "dnspython (>=2.1)", "flake8 (>=4.0)", "mypy (>=1.14)", "pre-commit (>=4.0.1)", "types-setuptools (>=57.4)", "wheel (>=0.37)"]
docs = ["Sphinx (>=5.0)", "furo (==2022.6.21)", "sphinx-autobuild (>=2021.3.14)", "sphinx-autodoc-typehints (>=1.12)"]
pool = ["psycopg-pool"]
test = ["anyio (>=4.0)", "mypy (>=1.14)", "pproxy (>=2.7)", "pytest (>=6.2.5)", "pytest-cov (>=3.0)", "pytest-randomly (>=3.5)"]
[[package]]
name = "psycopg-c"
version = "3.2.5"
version = "3.2.4"
description = "PostgreSQL database adapter for Python -- C optimisation distribution"
optional = false
python-versions = ">=3.8"
files = [
{file = "psycopg_c-3.2.5.tar.gz", hash = "sha256:57ad4cfd28de278c424aaceb1f2ad5c7910466e315dfe84e403f3c7a0a2ce81b"},
{file = "psycopg_c-3.2.4.tar.gz", hash = "sha256:22097a04263efb2efd2cc8b00a51fa90e23f9cd4a2e09903fe4d9c6923dac17a"},
]
[[package]]
@ -4547,29 +4548,29 @@ pyasn1 = ">=0.1.3"
[[package]]
name = "ruff"
version = "0.9.7"
version = "0.9.6"
description = "An extremely fast Python linter and code formatter, written in Rust."
optional = false
python-versions = ">=3.7"
files = [
{file = "ruff-0.9.7-py3-none-linux_armv6l.whl", hash = "sha256:99d50def47305fe6f233eb8dabfd60047578ca87c9dcb235c9723ab1175180f4"},
{file = "ruff-0.9.7-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:d59105ae9c44152c3d40a9c40d6331a7acd1cdf5ef404fbe31178a77b174ea66"},
{file = "ruff-0.9.7-py3-none-macosx_11_0_arm64.whl", hash = "sha256:f313b5800483770bd540cddac7c90fc46f895f427b7820f18fe1822697f1fec9"},
{file = "ruff-0.9.7-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:042ae32b41343888f59c0a4148f103208bf6b21c90118d51dc93a68366f4e903"},
{file = "ruff-0.9.7-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:87862589373b33cc484b10831004e5e5ec47dc10d2b41ba770e837d4f429d721"},
{file = "ruff-0.9.7-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:a17e1e01bee0926d351a1ee9bc15c445beae888f90069a6192a07a84af544b6b"},
{file = "ruff-0.9.7-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:7c1f880ac5b2cbebd58b8ebde57069a374865c73f3bf41f05fe7a179c1c8ef22"},
{file = "ruff-0.9.7-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:e63fc20143c291cab2841dbb8260e96bafbe1ba13fd3d60d28be2c71e312da49"},
{file = "ruff-0.9.7-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:91ff963baed3e9a6a4eba2a02f4ca8eaa6eba1cc0521aec0987da8d62f53cbef"},
{file = "ruff-0.9.7-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:88362e3227c82f63eaebf0b2eff5b88990280fb1ecf7105523883ba8c3aaf6fb"},
{file = "ruff-0.9.7-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:0372c5a90349f00212270421fe91874b866fd3626eb3b397ede06cd385f6f7e0"},
{file = "ruff-0.9.7-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:d76b8ab60e99e6424cd9d3d923274a1324aefce04f8ea537136b8398bbae0a62"},
{file = "ruff-0.9.7-py3-none-musllinux_1_2_i686.whl", hash = "sha256:0c439bdfc8983e1336577f00e09a4e7a78944fe01e4ea7fe616d00c3ec69a3d0"},
{file = "ruff-0.9.7-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:115d1f15e8fdd445a7b4dc9a30abae22de3f6bcabeb503964904471691ef7606"},
{file = "ruff-0.9.7-py3-none-win32.whl", hash = "sha256:e9ece95b7de5923cbf38893f066ed2872be2f2f477ba94f826c8defdd6ec6b7d"},
{file = "ruff-0.9.7-py3-none-win_amd64.whl", hash = "sha256:3770fe52b9d691a15f0b87ada29c45324b2ace8f01200fb0c14845e499eb0c2c"},
{file = "ruff-0.9.7-py3-none-win_arm64.whl", hash = "sha256:b075a700b2533feb7a01130ff656a4ec0d5f340bb540ad98759b8401c32c2037"},
{file = "ruff-0.9.7.tar.gz", hash = "sha256:643757633417907510157b206e490c3aa11cab0c087c912f60e07fbafa87a4c6"},
{file = "ruff-0.9.6-py3-none-linux_armv6l.whl", hash = "sha256:2f218f356dd2d995839f1941322ff021c72a492c470f0b26a34f844c29cdf5ba"},
{file = "ruff-0.9.6-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:b908ff4df65dad7b251c9968a2e4560836d8f5487c2f0cc238321ed951ea0504"},
{file = "ruff-0.9.6-py3-none-macosx_11_0_arm64.whl", hash = "sha256:b109c0ad2ececf42e75fa99dc4043ff72a357436bb171900714a9ea581ddef83"},
{file = "ruff-0.9.6-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1de4367cca3dac99bcbd15c161404e849bb0bfd543664db39232648dc00112dc"},
{file = "ruff-0.9.6-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:ac3ee4d7c2c92ddfdaedf0bf31b2b176fa7aa8950efc454628d477394d35638b"},
{file = "ruff-0.9.6-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:5dc1edd1775270e6aa2386119aea692039781429f0be1e0949ea5884e011aa8e"},
{file = "ruff-0.9.6-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:4a091729086dffa4bd070aa5dab7e39cc6b9d62eb2bef8f3d91172d30d599666"},
{file = "ruff-0.9.6-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:d1bbc6808bf7b15796cef0815e1dfb796fbd383e7dbd4334709642649625e7c5"},
{file = "ruff-0.9.6-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:589d1d9f25b5754ff230dce914a174a7c951a85a4e9270613a2b74231fdac2f5"},
{file = "ruff-0.9.6-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:dc61dd5131742e21103fbbdcad683a8813be0e3c204472d520d9a5021ca8b217"},
{file = "ruff-0.9.6-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:5e2d9126161d0357e5c8f30b0bd6168d2c3872372f14481136d13de9937f79b6"},
{file = "ruff-0.9.6-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:68660eab1a8e65babb5229a1f97b46e3120923757a68b5413d8561f8a85d4897"},
{file = "ruff-0.9.6-py3-none-musllinux_1_2_i686.whl", hash = "sha256:c4cae6c4cc7b9b4017c71114115db0445b00a16de3bcde0946273e8392856f08"},
{file = "ruff-0.9.6-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:19f505b643228b417c1111a2a536424ddde0db4ef9023b9e04a46ed8a1cb4656"},
{file = "ruff-0.9.6-py3-none-win32.whl", hash = "sha256:194d8402bceef1b31164909540a597e0d913c0e4952015a5b40e28c146121b5d"},
{file = "ruff-0.9.6-py3-none-win_amd64.whl", hash = "sha256:03482d5c09d90d4ee3f40d97578423698ad895c87314c4de39ed2af945633caa"},
{file = "ruff-0.9.6-py3-none-win_arm64.whl", hash = "sha256:0e2bb706a2be7ddfea4a4af918562fdc1bcb16df255e5fa595bbd800ce322a5a"},
{file = "ruff-0.9.6.tar.gz", hash = "sha256:81761592f72b620ec8fa1068a6fd00e98a5ebee342a3642efd84454f3031dca9"},
]
[[package]]
@ -4608,13 +4609,13 @@ django-query = ["django (>=3.2)"]
[[package]]
name = "selenium"
version = "4.29.0"
version = "4.28.1"
description = "Official Python bindings for Selenium WebDriver"
optional = false
python-versions = ">=3.9"
files = [
{file = "selenium-4.29.0-py3-none-any.whl", hash = "sha256:ce5d26f1ddc1111641113653af33694c13947dd36c2df09cdd33f554351d372e"},
{file = "selenium-4.29.0.tar.gz", hash = "sha256:3a62f7ec33e669364a6c0562a701deb69745b569c50d55f1a912bf8eb33358ba"},
{file = "selenium-4.28.1-py3-none-any.whl", hash = "sha256:4238847e45e24e4472cfcf3554427512c7aab9443396435b1623ef406fff1cc1"},
{file = "selenium-4.28.1.tar.gz", hash = "sha256:0072d08670d7ec32db901bd0107695a330cecac9f196e3afb3fa8163026e022a"},
]
[package.dependencies]
@ -4707,96 +4708,96 @@ tests = ["coverage[toml] (>=5.0.2)", "pytest"]
[[package]]
name = "setproctitle"
version = "1.3.5"
version = "1.3.4"
description = "A Python module to customize the process title"
optional = false
python-versions = ">=3.8"
files = [
{file = "setproctitle-1.3.5-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:02870e0cb0de7f68a7a8a5b23c2bc0ce63821cab3d9b126f9be80bb6cd674c80"},
{file = "setproctitle-1.3.5-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:55b278135be742b8901067479626d909f6613bd2d2c4fd0de6bb46f80e07a919"},
{file = "setproctitle-1.3.5-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:53fc971f7bf7a674f571a23cdec70f2f0ac88152c59c06aa0808d0be6d834046"},
{file = "setproctitle-1.3.5-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:fb0500e1bc6f00b8ba696c3743ddff14c8679e3c2ca9d292c008ac51488d17cf"},
{file = "setproctitle-1.3.5-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:995b3ac1b5fe510f4e1d1c19ebf19f4bceb448f2d6e8d99ea23f33cb6f1a277e"},
{file = "setproctitle-1.3.5-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a5a05e2c3fdfbda32b9c9da72d0506398d1efb5bd2c5981b9e12d3622eb3d4f9"},
{file = "setproctitle-1.3.5-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:310c7f4ca4c8476a9840b2cd4b22ee602a49a3c902fdcd2dd8284685abd10a9a"},
{file = "setproctitle-1.3.5-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:867af4a5c3d85484fbcc50ea88bcd375acf709cff88a3259575361849c0da351"},
{file = "setproctitle-1.3.5-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:8ec0a7fe9f1ba90900144489bc93ce7dd4dec3f3df1e7f188c9e58364fe4a4c5"},
{file = "setproctitle-1.3.5-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:aaee7acba2733a14a886488b7495bfec4a8d6407124c04a0946dbde1684230a3"},
{file = "setproctitle-1.3.5-cp310-cp310-win32.whl", hash = "sha256:bd2cccd972e4282af4ce2c13cd9ebdf07be157eabafd8ce648fffdc8ae6fbe28"},
{file = "setproctitle-1.3.5-cp310-cp310-win_amd64.whl", hash = "sha256:81f2328ac34c9584e1e5f87eea916c0bc48476a06606a07debae07acdd7ab5ea"},
{file = "setproctitle-1.3.5-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:1c8dcc250872385f2780a5ea58050b58cbc8b6a7e8444952a5a65c359886c593"},
{file = "setproctitle-1.3.5-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:ca82fae9eb4800231dd20229f06e8919787135a5581da245b8b05e864f34cc8b"},
{file = "setproctitle-1.3.5-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0424e1d33232322541cb36fb279ea5242203cd6f20de7b4fb2a11973d8e8c2ce"},
{file = "setproctitle-1.3.5-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:fec8340ab543144d04a9d805d80a0aad73fdeb54bea6ff94e70d39a676ea4ec0"},
{file = "setproctitle-1.3.5-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:eab441c89f181271ab749077dcc94045a423e51f2fb0b120a1463ef9820a08d0"},
{file = "setproctitle-1.3.5-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d2c371550a2288901a0dcd84192691ebd3197a43c95f3e0b396ed6d1cedf5c6c"},
{file = "setproctitle-1.3.5-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:78288ff5f9c415c56595b2257ad218936dd9fa726b36341b373b31ca958590fe"},
{file = "setproctitle-1.3.5-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:f1f13a25fc46731acab518602bb1149bfd8b5fabedf8290a7c0926d61414769d"},
{file = "setproctitle-1.3.5-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:1534d6cd3854d035e40bf4c091984cbdd4d555d7579676d406c53c8f187c006f"},
{file = "setproctitle-1.3.5-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:62a01c76708daac78b9688ffb95268c57cb57fa90b543043cda01358912fe2db"},
{file = "setproctitle-1.3.5-cp311-cp311-win32.whl", hash = "sha256:ea07f29735d839eaed985990a0ec42c8aecefe8050da89fec35533d146a7826d"},
{file = "setproctitle-1.3.5-cp311-cp311-win_amd64.whl", hash = "sha256:ab3ae11e10d13d514d4a5a15b4f619341142ba3e18da48c40e8614c5a1b5e3c3"},
{file = "setproctitle-1.3.5-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:523424b9be4dea97d95b8a584b183f35c7bab2d0a3d995b01febf5b8a8de90e4"},
{file = "setproctitle-1.3.5-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:b6ec1d86c1b4d7b5f2bdceadf213310cf24696b82480a2a702194b8a0bfbcb47"},
{file = "setproctitle-1.3.5-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ea6c505264275a43e9b2acd2acfc11ac33caf52bc3167c9fced4418a810f6b1c"},
{file = "setproctitle-1.3.5-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:0b91e68e6685998e6353f296100ecabc313a6cb3e413d66a03d74b988b61f5ff"},
{file = "setproctitle-1.3.5-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:bc1fda208ae3a2285ad27aeab44c41daf2328abe58fa3270157a739866779199"},
{file = "setproctitle-1.3.5-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:828727d220e46f048b82289018300a64547b46aaed96bf8810c05fe105426b41"},
{file = "setproctitle-1.3.5-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:83b016221cf80028b2947be20630faa14e3e72a403e35f0ba29550b4e856767b"},
{file = "setproctitle-1.3.5-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:6d8a411e752e794d052434139ca4234ffeceeb8d8d8ddc390a9051d7942b2726"},
{file = "setproctitle-1.3.5-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:50cfbf86b9c63a2c2903f1231f0a58edeb775e651ae1af84eec8430b0571f29b"},
{file = "setproctitle-1.3.5-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:f3b5e2eacd572444770026c9dd3ddc7543ce427cdf452d40a408d1e95beefb30"},
{file = "setproctitle-1.3.5-cp312-cp312-win32.whl", hash = "sha256:cf4e3ded98027de2596c6cc5bbd3302adfb3ca315c848f56516bb0b7e88de1e9"},
{file = "setproctitle-1.3.5-cp312-cp312-win_amd64.whl", hash = "sha256:f7a8c01ffd013dda2bed6e7d5cb59fbb609e72f805abf3ee98360f38f7758d9b"},
{file = "setproctitle-1.3.5-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:162fd76781f57f42ddf27c475e5fef6a8df4fdd69b28dd554e53e2eb2bfe0f95"},
{file = "setproctitle-1.3.5-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:4969d996bdfbe23bbd023cd0bae6c73a27371615c4ec5296a60cecce268659ef"},
{file = "setproctitle-1.3.5-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:bd70c95a94473216e7c7a7a1f7d8ecbaca5b16d4ba93ddbfd32050fc485a8451"},
{file = "setproctitle-1.3.5-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:7a887582bfdb6dcbc482db0ef9e630ad23ca95875806ef2b444bf6fbd7b7d7ca"},
{file = "setproctitle-1.3.5-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:755671c39a9e70834eeec6dc6b61e344399c49881d2e7ea3534a1c69669dd9cc"},
{file = "setproctitle-1.3.5-cp313-cp313-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9ab52b4c2ce056a1b60d439991a81ca90f019488d4b4f64b2779e6badd3677e6"},
{file = "setproctitle-1.3.5-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:36178b944019ec7fc52bb967ffeee296a11d373734a7be276755bedb3db5c141"},
{file = "setproctitle-1.3.5-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:269d41cd4f085b69821d1ee6599124f02dbbc79962b256e260b6c9021d037994"},
{file = "setproctitle-1.3.5-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:d880630fd81d1b3bde121c352ca7ea2f2ff507ef40c3c011d0928ed491f912c9"},
{file = "setproctitle-1.3.5-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:8a7fed67ab49f60bd51f3b4cffff3f8d754d1bb0a40e42869911301ec6519b65"},
{file = "setproctitle-1.3.5-cp313-cp313-win32.whl", hash = "sha256:e9c0d0cfcf715631b10d5950d04a9978f63bc46535724ef7c2eaf1dca9988642"},
{file = "setproctitle-1.3.5-cp313-cp313-win_amd64.whl", hash = "sha256:e1d28eb98c91fbebd3e443a45c7da5d84974959851ef304c330eabd654a386f1"},
{file = "setproctitle-1.3.5-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:8995a1217b52d11d92bafd069961a47c5e13d8751ca976a32b3ecbbd471eaf9b"},
{file = "setproctitle-1.3.5-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:ae2ce64ea87837c4e3e65a7a232ff80cf09aa7d916e74cb34a245c47fcd87981"},
{file = "setproctitle-1.3.5-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:20b84de1780bbb0adc67560a113a0ea57e6ecfce2325680de8efe6c2a2f781ac"},
{file = "setproctitle-1.3.5-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:1b1d2628ac9868f960d7e87b3a9b2bb337104c3644b699e52e01efd7e106e4fe"},
{file = "setproctitle-1.3.5-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:fa912c4d08c66afda30dd5af8f2e9c59065dfc36a51edbd5419c3a7c962875aa"},
{file = "setproctitle-1.3.5-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:dc4f783e100f8b451cd92fcabd3b831edfb1f7cb02be4a79b972f138e0001885"},
{file = "setproctitle-1.3.5-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:8ca56e39d10b6758046694a84950e5c5570a034c409ef3337595f64fc2cfa94d"},
{file = "setproctitle-1.3.5-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:8915d69260ba6a6aaf9a48f6b53dbf9f8e4dc0cb4ae25bc5edb16a1666b6e47c"},
{file = "setproctitle-1.3.5-cp38-cp38-musllinux_1_2_ppc64le.whl", hash = "sha256:7edd4fbb9fd17ed0e5a7f8bde9fa61c3987a34372084c45bab4eab6a2e554762"},
{file = "setproctitle-1.3.5-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:d0b19fd76d46b8096a463724739c3b09cf5ce38317f559f56f424f6ce7158de3"},
{file = "setproctitle-1.3.5-cp38-cp38-win32.whl", hash = "sha256:53ce572cdbd43a0bed2aa24299cd823ebf233a7fa720cc7f8634728c213679c0"},
{file = "setproctitle-1.3.5-cp38-cp38-win_amd64.whl", hash = "sha256:a58f00f35d6038ce1e8a9e5f87cb5ecce13ce118c5977a603566ad1fccc8d2cb"},
{file = "setproctitle-1.3.5-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:c4b299b5bbadf00034978b8d741c85af25173146747eb9dab22596ec805a52d6"},
{file = "setproctitle-1.3.5-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:d57e7626329d4fb138da5ce15270b08a91326969956fb19c7a8fec2639066704"},
{file = "setproctitle-1.3.5-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4272295721cf1fd2acf960b674d6dc09bec87f2a1e48995817b4ec4a3d483faf"},
{file = "setproctitle-1.3.5-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:f8305b6e6c203222c61318f338f1de08269ec66c247bf251593c215ff1fbeaf9"},
{file = "setproctitle-1.3.5-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:becc9f3f605936506d2bd63d9cf817b7ee66b10d204184c4a633064dbed579d6"},
{file = "setproctitle-1.3.5-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4629de80c47155a26e8d87a0a92d9428aa8d79ccfe2c20fd18888580619704e1"},
{file = "setproctitle-1.3.5-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:f1af1d310b5b6cda692da52bd862a9833086c0a3f8380fa92505dd23857dcf60"},
{file = "setproctitle-1.3.5-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:3bb6ea3d6e690677619508050bc681d86223723bdf67e4e8a8dffc3d04ca3044"},
{file = "setproctitle-1.3.5-cp39-cp39-musllinux_1_2_ppc64le.whl", hash = "sha256:322067ef1ffe70d297b00bee8a3862fed96021aa4318e3bce2d7c3bfa7a8d1e7"},
{file = "setproctitle-1.3.5-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:1b58d49c32a46c48dcc2812635a89e6bee31139b03818da49a0bbaeaf01edef9"},
{file = "setproctitle-1.3.5-cp39-cp39-win32.whl", hash = "sha256:707c23d4a88f5e66f1005d93558bf84eb45fc0fb0c4f33480a0c7d0895e8e848"},
{file = "setproctitle-1.3.5-cp39-cp39-win_amd64.whl", hash = "sha256:c64199a73d442a06d372b5286942229a43e86fa41bf36f317dcc60c036aff0bb"},
{file = "setproctitle-1.3.5-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:dc66b84beb0d5eb03abf0c3140c6d2cbe3d67ae9f0824a09dfa8c6ff164319a6"},
{file = "setproctitle-1.3.5-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:31dc9b330e7cac7685bdef790747c07914081c11ee1066eb0c597303dfb52010"},
{file = "setproctitle-1.3.5-pp310-pypy310_pp73-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4028639b511f5e641d116b3b54ad70c637ebd1b4baac0948283daf11b104119f"},
{file = "setproctitle-1.3.5-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:6bddef4e27d0ed74e44b58bf050bc3108591bf17d20d461fc59cd141282f849c"},
{file = "setproctitle-1.3.5-pp38-pypy38_pp73-macosx_11_0_arm64.whl", hash = "sha256:9996be1d1df399c3cdc6d72ce0064e46bc74fc6e29fe16a328511a303dd4d418"},
{file = "setproctitle-1.3.5-pp38-pypy38_pp73-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:5cefc2dbdc48121022c3c05644cd3706f08e0b3c0ce07814d3c04daba0617936"},
{file = "setproctitle-1.3.5-pp38-pypy38_pp73-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:cef63879c79a570aabf7c158f453bf8d1285f0fda4b6b9b7a52d64b49c084d40"},
{file = "setproctitle-1.3.5-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:a863296a31fb578726c570314cb78ff3a3fddb65963dc01ea33731760f20a92c"},
{file = "setproctitle-1.3.5-pp39-pypy39_pp73-macosx_11_0_arm64.whl", hash = "sha256:b63bda3cb4b6526720dc7c6940b891c593f41771d119aeb8763875801ce2296d"},
{file = "setproctitle-1.3.5-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:95913af603da5b4c7635bf1fb67ecc5df7c18360b6cfb6740fd743bb150a6e17"},
{file = "setproctitle-1.3.5-pp39-pypy39_pp73-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:36b130cf8fe76dc05ad1d48cc9ff3699eb1f0d8edbf6f46a3ce46a7041e49d7b"},
{file = "setproctitle-1.3.5-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:fe3bfd5e51c24349d022e062a96c316a1b8862ea9a0cf5ea2a8b2ae008b77cec"},
{file = "setproctitle-1.3.5.tar.gz", hash = "sha256:1e6eaeaf8a734d428a95d8c104643b39af7d247d604f40a7bebcf3960a853c5e"},
{file = "setproctitle-1.3.4-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:0f6661a69c68349172ba7b4d5dd65fec2b0917abc99002425ad78c3e58cf7595"},
{file = "setproctitle-1.3.4-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:754bac5e470adac7f7ec2239c485cd0b75f8197ca8a5b86ffb20eb3a3676cc42"},
{file = "setproctitle-1.3.4-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f7bc7088c15150745baf66db62a4ced4507d44419eb66207b609f91b64a682af"},
{file = "setproctitle-1.3.4-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:a46ef3ecf61e4840fbc1145fdd38acf158d0da7543eda7b773ed2b30f75c2830"},
{file = "setproctitle-1.3.4-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ffcb09d5c0ffa043254ec9a734a73f3791fec8bf6333592f906bb2e91ed2af1a"},
{file = "setproctitle-1.3.4-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:06c16b7a91cdc5d700271899e4383384a61aae83a3d53d0e2e5a266376083342"},
{file = "setproctitle-1.3.4-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:9f9732e59863eaeedd3feef94b2b216cb86d40dda4fad2d0f0aaec3b31592716"},
{file = "setproctitle-1.3.4-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:e152f4ab9ea1632b5fecdd87cee354f2b2eb6e2dfc3aceb0eb36a01c1e12f94c"},
{file = "setproctitle-1.3.4-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:020ea47a79b2bbd7bd7b94b85ca956ba7cb026e82f41b20d2e1dac4008cead25"},
{file = "setproctitle-1.3.4-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:8c52b12b10e4057fc302bd09cb3e3f28bb382c30c044eb3396e805179a8260e4"},
{file = "setproctitle-1.3.4-cp310-cp310-win32.whl", hash = "sha256:a65a147f545f3fac86f11acb2d0b316d3e78139a9372317b7eb50561b2817ba0"},
{file = "setproctitle-1.3.4-cp310-cp310-win_amd64.whl", hash = "sha256:66821fada6426998762a3650a37fba77e814a249a95b1183011070744aff47f6"},
{file = "setproctitle-1.3.4-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:f0f749f07002c2d6fecf37cedc43207a88e6c651926a470a5f229070cf791879"},
{file = "setproctitle-1.3.4-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:90ea8d302a5d30b948451d146e94674a3c5b020cc0ced9a1c28f8ddb0f203a5d"},
{file = "setproctitle-1.3.4-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f859c88193ed466bee4eb9d45fbc29d2253e6aa3ccd9119c9a1d8d95f409a60d"},
{file = "setproctitle-1.3.4-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b3afa5a0ed08a477ded239c05db14c19af585975194a00adf594d48533b23701"},
{file = "setproctitle-1.3.4-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:10a78fce9018cc3e9a772b6537bbe3fe92380acf656c9f86db2f45e685af376e"},
{file = "setproctitle-1.3.4-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5d758e2eed2643afac5f2881542fbb5aa97640b54be20d0a5ed0691d02f0867d"},
{file = "setproctitle-1.3.4-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:ef133a1a2ee378d549048a12d56f4ef0e2b9113b0b25b6b77821e9af94d50634"},
{file = "setproctitle-1.3.4-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:1d2a154b79d5fb42d1eff06e05e22f0e8091261d877dd47b37d31352b74ecc37"},
{file = "setproctitle-1.3.4-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:202eae632815571297833876a0f407d0d9c7ad9d843b38adbe687fe68c5192ee"},
{file = "setproctitle-1.3.4-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:2b0080819859e80a7776ac47cf6accb4b7ad313baf55fabac89c000480dcd103"},
{file = "setproctitle-1.3.4-cp311-cp311-win32.whl", hash = "sha256:9c9d7d1267dee8c6627963d9376efa068858cfc8f573c083b1b6a2d297a8710f"},
{file = "setproctitle-1.3.4-cp311-cp311-win_amd64.whl", hash = "sha256:475986ddf6df65d619acd52188336a20f616589403f5a5ceb3fc70cdc137037a"},
{file = "setproctitle-1.3.4-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:d06990dcfcd41bb3543c18dd25c8476fbfe1f236757f42fef560f6aa03ac8dfc"},
{file = "setproctitle-1.3.4-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:317218c9d8b17a010ab2d2f0851e8ef584077a38b1ba2b7c55c9e44e79a61e73"},
{file = "setproctitle-1.3.4-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:cb5fefb53b9d9f334a5d9ec518a36b92a10b936011ac8a6b6dffd60135f16459"},
{file = "setproctitle-1.3.4-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:0855006261635e8669646c7c304b494b6df0a194d2626683520103153ad63cc9"},
{file = "setproctitle-1.3.4-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1a88e466fcaee659679c1d64dcb2eddbcb4bfadffeb68ba834d9c173a25b6184"},
{file = "setproctitle-1.3.4-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f963b6ed8ba33eda374a98d979e8a0eaf21f891b6e334701693a2c9510613c4c"},
{file = "setproctitle-1.3.4-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:122c2e05697fa91f5d23f00bbe98a9da1bd457b32529192e934095fadb0853f1"},
{file = "setproctitle-1.3.4-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:1bba0a866f5895d5b769d8c36b161271c7fd407e5065862ab80ff91c29fbe554"},
{file = "setproctitle-1.3.4-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:97f1f861998e326e640708488c442519ad69046374b2c3fe9bcc9869b387f23c"},
{file = "setproctitle-1.3.4-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:726aee40357d4bdb70115442cb85ccc8e8bc554fc0bbbaa3a57cbe81df42287d"},
{file = "setproctitle-1.3.4-cp312-cp312-win32.whl", hash = "sha256:04d6ba8b816dbb0bfd62000b0c3e583160893e6e8c4233e1dca1a9ae4d95d924"},
{file = "setproctitle-1.3.4-cp312-cp312-win_amd64.whl", hash = "sha256:9c76e43cb351ba8887371240b599925cdf3ecececc5dfb7125c71678e7722c55"},
{file = "setproctitle-1.3.4-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:d6e3b177e634aa6bbbfbf66d097b6d1cdb80fc60e912c7d8bace2e45699c07dd"},
{file = "setproctitle-1.3.4-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:6b17655a5f245b416e127e02087ea6347a48821cc4626bc0fd57101bfcd88afc"},
{file = "setproctitle-1.3.4-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:fa5057a86df920faab8ee83960b724bace01a3231eb8e3f2c93d78283504d598"},
{file = "setproctitle-1.3.4-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:149fdfb8a26a555780c4ce53c92e6d3c990ef7b30f90a675eca02e83c6d5f76d"},
{file = "setproctitle-1.3.4-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ded03546938a987f463c68ab98d683af87a83db7ac8093bbc179e77680be5ba2"},
{file = "setproctitle-1.3.4-cp313-cp313-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8ab9f5b7f2bbc1754bc6292d9a7312071058e5a891b0391e6d13b226133f36aa"},
{file = "setproctitle-1.3.4-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:0b19813c852566fa031902124336fa1f080c51e262fc90266a8c3d65ca47b74c"},
{file = "setproctitle-1.3.4-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:db78b645dc63c0ccffca367a498f3b13492fb106a2243a1e998303ba79c996e2"},
{file = "setproctitle-1.3.4-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:b669aaac70bd9f03c070270b953f78d9ee56c4af6f0ff9f9cd3e6d1878c10b40"},
{file = "setproctitle-1.3.4-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:6dc3d656702791565994e64035a208be56b065675a5bc87b644c657d6d9e2232"},
{file = "setproctitle-1.3.4-cp313-cp313-win32.whl", hash = "sha256:091f682809a4d12291cf0205517619d2e7014986b7b00ebecfde3d76f8ae5a8f"},
{file = "setproctitle-1.3.4-cp313-cp313-win_amd64.whl", hash = "sha256:adcd6ba863a315702184d92d3d3bbff290514f24a14695d310f02ae5e28bd1f7"},
{file = "setproctitle-1.3.4-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:acf41cf91bbc5a36d1fa4455a818bb02bf2a4ccfed2f892ba166ba2fcbb0ec8a"},
{file = "setproctitle-1.3.4-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:ceb3ce3262b0e8e088e4117175591b7a82b3bdc5e52e33b1e74778b5fb53fd38"},
{file = "setproctitle-1.3.4-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2b2ef636a6a25fe7f3d5a064bea0116b74a4c8c7df9646b17dc7386c439a26cf"},
{file = "setproctitle-1.3.4-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:28b8614de08679ae95bc4e8d6daaef6b61afdf027fa0d23bf13d619000286b3c"},
{file = "setproctitle-1.3.4-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:24f3c8be826a7d44181eac2269b15b748b76d98cd9a539d4c69f09321dcb5c12"},
{file = "setproctitle-1.3.4-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fc9d79b1bf833af63b7c720a6604eb16453ac1ad4e718eb8b59d1f97d986b98c"},
{file = "setproctitle-1.3.4-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:fb693000b65842c85356b667d057ae0d0bac6519feca7e1c437cc2cfeb0afc59"},
{file = "setproctitle-1.3.4-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:a166251b8fbc6f2755e2ce9d3c11e9edb0c0c7d2ed723658ff0161fbce26ac1c"},
{file = "setproctitle-1.3.4-cp38-cp38-musllinux_1_2_ppc64le.whl", hash = "sha256:0361428e6378911a378841509c56ba472d991cbed1a7e3078ec0cacc103da44a"},
{file = "setproctitle-1.3.4-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:62d66e0423e3bd520b4c897063506b309843a8d07343fbfad04197e91a4edd28"},
{file = "setproctitle-1.3.4-cp38-cp38-win32.whl", hash = "sha256:5edd01909348f3b0b2da329836d6b5419cd4869fec2e118e8ff3275b38af6267"},
{file = "setproctitle-1.3.4-cp38-cp38-win_amd64.whl", hash = "sha256:59e0dda9ad245921af0328035a961767026e1fa94bb65957ab0db0a0491325d6"},
{file = "setproctitle-1.3.4-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:bdaaa81a6e95a0a19fba0285f10577377f3503ae4e9988b403feba79da3e2f80"},
{file = "setproctitle-1.3.4-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:4ee5b19a2d794463bcc19153dfceede7beec784b4cf7967dec0bc0fc212ab3a3"},
{file = "setproctitle-1.3.4-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3058a1bb0c767b3a6ccbb38b27ef870af819923eb732e21e44a3f300370fe159"},
{file = "setproctitle-1.3.4-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:5a97d37ee4fe0d1c6e87d2a97229c27a88787a8f4ebfbdeee95f91b818e52efe"},
{file = "setproctitle-1.3.4-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:6e61dd7d05da11fc69bb86d51f1e0ee08f74dccf3ecf884c94de41135ffdc75d"},
{file = "setproctitle-1.3.4-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:1eb115d53dc2a1299ae72f1119c96a556db36073bacb6da40c47ece5db0d9587"},
{file = "setproctitle-1.3.4-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:342570716e2647a51ea859b8a9126da9dc1a96a0153c9c0a3514effd60ab57ad"},
{file = "setproctitle-1.3.4-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:0ad212ae2b03951367a69584af034579b34e1e4199a75d377ef9f8e08ee299b1"},
{file = "setproctitle-1.3.4-cp39-cp39-musllinux_1_2_ppc64le.whl", hash = "sha256:4afcb38e22122465013f4621b7e9ff8d42a7a48ae0ffeb94133a806cb91b4aad"},
{file = "setproctitle-1.3.4-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:30bb223e6c3f95ad9e9bb2a113292759e947d1cfd60dbd4adb55851c370006b2"},
{file = "setproctitle-1.3.4-cp39-cp39-win32.whl", hash = "sha256:5f0521ed3bb9f02e9486573ea95e2062cd6bf036fa44e640bd54a06f22d85f35"},
{file = "setproctitle-1.3.4-cp39-cp39-win_amd64.whl", hash = "sha256:0baadeb27f9e97e65922b4151f818b19c311d30b9efdb62af0e53b3db4006ce2"},
{file = "setproctitle-1.3.4-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:939d364a187b2adfbf6ae488664277e717d56c7951a4ddeb4f23b281bc50bfe5"},
{file = "setproctitle-1.3.4-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:cb8a6a19be0cbf6da6fcbf3698b76c8af03fe83e4bd77c96c3922be3b88bf7da"},
{file = "setproctitle-1.3.4-pp310-pypy310_pp73-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:779006f9e1aade9522a40e8d9635115ab15dd82b7af8e655967162e9c01e2573"},
{file = "setproctitle-1.3.4-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:5519f2a7b8c535b0f1f77b30441476571373add72008230c81211ee17b423b57"},
{file = "setproctitle-1.3.4-pp38-pypy38_pp73-macosx_11_0_arm64.whl", hash = "sha256:743836d484151334ebba1490d6907ca9e718fe815dcd5756f2a01bc3067d099c"},
{file = "setproctitle-1.3.4-pp38-pypy38_pp73-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:abda20aff8d1751e48d7967fa8945fef38536b82366c49be39b83678d4be3893"},
{file = "setproctitle-1.3.4-pp38-pypy38_pp73-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:1a2041b5788ce52f218b5be94af458e04470f997ab46fdebd57cf0b8374cc20e"},
{file = "setproctitle-1.3.4-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:2c3b1ce68746557aa6e6f4547e76883925cdc7f8d7c7a9f518acd203f1265ca5"},
{file = "setproctitle-1.3.4-pp39-pypy39_pp73-macosx_11_0_arm64.whl", hash = "sha256:0b6a4cbabf024cb263a45bdef425760f14470247ff223f0ec51699ca9046c0fe"},
{file = "setproctitle-1.3.4-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:3e55d7ecc68bdc80de5a553691a3ed260395d5362c19a266cf83cbb4e046551f"},
{file = "setproctitle-1.3.4-pp39-pypy39_pp73-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:02ca3802902d91a89957f79da3ec44b25b5804c88026362cb85eea7c1fbdefd1"},
{file = "setproctitle-1.3.4-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:47669fc8ed8b27baa2d698104732234b5389f6a59c37c046f6bcbf9150f7a94e"},
{file = "setproctitle-1.3.4.tar.gz", hash = "sha256:3b40d32a3e1f04e94231ed6dfee0da9e43b4f9c6b5450d53e6dd7754c34e0c50"},
]
[package.extras]
@ -5006,13 +5007,13 @@ wsproto = ">=0.14"
[[package]]
name = "twilio"
version = "9.4.6"
version = "9.4.5"
description = "Twilio API client and TwiML generator"
optional = false
python-versions = ">=3.7.0"
files = [
{file = "twilio-9.4.6-py2.py3-none-any.whl", hash = "sha256:6d7d677fa9ded4ee0c366ad0155a1e0af51e129109af603b6ec9cdc8826a5c37"},
{file = "twilio-9.4.6.tar.gz", hash = "sha256:ff33a6c3609f4a0769d02c4eb75f7ab55ff2ba962762b076cd39ef7da56fdaa4"},
{file = "twilio-9.4.5-py2.py3-none-any.whl", hash = "sha256:284295946a5dcdaae65de9116c35db9065e1f3bd237d81da05b89fe1825013c6"},
{file = "twilio-9.4.5.tar.gz", hash = "sha256:8db69103a850cd05aaaa6bfb6952ef7a5d784aaff83f01d9a0c594b5ce784cd1"},
]
[package.dependencies]
@ -5853,13 +5854,12 @@ testing = ["coverage (>=5.0.3)", "zope.event", "zope.testing"]
[[package]]
name = "zxcvbn"
version = "4.5.0"
version = "4.4.28"
description = ""
optional = false
python-versions = "*"
files = [
{file = "zxcvbn-4.5.0-py2.py3-none-any.whl", hash = "sha256:2b6eed621612ce6d65e6e4c7455b966acee87d0280e257956b1f06ccc66bd5ff"},
{file = "zxcvbn-4.5.0.tar.gz", hash = "sha256:70392c0fff39459d7f55d0211151401e79e76fcc6e2c22b61add62900359c7c1"},
{file = "zxcvbn-4.4.28.tar.gz", hash = "sha256:151bd816817e645e9064c354b13544f85137ea3320ca3be1fb6873ea75ef7dc1"},
]
[metadata]

2
pyproject.toml
View File

@ -1,6 +1,6 @@
[tool.poetry]
name = "authentik"
version = "2025.2.0"
version = "2025.2.1"
description = ""
authors = ["authentik Team <hello@goauthentik.io>"]

2
schema.yml
View File

@ -1,7 +1,7 @@
openapi: 3.0.3
info:
title: authentik
version: 2025.2.0
version: 2025.2.1
description: Making authentication simple.
contact:
email: hello@goauthentik.io

2
scripts/api-ts-templates/README.mustache
View File

@ -4,7 +4,7 @@ This package provides a generated API Client for [authentik](https://goauthentik
### Building
See https://docs.goauthentik.io/docs/developer-docs/api/making-schema-changes#building-the-web-client
See https://docs.goauthentik.io/docs/developer-docs/making-schema-changes
### Consuming

6
web/build.mjs
View File

@ -88,11 +88,7 @@ const baseArgs = {
treeShaking: true,
external: ["*.woff", "*.woff2"],
tsconfig: "./tsconfig.json",
loader: {
".css": "text",
".md": "text",
".mdx": "text",
},
loader: { ".css": "text", ".md": "text" },
define: definitions,
format: "esm",
logOverride: {

8
web/package-lock.json generated
View File

@ -23,7 +23,7 @@
"@floating-ui/dom": "^1.6.11",
"@formatjs/intl-listformat": "^7.5.7",
"@fortawesome/fontawesome-free": "^6.6.0",
"@goauthentik/api": "^2025.2.0-1740418530",
"@goauthentik/api": "^2024.12.3-1739965710",
"@lit-labs/ssr": "^3.2.2",
"@lit/context": "^1.1.2",
"@lit/localize": "^0.12.2",
@ -1814,9 +1814,9 @@
}
},
"node_modules/@goauthentik/api": {
"version": "2025.2.0-1740418530",
"resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2025.2.0-1740418530.tgz",
"integrity": "sha512-vFoIzmEuQ7sbWxIEFP7l7OwEMt8M9TqvxScyv0liQSgGd/xanc2W/R+JuOdhq9ePrCfXa1YcmuZtT41HZXFP6g=="
"version": "2024.12.3-1739965710",
"resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2024.12.3-1739965710.tgz",
"integrity": "sha512-16zoQWeJhAFSwttvqLRoXoQA43tMW1ZXDEihW6r8rtWtlxqPh7n36RtcWYraYiLcjmJskI90zdgz6k1kmY5AXw=="
},
"node_modules/@goauthentik/web": {
"resolved": "",

2
web/package.json
View File

@ -11,7 +11,7 @@
"@floating-ui/dom": "^1.6.11",
"@formatjs/intl-listformat": "^7.5.7",
"@fortawesome/fontawesome-free": "^6.6.0",
"@goauthentik/api": "^2025.2.0-1740418530",
"@goauthentik/api": "^2024.12.3-1739965710",
"@lit-labs/ssr": "^3.2.2",
"@lit/context": "^1.1.2",
"@lit/localize": "^0.12.2",

2
web/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts
View File

@ -4,7 +4,7 @@ import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { EVENT_REFRESH } from "@goauthentik/common/constants";
import renderDescriptionList from "@goauthentik/components/DescriptionList";
import "@goauthentik/components/events/ObjectChangelog";
import MDProviderOAuth2 from "@goauthentik/docs/add-secure-apps/providers/oauth2/index.mdx";
import MDProviderOAuth2 from "@goauthentik/docs/add-secure-apps/providers/oauth2/index.md";
import { AKElement } from "@goauthentik/elements/Base";
import "@goauthentik/elements/CodeMirror";
import "@goauthentik/elements/EmptyState";

6
web/src/admin/providers/proxy/ProxyProviderViewPage.ts
View File

@ -13,7 +13,7 @@ import MDNginxStandalone from "@goauthentik/docs/add-secure-apps/providers/proxy
import MDTraefikCompose from "@goauthentik/docs/add-secure-apps/providers/proxy/_traefik_compose.md";
import MDTraefikIngress from "@goauthentik/docs/add-secure-apps/providers/proxy/_traefik_ingress.md";
import MDTraefikStandalone from "@goauthentik/docs/add-secure-apps/providers/proxy/_traefik_standalone.md";
import MDHeaderAuthentication from "@goauthentik/docs/add-secure-apps/providers/proxy/header_authentication.mdx";
import MDHeaderAuthentication from "@goauthentik/docs/add-secure-apps/providers/proxy/header_authentication.md";
import { AKElement } from "@goauthentik/elements/Base";
import "@goauthentik/elements/CodeMirror";
import "@goauthentik/elements/Markdown";
@ -118,7 +118,7 @@ export class ProxyProviderViewPage extends AKElement {
}
renderConfig(): TemplateResult {
const servers = [
const serves = [
{
label: msg("Nginx (Ingress)"),
md: MDNginxIngress,
@ -184,7 +184,7 @@ export class ProxyProviderViewPage extends AKElement {
},
];
return html`<ak-tabs pageIdentifier="proxy-setup">
${servers.map((server) => {
${serves.map((server) => {
return html`<section
slot="page-${convertToSlug(server.label)}"
data-tab-title="${server.label}"

2
web/src/common/constants.ts
View File

@ -3,7 +3,7 @@ export const SUCCESS_CLASS = "pf-m-success";
export const ERROR_CLASS = "pf-m-danger";
export const PROGRESS_CLASS = "pf-m-in-progress";
export const CURRENT_CLASS = "pf-m-current";
export const VERSION = "2025.2.0";
export const VERSION = "2025.2.1";
export const TITLE_DEFAULT = "authentik";
export const ROUTE_SEPARATOR = ";";

36
web/src/elements/ak-dual-select/ak-dual-select-provider.ts
View File

@ -1,5 +1,6 @@
import { AkControlElement } from "@goauthentik/elements/AkControlElement.js";
import { debounce } from "@goauthentik/elements/utils/debounce";
import { CustomListenerElement } from "@goauthentik/elements/utils/eventEmitter";
import { msg } from "@lit/localize";
import { PropertyValues, html } from "lit";
@ -11,11 +12,6 @@ import type { Pagination } from "@goauthentik/api";
import "./ak-dual-select";
import { AkDualSelect } from "./ak-dual-select";
import {
DualSelectChangeEvent,
DualSelectPaginatorNavEvent,
DualSelectSearchEvent,
} from "./events";
import type { DataProvider, DualSelectPair } from "./types";
/**
@ -30,7 +26,7 @@ import type { DataProvider, DualSelectPair } from "./types";
*/
@customElement("ak-dual-select-provider")
export class AkDualSelectProvider extends AkControlElement {
export class AkDualSelectProvider extends CustomListenerElement(AkControlElement) {
/** A function that takes a page and returns the DualSelectPair[] collection with which to update
* the "Available" pane.
*
@ -90,9 +86,9 @@ export class AkDualSelectProvider extends AkControlElement {
this.onNav = this.onNav.bind(this);
this.onChange = this.onChange.bind(this);
this.onSearch = this.onSearch.bind(this);
this.addEventListener(DualSelectPaginatorNavEvent.eventName, this.onNav);
this.addEventListener(DualSelectSearchEvent.eventName, this.onSearch);
this.addEventListener(DualSelectChangeEvent.eventName, this.onChange);
this.addCustomListener("ak-pagination-nav-to", this.onNav);
this.addCustomListener("ak-dual-select-change", this.onChange);
this.addCustomListener("ak-dual-select-search", this.onSearch);
}
willUpdate(changedProperties: PropertyValues<this>) {
@ -126,16 +122,26 @@ export class AkDualSelectProvider extends AkControlElement {
this.isLoading = false;
}
onNav(event: DualSelectPaginatorNavEvent) {
this.fetch(event.page);
onNav(event: Event) {
if (!(event instanceof CustomEvent)) {
throw new Error(`Expecting a CustomEvent for navigation, received ${event} instead`);
}
this.fetch(event.detail);
}
onChange(event: DualSelectChangeEvent) {
this.selected = this.internalSelected = event.selected;
onChange(event: Event) {
if (!(event instanceof CustomEvent)) {
throw new Error(`Expecting a CustomEvent for change, received ${event} instead`);
}
this.internalSelected = event.detail.value;
this.selected = this.internalSelected;
}
onSearch(event: DualSelectSearchEvent) {
this.doSearch(event.search);
onSearch(event: Event) {
if (!(event instanceof CustomEvent)) {
throw new Error(`Expecting a CustomEvent for change, received ${event} instead`);
}
this.doSearch(event.detail);
}
doSearch(search: string) {

113
web/src/elements/ak-dual-select/ak-dual-select.ts
View File

@ -1,5 +1,8 @@
import { AKElement } from "@goauthentik/elements/Base";
import { match } from "ts-pattern";
import {
CustomEmitterElement,
CustomListenerElement,
} from "@goauthentik/elements/utils/eventEmitter";
import { msg, str } from "@lit/localize";
import { PropertyValues, html, nothing } from "lit";
@ -20,13 +23,15 @@ import { AkDualSelectSelectedPane } from "./components/ak-dual-select-selected-p
import "./components/ak-pagination";
import "./components/ak-search-bar";
import {
DualSelectChangeEvent,
DualSelectMoveRequestEvent,
DualSelectPanelSearchEvent,
DualSelectSearchEvent,
DualSelectUpdateEvent,
} from "./events";
import type { BasePagination, DualSelectPair } from "./types";
EVENT_ADD_ALL,
EVENT_ADD_ONE,
EVENT_ADD_SELECTED,
EVENT_DELETE_ALL,
EVENT_REMOVE_ALL,
EVENT_REMOVE_ONE,
EVENT_REMOVE_SELECTED,
} from "./constants";
import type { BasePagination, DualSelectPair, SearchbarEvent } from "./types";
function alphaSort([_k1, v1, s1]: DualSelectPair, [_k2, v2, s2]: DualSelectPair) {
const [l, r] = [s1 !== undefined ? s1 : v1, s2 !== undefined ? s2 : v2];
@ -55,7 +60,7 @@ const keyfinder =
k === key;
@customElement("ak-dual-select")
export class AkDualSelect extends AKElement {
export class AkDualSelect extends CustomEmitterElement(CustomListenerElement(AKElement)) {
static get styles() {
return styles;
}
@ -91,9 +96,21 @@ export class AkDualSelect extends AKElement {
super();
this.handleMove = this.handleMove.bind(this);
this.handleSearch = this.handleSearch.bind(this);
this.addEventListener(DualSelectMoveRequestEvent.eventName, this.handleMove);
this.addEventListener(DualSelectUpdateEvent.eventName, () => this.requestUpdate());
this.addEventListener(DualSelectPanelSearchEvent.eventName, this.handleSearch);
[
EVENT_ADD_ALL,
EVENT_ADD_SELECTED,
EVENT_DELETE_ALL,
EVENT_REMOVE_ALL,
EVENT_REMOVE_SELECTED,
EVENT_ADD_ONE,
EVENT_REMOVE_ONE,
].forEach((eventName: string) => {
this.addCustomListener(eventName, (event: Event) => this.handleMove(eventName, event));
});
this.addCustomListener("ak-dual-select-move", () => {
this.requestUpdate();
});
this.addCustomListener("ak-search", this.handleSearch);
}
willUpdate(changedProperties: PropertyValues<this>) {
@ -106,17 +123,47 @@ export class AkDualSelect extends AKElement {
}
}
handleMove(event: DualSelectMoveRequestEvent) {
match(event.move)
.with("add-all", () => this.addAllVisible())
.with("add-one", () => this.addOne(event.key))
.with("add-selected", () => this.addSelected())
.with("delete-all", () => this.removeAll())
.with("remove-all", () => this.removeAllVisible())
.with("remove-one", () => this.removeOne(event.key))
.with("remove-selected", () => this.removeSelected())
.exhaustive();
this.dispatchEvent(new DualSelectChangeEvent(this.value));
handleMove(eventName: string, event: Event) {
if (!(event instanceof CustomEvent)) {
throw new Error(`Expected move event here, got ${eventName}`);
}
switch (eventName) {
case EVENT_ADD_SELECTED: {
this.addSelected();
break;
}
case EVENT_REMOVE_SELECTED: {
this.removeSelected();
break;
}
case EVENT_ADD_ALL: {
this.addAllVisible();
break;
}
case EVENT_REMOVE_ALL: {
this.removeAllVisible();
break;
}
case EVENT_DELETE_ALL: {
this.removeAll();
break;
}
case EVENT_ADD_ONE: {
this.addOne(event.detail);
break;
}
case EVENT_REMOVE_ONE: {
this.removeOne(event.detail);
break;
}
default:
throw new Error(
`AkDualSelect.handleMove received unknown event type: ${eventName}`,
);
}
this.dispatchCustomEvent("ak-dual-select-change", { value: this.value });
event.stopPropagation();
}
@ -135,10 +182,7 @@ export class AkDualSelect extends AKElement {
this.availablePane.value!.clearMove();
}
addOne(key?: string) {
if (!key) {
return;
}
addOne(key: string) {
const requested = this.options.find(keyfinder(key));
if (requested && !this.selected.find(keyfinder(requested[0]))) {
this.selected = [...this.selected, requested];
@ -163,10 +207,7 @@ export class AkDualSelect extends AKElement {
this.selectedPane.value!.clearMove();
}
removeOne(key?: string) {
if (!key) {
return;
}
removeOne(key: string) {
this.selected = this.selected.filter(([k]) => k !== key);
}
@ -182,18 +223,18 @@ export class AkDualSelect extends AKElement {
this.selectedPane.value!.clearMove();
}
handleSearch(event: DualSelectPanelSearchEvent) {
switch (event.source) {
handleSearch(event: SearchbarEvent) {
switch (event.detail.source) {
case "ak-dual-list-available-search":
return this.handleAvailableSearch(event.filterOn);
return this.handleAvailableSearch(event.detail.value);
case "ak-dual-list-selected-search":
return this.handleSelectedSearch(event.filterOn);
return this.handleSelectedSearch(event.detail.value);
}
event.stopPropagation();
}
handleAvailableSearch(value: string) {
this.dispatchEvent(new DualSelectSearchEvent(value));
this.dispatchCustomEvent("ak-dual-select-search", value);
}
handleSelectedSearch(value: string) {

80
web/src/elements/ak-dual-select/components/ak-dual-select-available-pane.ts
View File

@ -1,19 +1,26 @@
import { bound } from "@goauthentik/elements/decorators/bound";
import { AKElement } from "@goauthentik/elements/Base";
import { CustomEmitterElement } from "@goauthentik/elements/utils/eventEmitter";
import { html, nothing } from "lit";
import { customElement, property } from "lit/decorators.js";
import { customElement, property, state } from "lit/decorators.js";
import { classMap } from "lit/directives/class-map.js";
import { map } from "lit/directives/map.js";
import { availablePaneStyles } from "./styles.css";
import { availablePaneStyles, listStyles } from "./styles.css";
import PFButton from "@patternfly/patternfly/components/Button/button.css";
import PFDualListSelector from "@patternfly/patternfly/components/DualListSelector/dual-list-selector.css";
import PFBase from "@patternfly/patternfly/patternfly-base.css";
import {
DualSelectMoveAvailableEvent,
DualSelectMoveRequestEvent,
DualSelectUpdateEvent,
} from "../events";
import { EVENT_ADD_ONE } from "../constants";
import type { DualSelectPair } from "../types";
import { AkDualSelectAbstractPane } from "./ak-dual-select-pane";
const styles = [PFBase, PFButton, PFDualListSelector, listStyles, availablePaneStyles];
const hostAttributes = [
["aria-labelledby", "dual-list-selector-available-pane-status"],
["aria-multiselectable", "true"],
["role", "listbox"],
];
/**
* @element ak-dual-select-available-panel
@ -33,9 +40,9 @@ import { AkDualSelectAbstractPane } from "./ak-dual-select-pane";
*
*/
@customElement("ak-dual-select-available-pane")
export class AkDualSelectAvailablePane extends AkDualSelectAbstractPane {
export class AkDualSelectAvailablePane extends CustomEmitterElement(AKElement) {
static get styles() {
return [...AkDualSelectAbstractPane.styles, availablePaneStyles];
return styles;
}
/* The array of key/value pairs this pane is currently showing */
@ -49,31 +56,68 @@ export class AkDualSelectAvailablePane extends AkDualSelectAbstractPane {
@property({ type: Object })
readonly selected: Set<string> = new Set();
@bound
/* This is the only mutator for this object. It collects the list of objects the user has
* clicked on *in this pane*. It is explicitly marked as "public" to emphasize that the parent
* orchestrator for the dual-select widget can and will access it to get the list of keys to be
* moved (removed) if the user so requests.
*
*/
@state()
public toMove: Set<string> = new Set();
constructor() {
super();
this.onClick = this.onClick.bind(this);
this.onMove = this.onMove.bind(this);
}
connectedCallback() {
super.connectedCallback();
hostAttributes.forEach(([attr, value]) => {
if (!this.hasAttribute(attr)) {
this.setAttribute(attr, value);
}
});
}
clearMove() {
this.toMove = new Set();
}
onClick(key: string) {
if (this.selected.has(key)) {
return;
}
this.move(key);
this.dispatchEvent(new DualSelectMoveAvailableEvent(this.moveable.sort()));
this.dispatchEvent(new DualSelectUpdateEvent());
if (this.toMove.has(key)) {
this.toMove.delete(key);
} else {
this.toMove.add(key);
}
this.dispatchCustomEvent(
"ak-dual-select-available-move-changed",
Array.from(this.toMove.values()).sort(),
);
this.dispatchCustomEvent("ak-dual-select-move");
// Necessary because updating a map won't trigger a state change
this.requestUpdate();
}
@bound
onMove(key: string) {
this.toMove.delete(key);
this.dispatchEvent(new DualSelectMoveRequestEvent("add-one", key));
this.dispatchCustomEvent(EVENT_ADD_ONE, key);
this.requestUpdate();
}
get moveable() {
return Array.from(this.toMove.values());
}
// DO NOT use `Array.map()` instead of Lit's `map()` function. Lit's `map()` is object-aware and
// will not re-arrange or reconstruct the list automatically if the actual sources do not
// change; this allows the available pane to illustrate selected items with the checkmark
// without causing the list to scroll back up to the top.
override render() {
render() {
return html`
<div class="pf-c-dual-list-selector__menu">
<ul class="pf-c-dual-list-selector__list">

32
web/src/elements/ak-dual-select/components/ak-dual-select-controls.ts
View File

@ -1,4 +1,5 @@
import { AKElement } from "@goauthentik/elements/Base";
import { CustomEmitterElement } from "@goauthentik/elements/utils/eventEmitter";
import { msg } from "@lit/localize";
import { css, html, nothing } from "lit";
@ -7,7 +8,13 @@ import { customElement, property } from "lit/decorators.js";
import PFButton from "@patternfly/patternfly/components/Button/button.css";
import PFBase from "@patternfly/patternfly/patternfly-base.css";
import { DualSelectMoveRequestEvent, type MoveEventType } from "../events";
import {
EVENT_ADD_ALL,
EVENT_ADD_SELECTED,
EVENT_DELETE_ALL,
EVENT_REMOVE_ALL,
EVENT_REMOVE_SELECTED,
} from "../constants";
const styles = [
PFBase,
@ -40,7 +47,7 @@ const styles = [
*/
@customElement("ak-dual-select-controls")
export class AkDualSelectControls extends AKElement {
export class AkDualSelectControls extends CustomEmitterElement(AKElement) {
static get styles() {
return styles;
}
@ -89,11 +96,11 @@ export class AkDualSelectControls extends AKElement {
this.onClick = this.onClick.bind(this);
}
onClick(eventName: MoveEventType) {
this.dispatchEvent(new DualSelectMoveRequestEvent(eventName));
onClick(eventName: string) {
this.dispatchCustomEvent(eventName);
}
renderButton(label: string, event: MoveEventType, active: boolean, direction: string) {
renderButton(label: string, event: string, active: boolean, direction: string) {
return html`
<div class="pf-c-dual-list-selector__controls-item">
<button
@ -114,18 +121,23 @@ export class AkDualSelectControls extends AKElement {
render() {
return html`
<div class="ak-dual-list-selector__controls">
${this.renderButton(msg("Add"), "add-selected", this.addActive, "fa-angle-right")}
${this.renderButton(
msg("Add"),
EVENT_ADD_SELECTED,
this.addActive,
"fa-angle-right",
)}
${this.selectAll
? html`
${this.renderButton(
msg("Add All Available"),
"add-all",
EVENT_ADD_ALL,
this.addAllActive,
"fa-angle-double-right",
)}
${this.renderButton(
msg("Remove All Available"),
"remove-all",
EVENT_REMOVE_ALL,
this.removeAllActive,
"fa-angle-double-left",
)}
@ -133,14 +145,14 @@ export class AkDualSelectControls extends AKElement {
: nothing}
${this.renderButton(
msg("Remove"),
"remove-selected",
EVENT_REMOVE_SELECTED,
this.removeActive,
"fa-angle-left",
)}
${this.deleteAll
? html`${this.renderButton(
msg("Remove All"),
"delete-all",
EVENT_DELETE_ALL,
this.enableDeleteAll,
"fa-times",
)}`

75
web/src/elements/ak-dual-select/components/ak-dual-select-pane.ts
View File

@ -1,75 +0,0 @@
import { AKElement } from "@goauthentik/elements/Base";
import { TemplateResult } from "lit";
import { state } from "lit/decorators.js";
import { listStyles } from "./styles.css";
import PFButton from "@patternfly/patternfly/components/Button/button.css";
import PFDualListSelector from "@patternfly/patternfly/components/DualListSelector/dual-list-selector.css";
import PFBase from "@patternfly/patternfly/patternfly-base.css";
const styles = [PFBase, PFButton, PFDualListSelector, listStyles];
const hostAttributes = [
["aria-labelledby", "dual-list-selector-selected-pane-status"],
["aria-multiselectable", "true"],
["role", "listbox"],
];
/**
* @element ak-dual-select-panel
*
* The "selected options" or "right" pane in a dual-list multi-select. It receives from its parent
* a list of the selected options, and maintains an internal list of objects selected to move.
*
* @fires ak-dual-select-selected-move-changed - When the list of "to move" entries changed.
* Includes the current `toMove` content.
*
* @fires ak-dual-select-remove-one - Double-click with the element clicked on.
*
* It is not expected that the `ak-dual-select-selected-move-changed` will be used; instead, the
* attribute will be read by the parent when a control is clicked.
*
*/
export abstract class AkDualSelectAbstractPane extends AKElement {
static get styles() {
return styles;
}
/*
* This is the only mutator for this object. It collects the list of objects the user has
* clicked on *in this pane*. It is explicitly marked as "public" to emphasize that the parent
* orchestrator for the dual-select widget can and will access it to get the list of keys to be
* moved (removed) if the user so requests.
*
*/
@state()
public toMove: Set<string> = new Set();
connectedCallback() {
super.connectedCallback();
hostAttributes.forEach(([attr, value]) => {
if (!this.hasAttribute(attr)) {
this.setAttribute(attr, value);
}
});
}
clearMove() {
this.toMove = new Set();
}
move(key: string) {
if (this.toMove.has(key)) {
this.toMove.delete(key);
} else {
this.toMove.add(key);
}
}
get moveable() {
return Array.from(this.toMove.values());
}
abstract render(): TemplateResult;
}

81
web/src/elements/ak-dual-select/components/ak-dual-select-selected-pane.ts
View File

@ -1,19 +1,26 @@
import { bound } from "@goauthentik/elements/decorators/bound";
import { AKElement } from "@goauthentik/elements/Base";
import { CustomEmitterElement } from "@goauthentik/elements/utils/eventEmitter";
import { html } from "lit";
import { customElement, property } from "lit/decorators.js";
import { customElement, property, state } from "lit/decorators.js";
import { classMap } from "lit/directives/class-map.js";
import { map } from "lit/directives/map.js";
import { selectedPaneStyles } from "./styles.css";
import { listStyles, selectedPaneStyles } from "./styles.css";
import PFButton from "@patternfly/patternfly/components/Button/button.css";
import PFDualListSelector from "@patternfly/patternfly/components/DualListSelector/dual-list-selector.css";
import PFBase from "@patternfly/patternfly/patternfly-base.css";
import {
DualSelectMoveRequestEvent,
DualSelectMoveSelectedEvent,
DualSelectUpdateEvent,
} from "../events";
import { EVENT_REMOVE_ONE } from "../constants";
import type { DualSelectPair } from "../types";
import { AkDualSelectAbstractPane } from "./ak-dual-select-pane";
const styles = [PFBase, PFButton, PFDualListSelector, listStyles, selectedPaneStyles];
const hostAttributes = [
["aria-labelledby", "dual-list-selector-selected-pane-status"],
["aria-multiselectable", "true"],
["role", "listbox"],
];
/**
* @element ak-dual-select-available-panel
@ -31,32 +38,70 @@ import { AkDualSelectAbstractPane } from "./ak-dual-select-pane";
*
*/
@customElement("ak-dual-select-selected-pane")
export class AkDualSelectSelectedPane extends AkDualSelectAbstractPane {
export class AkDualSelectSelectedPane extends CustomEmitterElement(AKElement) {
static get styles() {
return [...AkDualSelectAbstractPane.styles, selectedPaneStyles];
return styles;
}
/* The array of key/value pairs that are in the selected list. ALL of them. */
@property({ type: Array })
readonly selected: DualSelectPair[] = [];
@bound
/*
* This is the only mutator for this object. It collects the list of objects the user has
* clicked on *in this pane*. It is explicitly marked as "public" to emphasize that the parent
* orchestrator for the dual-select widget can and will access it to get the list of keys to be
* moved (removed) if the user so requests.
*
*/
@state()
public toMove: Set<string> = new Set();
constructor() {
super();
this.onClick = this.onClick.bind(this);
this.onMove = this.onMove.bind(this);
}
connectedCallback() {
super.connectedCallback();
hostAttributes.forEach(([attr, value]) => {
if (!this.hasAttribute(attr)) {
this.setAttribute(attr, value);
}
});
}
clearMove() {
this.toMove = new Set();
}
onClick(key: string) {
this.move(key);
this.dispatchEvent(new DualSelectMoveSelectedEvent(this.moveable.sort()));
this.dispatchEvent(new DualSelectUpdateEvent());
if (this.toMove.has(key)) {
this.toMove.delete(key);
} else {
this.toMove.add(key);
}
this.dispatchCustomEvent(
"ak-dual-select-selected-move-changed",
Array.from(this.toMove.values()).sort(),
);
this.dispatchCustomEvent("ak-dual-select-move");
// Necessary because updating a map won't trigger a state change
this.requestUpdate();
}
@bound
onMove(key: string) {
this.toMove.delete(key);
this.dispatchEvent(new DualSelectMoveRequestEvent("remove-one", key));
this.dispatchCustomEvent(EVENT_REMOVE_ONE, key);
this.requestUpdate();
}
override render() {
get moveable() {
return Array.from(this.toMove.values());
}
render() {
return html`
<div class="pf-c-dual-list-selector__menu">
<ul class="pf-c-dual-list-selector__list">

6
web/src/elements/ak-dual-select/components/ak-pagination.ts
View File

@ -1,4 +1,5 @@
import { AKElement } from "@goauthentik/elements/Base";
import { CustomEmitterElement } from "@goauthentik/elements/utils/eventEmitter";
import { msg, str } from "@lit/localize";
import { css, html, nothing } from "lit";
@ -8,7 +9,6 @@ import PFButton from "@patternfly/patternfly/components/Button/button.css";
import PFPagination from "@patternfly/patternfly/components/Pagination/pagination.css";
import PFBase from "@patternfly/patternfly/patternfly-base.css";
import { DualSelectPaginatorNavEvent } from "../events";
import type { BasePagination } from "../types";
const styles = [
@ -27,7 +27,7 @@ const styles = [
];
@customElement("ak-pagination")
export class AkPagination extends AKElement {
export class AkPagination extends CustomEmitterElement(AKElement) {
static get styles() {
return styles;
}
@ -41,7 +41,7 @@ export class AkPagination extends AKElement {
}
onClick(nav: number | undefined) {
this.dispatchEvent(new DualSelectPaginatorNavEvent(nav ?? 0));
this.dispatchCustomEvent("ak-pagination-nav-to", nav ?? 0);
}
render() {

10
web/src/elements/ak-dual-select/components/ak-search-bar.ts
View File

@ -1,4 +1,5 @@
import { AKElement } from "@goauthentik/elements/Base";
import { CustomEmitterElement } from "@goauthentik/elements/utils/eventEmitter";
import { html } from "lit";
import { customElement, property } from "lit/decorators.js";
@ -8,12 +9,12 @@ import type { Ref } from "lit/directives/ref.js";
import { globalVariables, searchStyles } from "./search.css";
import PFBase from "@patternfly/patternfly/patternfly-base.css";
import { DualSelectPanelSearchEvent } from "../events";
import type { SearchbarEvent } from "../types";
const styles = [PFBase, globalVariables, searchStyles];
@customElement("ak-search-bar")
export class AkSearchbar extends AKElement {
export class AkSearchbar extends CustomEmitterElement(AKElement) {
static get styles() {
return styles;
}
@ -39,7 +40,10 @@ export class AkSearchbar extends AKElement {
if (this.input.value) {
this.value = this.input.value.value;
}
this.dispatchEvent(new DualSelectPanelSearchEvent(this.name, this.value));
this.dispatchCustomEvent<SearchbarEvent>("ak-search", {
source: this.name,
value: this.value,
});
}
render() {

112
web/src/elements/ak-dual-select/events.ts
View File

@ -1,112 +0,0 @@
import { DualSelectPair } from "./types";
// Handled by the Server layer provider
// Request to provide a different page of the paginated results in the "available" panel.
export class DualSelectPaginatorNavEvent extends Event {
static readonly eventName = "ak-dual-select-paginator-nav";
constructor(public page: number = 0) {
super(DualSelectPaginatorNavEvent.eventName, { bubbles: true, composed: true });
}
}
// Request to provide a filtered collection for the "available" panel via a search string
export class DualSelectSearchEvent extends Event {
static readonly eventName = "ak-dual-select-search";
constructor(public search: string) {
super(DualSelectSearchEvent.eventName, { bubbles: true, composed: true });
}
}
// Request to update the "selected" list in the provider
export class DualSelectChangeEvent extends Event {
static readonly eventName = "ak-dual-select-change";
constructor(public selected: DualSelectPair[]) {
super(DualSelectChangeEvent.eventName, { bubbles: true, composed: true });
}
}
// Paginator and specific item events
export const moveEvents = [
"add-all",
"add-one",
"add-selected",
"delete-all",
"remove-all",
"remove-one",
"remove-selected",
] as const;
export type MoveEventType = (typeof moveEvents)[number];
// Request to add or remove all, some, or just one item from the "selected" panel
export class DualSelectMoveRequestEvent extends Event {
static readonly eventName = "ak-dual-select-request-move";
constructor(
public move: MoveEventType,
public key?: string,
) {
super(DualSelectMoveRequestEvent.eventName, { bubbles: true, composed: true });
}
}
// Update events
// Request to update the viewset
export class DualSelectUpdateEvent extends Event {
static readonly eventName = "ak-dual-select-update";
constructor() {
super(DualSelectUpdateEvent.eventName, { bubbles: true, composed: true });
}
}
interface DualSelectMoveChangedEvent {
keys: string[];
}
// Request to update the list of "marked for move" items in the "available" panel
export class DualSelectMoveAvailableEvent extends Event implements DualSelectMoveChangedEvent {
static readonly eventName = "ak-dual-select-move-available";
constructor(public keys: string[]) {
super(DualSelectMoveAvailableEvent.eventName, { bubbles: true, composed: true });
}
}
// Request to update the list of "marked for move" items in the "selected" panel
export class DualSelectMoveSelectedEvent extends Event implements DualSelectMoveChangedEvent {
static readonly eventName = "ak-dual-select-move-selected";
constructor(public keys: string[]) {
super(DualSelectMoveSelectedEvent.eventName, { bubbles: true, composed: true });
}
}
// Request to update either panel with a Filter
export class DualSelectPanelSearchEvent extends Event {
static readonly eventName = "ak-dual-select-panel-search";
constructor(
public source: string,
public filterOn: string,
) {
super(DualSelectPanelSearchEvent.eventName, { bubbles: true, composed: true });
}
}
declare global {
interface HTMLElementEventMap {
[DualSelectUpdateEvent.eventName]: DualSelectUpdateEvent;
[DualSelectMoveAvailableEvent.eventName]: DualSelectMoveAvailableEvent;
[DualSelectMoveSelectedEvent.eventName]: DualSelectMoveSelectedEvent;
[DualSelectMoveRequestEvent.eventName]: DualSelectMoveRequestEvent;
[DualSelectPaginatorNavEvent.eventName]: DualSelectPaginatorNavEvent;
[DualSelectSearchEvent.eventName]: DualSelectSearchEvent;
[DualSelectChangeEvent.eventName]: DualSelectChangeEvent;
[DualSelectPanelSearchEvent.eventName]: DualSelectPanelSearchEvent;
}
interface WindowEventMap {
[DualSelectMoveRequestEvent.eventName]: DualSelectMoveRequestEvent;
[DualSelectPaginatorNavEvent.eventName]: DualSelectPaginatorNavEvent;
[DualSelectMoveSelectedEvent.eventName]: DualSelectMoveSelectedEvent;
}
}

7
web/src/elements/ak-dual-select/stories/ak-dual-select-available-pane.stories.ts
View File

@ -6,7 +6,6 @@ import { TemplateResult, html } from "lit";
import "../components/ak-dual-select-available-pane";
import { AkDualSelectAvailablePane } from "../components/ak-dual-select-available-pane";
import { DualSelectMoveSelectedEvent } from "../events";
import "./sb-host-provider";
const metadata: Meta<AkDualSelectAvailablePane> = {
@ -54,15 +53,15 @@ const container = (testItem: TemplateResult) =>
</div>`;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
const handleMoveChanged = (result: DualSelectMoveSelectedEvent) => {
const handleMoveChanged = (result: any) => {
const target = document.querySelector("#action-button-message-pad");
target!.innerHTML = "";
result.keys.forEach((key: string) => {
result.detail.forEach((key: string) => {
target!.append(new DOMParser().parseFromString(`<li>${key}</li>`, "text/xml").firstChild!);
});
};
window.addEventListener(DualSelectMoveSelectedEvent.eventName, handleMoveChanged);
window.addEventListener("ak-dual-select-available-move-changed", handleMoveChanged);
type Story = StoryObj;

8
web/src/elements/ak-dual-select/stories/ak-dual-select-controls.stories.ts
View File

@ -5,7 +5,6 @@ import { TemplateResult, html } from "lit";
import "../components/ak-dual-select-controls";
import { AkDualSelectControls } from "../components/ak-dual-select-controls";
import { DualSelectMoveRequestEvent } from "../events";
const metadata: Meta<AkDualSelectControls> = {
title: "Elements / Dual Select / Control Panel",
@ -60,9 +59,10 @@ const displayMessage = (result: any) => {
target!.appendChild(doc.firstChild!);
};
window.addEventListener(DualSelectMoveRequestEvent.eventName, (ev: DualSelectMoveRequestEvent) =>
displayMessage(ev.move.toString()),
);
window.addEventListener("ak-dual-select-add", () => displayMessage("add"));
window.addEventListener("ak-dual-select-remove", () => displayMessage("remove"));
window.addEventListener("ak-dual-select-add-all", () => displayMessage("add all"));
window.addEventListener("ak-dual-select-remove-all", () => displayMessage("remove all"));
type Story = StoryObj;

7
web/src/elements/ak-dual-select/stories/ak-dual-select-master.stories.ts
View File

@ -9,7 +9,6 @@ import { Pagination } from "@goauthentik/api";
import "../ak-dual-select";
import { AkDualSelect } from "../ak-dual-select";
import { DualSelectPaginatorNavEvent } from "../events";
import type { DualSelectPair } from "../types";
const goodForYouRaw = `
@ -84,11 +83,11 @@ export class AkSbFruity extends LitElement {
totalPages: Math.ceil(this.options.length / this.pageLength),
};
this.onNavigation = this.onNavigation.bind(this);
this.addEventListener(DualSelectPaginatorNavEvent.eventName, this.onNavigation);
this.addEventListener("ak-pagination-nav-to", this.onNavigation);
}
onNavigation(evt: DualSelectPaginatorNavEvent) {
const current = evt.page;
onNavigation(evt: Event) {
const current: number = (evt as CustomEvent).detail;
const index = current - 1;
if (index * this.pageLength > this.options.length) {
console.warn(

7
web/src/elements/ak-dual-select/stories/ak-dual-select-selected-pane.stories.ts
View File

@ -6,7 +6,6 @@ import { TemplateResult, html } from "lit";
import "../components/ak-dual-select-selected-pane";
import { AkDualSelectSelectedPane } from "../components/ak-dual-select-selected-pane";
import { DualSelectMoveSelectedEvent } from "../events";
import "./sb-host-provider";
const metadata: Meta<AkDualSelectSelectedPane> = {
@ -51,15 +50,15 @@ const container = (testItem: TemplateResult) =>
</div>`;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
const handleMoveChanged = (result: DualSelectMoveSelectedEvent) => {
const handleMoveChanged = (result: any) => {
const target = document.querySelector("#action-button-message-pad");
target!.innerHTML = "";
result.keys.forEach((key: string) => {
result.detail.forEach((key: string) => {
target!.append(new DOMParser().parseFromString(`<li>${key}</li>`, "text/xml").firstChild!);
});
};
window.addEventListener(DualSelectMoveSelectedEvent.eventName, handleMoveChanged);
window.addEventListener("ak-dual-select-selected-move-changed", handleMoveChanged);
type Story = StoryObj;

7
web/src/elements/ak-dual-select/stories/ak-pagination.stories.ts
View File

@ -5,7 +5,6 @@ import { TemplateResult, html } from "lit";
import "../components/ak-pagination";
import { AkPagination } from "../components/ak-pagination";
import { DualSelectPaginatorNavEvent } from "../events";
const metadata: Meta<AkPagination> = {
title: "Elements / Dual Select / Pagination Control",
@ -44,18 +43,18 @@ const container = (testItem: TemplateResult) =>
</div>`;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
const handleMoveChanged = (result: DualSelectPaginatorNavEvent) => {
const handleMoveChanged = (result: any) => {
console.debug(result);
const target = document.querySelector("#action-button-message-pad");
target!.append(
new DOMParser().parseFromString(
`<li>Request to move to page ${result.page}</li>`,
`<li>Request to move to page ${result.detail}</li>`,
"text/xml",
).firstChild!,
);
};
window.addEventListener(DualSelectPaginatorNavEvent.eventName, handleMoveChanged);
window.addEventListener("ak-pagination-nav-to", handleMoveChanged);
type Story = StoryObj;

7
web/src/elements/ak-dual-select/types.ts
View File

@ -29,3 +29,10 @@ export type DataProvision = {
};
export type DataProvider = (page: number, search?: string) => Promise<DataProvision>;
export interface SearchbarEvent extends CustomEvent {
detail: {
source: string;
value: string;
};
}

27
web/src/flow/FlowExecutor.ts
View File

@ -5,6 +5,7 @@ import {
TITLE_DEFAULT,
} from "@goauthentik/common/constants";
import { globalAK } from "@goauthentik/common/global";
import { purify } from "@goauthentik/common/purify";
import { configureSentry } from "@goauthentik/common/sentry";
import { first } from "@goauthentik/common/utils";
import { WebsocketClient } from "@goauthentik/common/ws";
@ -13,7 +14,6 @@ import "@goauthentik/elements/LoadingOverlay";
import "@goauthentik/elements/ak-locale-context";
import { DefaultBrand } from "@goauthentik/elements/sidebar/SidebarBrand";
import { themeImage } from "@goauthentik/elements/utils/images";
import "@goauthentik/flow/components/ak-brand-footer";
import "@goauthentik/flow/sources/apple/AppleLoginInit";
import "@goauthentik/flow/sources/plex/PlexLoginInit";
import "@goauthentik/flow/stages/FlowErrorStage";
@ -537,10 +537,27 @@ export class FlowExecutor extends Interface implements StageHost {
</div>
${until(this.renderChallenge())}
</div>
<ak-brand-links
class="pf-c-login__footer"
.links=${this.brand?.uiFooterLinks ?? []}
></ak-brand-links>
<footer class="pf-c-login__footer">
<ul class="pf-c-list pf-m-inline">
${this.brand?.uiFooterLinks?.map((link) => {
if (link.href) {
return html`${purify(
html`<li>
<a href="${link.href}"
>${link.name}</a
>
</li>`,
)}`;
}
return html`<li>
<span>${link.name}</span>
</li>`;
})}
<li>
<span>${msg("Powered by authentik")}</span>
</li>
</ul>
</footer>
</div>
</div>
</div>

51
web/src/flow/components/ak-brand-footer.ts
View File

@ -1,51 +0,0 @@
import { purify } from "@goauthentik/common/purify";
import { AKElement } from "@goauthentik/elements/Base.js";
import { msg } from "@lit/localize";
import { css, html } from "lit";
import { customElement, property } from "lit/decorators.js";
import { map } from "lit/directives/map.js";
import PFList from "@patternfly/patternfly/components/List/list.css";
import PFBase from "@patternfly/patternfly/patternfly-base.css";
import { FooterLink } from "@goauthentik/api";
const styles = css`
.pf-c-list a {
color: unset;
}
ul.pf-c-list.pf-m-inline {
justify-content: center;
padding: calc(var(--pf-global--spacer--xs) / 2) 0px;
}
`;
const poweredBy: FooterLink = { name: msg("Powered by authentik"), href: null };
@customElement("ak-brand-links")
export class BrandLinks extends AKElement {
static get styles() {
return [PFBase, PFList, styles];
}
@property({ type: Array, attribute: false })
links: FooterLink[] = [];
render() {
const links = [...(this.links ?? []), poweredBy];
return html` <ul class="pf-c-list pf-m-inline">
${map(links, (link) =>
link.href
? purify(html`<li><a href="${link.href}">${link.name}</a></li>`)
: html`<li><span>${link.name}</span></li>`,
)}
</ul>`;
}
}
declare global {
interface HTMLElementTagNameMap {
"ak-brand-links": BrandLinks;
}
}

6
web/src/global.d.ts vendored
View File

@ -6,12 +6,6 @@ declare module "*.md" {
const filename: string;
}
declare module "*.mdx" {
const html: string;
const metadata: { [key: string]: string };
const filename: string;
}
declare namespace Intl {
class ListFormat {
constructor(locale: string, args: { [key: string]: string });

92
web/xliff/de.xlf
View File

@ -8600,7 +8600,7 @@ Bindings to groups/users are checked against the user of the event.</source>
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
<source>Strict</source>
@ -8926,96 +8926,6 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/en.xlf
View File

@ -7128,7 +7128,7 @@ Bindings to groups/users are checked against the user of the event.</source>
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
<source>Strict</source>
@ -7453,96 +7453,6 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/es.xlf
View File

@ -8688,7 +8688,7 @@ Las vinculaciones a grupos o usuarios se comparan con el usuario del evento.</ta
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<target>Aplicaciones externas que utilizan <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> como proveedor de identidad a través de protocolos como OAuth2 y SAML. Aquí se muestran todas las aplicaciones, incluso aquellas a las que no puede acceder.</target>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
@ -9019,96 +9019,6 @@ Las vinculaciones a grupos o usuarios se comparan con el usuario del evento.</ta
</trans-unit>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/fr.xlf
View File

@ -9046,7 +9046,7 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
<target>Cette option configure les liens affichés en bas de page sur lexécuteur de flux. L'URL est limitée à des addresses web et courriel. Si le nom est laissé vide, l'URL sera affichée.</target>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<target>Applications externes qui utilisent <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> comme fournisseur d'identité en utilisant des protocoles comme OAuth2 et SAML. Toutes les applications sont affichées ici, même celles auxquelles vous n'avez pas accès.</target>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
@ -9482,96 +9482,6 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
<target>Moins de détails</target>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/it.xlf
View File

@ -9015,7 +9015,7 @@ Bindings to groups/users are checked against the user of the event.</source>
<target>Questo opzione configura il link in basso nel flusso delle pagine di esecuzione. L'URL e' limitato a web e indirizzo mail-Se il nome viene lasciato vuoto, verra' visualizzato l'URL</target>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<target>Applicazioni esterne che usano <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> come identity provider tramite protocolli come OAuth2 e SAML. Sono mostrate tutte le applicazioni, anche quelle alle quali non hai accesso.</target>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
@ -9370,96 +9370,6 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/ko.xlf
View File

@ -8600,7 +8600,7 @@ Bindings to groups/users are checked against the user of the event.</source>
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
<source>Strict</source>
@ -8926,96 +8926,6 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/nl.xlf
View File

@ -8501,7 +8501,7 @@ Bindingen naar groepen/gebruikers worden gecontroleerd tegen de gebruiker van de
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
<source>Strict</source>
@ -8827,96 +8827,6 @@ Bindingen naar groepen/gebruikers worden gecontroleerd tegen de gebruiker van de
</trans-unit>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/pl.xlf
View File

@ -8930,7 +8930,7 @@ Powiązania z grupami/użytkownikami są sprawdzane względem użytkownika zdarz
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
<source>Strict</source>
@ -9256,96 +9256,6 @@ Powiązania z grupami/użytkownikami są sprawdzane względem użytkownika zdarz
</trans-unit>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/pseudo-LOCALE.xlf
View File

@ -8937,7 +8937,7 @@ Bindings to groups/users are checked against the user of the event.</source>
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
<source>Strict</source>
@ -9263,94 +9263,4 @@ Bindings to groups/users are checked against the user of the event.</source>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body></file></xliff>

92
web/xliff/ru.xlf
View File

@ -8963,7 +8963,7 @@ Bindings to groups/users are checked against the user of the event.</source>
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
<source>Strict</source>
@ -9289,96 +9289,6 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/tr.xlf
View File

@ -8993,7 +8993,7 @@ Gruplara/kullanıcılara yapılan bağlamalar, etkinliğin kullanıcısına kar
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
<source>Strict</source>
@ -9319,96 +9319,6 @@ Gruplara/kullanıcılara yapılan bağlamalar, etkinliğin kullanıcısına kar
</trans-unit>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/zh-CN.xlf
View File

@ -5730,7 +5730,7 @@ Bindings to groups/users are checked against the user of the event.</source>
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
<source>Strict</source>
@ -6056,96 +6056,6 @@ Bindings to groups/users are checked against the user of the event.</source>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>
</xliff>

92
web/xliff/zh-Hans.xlf
View File

@ -9047,7 +9047,7 @@ Bindings to groups/users are checked against the user of the event.</source>
<target>此选项配置流程执行器页面上的页脚链接。URL 限为 Web 和电子邮件地址。如果名称留空,则显示 URL 自身。</target>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<target>通过 OAuth2 和 SAML 等协议,使用 <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> 作为身份提供程序的外部应用程序。此处显示了所有应用程序,即使您无法访问的也包括在内。</target>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
@ -9483,96 +9483,6 @@ Bindings to groups/users are checked against the user of the event.</source>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
<target>显示更少</target>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/zh-Hant.xlf
View File

@ -6828,7 +6828,7 @@ Bindings to groups/users are checked against the user of the event.</source>
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
<source>Strict</source>
@ -7153,96 +7153,6 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

92
web/xliff/zh_TW.xlf
View File

@ -8577,7 +8577,7 @@ Bindings to groups/users are checked against the user of the event.</source>
<source>This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown.</source>
</trans-unit>
<trans-unit id="s66f572bec2bde9c4">
<source>External applications that use <x id="0" equiv-text="${this.brand?.brandingTitle ?? &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
<source>External applications that use <x id="0" equiv-text="${this.brand.brandingTitle || &quot;authentik&quot;}"/> as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s58bec0ecd4f3ccd4">
<source>Strict</source>
@ -8903,96 +8903,6 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s47b7ce63a543564c">
<source>Fewer details</source>
</trans-unit>
<trans-unit id="s140111d464591e6b">
<source>Create a new application and configure a provider for it.</source>
</trans-unit>
<trans-unit id="s5e0c81c05565bf42">
<source>Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider.</source>
</trans-unit>
<trans-unit id="s035bfd9c5f97e4d3">
<source>Distance settings</source>
</trans-unit>
<trans-unit id="s207e6f8a8b3515fd">
<source>Check historical distance of logins</source>
</trans-unit>
<trans-unit id="s8158f4b3e5c869be">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins.</source>
</trans-unit>
<trans-unit id="sb8b7450c8515894c">
<source>Maximum distance</source>
</trans-unit>
<trans-unit id="s40cdbaa532bc9899">
<source>Maximum distance a login attempt is allowed from in kilometers.</source>
</trans-unit>
<trans-unit id="seef852b5c0f8a529">
<source>Distance tolerance</source>
</trans-unit>
<trans-unit id="sce567ced300aeb8a">
<source>Tolerance in checking for distances in kilometers.</source>
</trans-unit>
<trans-unit id="s9ea9cdabd74f8f97">
<source>Historical Login Count</source>
</trans-unit>
<trans-unit id="s27aec4c2de1ae777">
<source>Amount of previous login events to check against.</source>
</trans-unit>
<trans-unit id="s48611ce6e85874dc">
<source>Check impossible travel</source>
</trans-unit>
<trans-unit id="s8cf926e8311f8065">
<source>When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event.</source>
</trans-unit>
<trans-unit id="sa963d05af436770b">
<source>Impossible travel tolerance</source>
</trans-unit>
<trans-unit id="s5760cd97ca42a238">
<source>Static rule settings</source>
</trans-unit>
<trans-unit id="s8fec035fa1737294">
<source>Create with Provider</source>
</trans-unit>
<trans-unit id="sca2487321ec12bd6">
<source>Email address the verification email will be sent from.</source>
</trans-unit>
<trans-unit id="s24a8fdfc73e8137f">
<source>Stage used to configure an email-based authenticator.</source>
</trans-unit>
<trans-unit id="sea0da186a814a212">
<source>Use global connection settings</source>
</trans-unit>
<trans-unit id="s7754fa56a4439de4">
<source>When enabled, global email connection settings will be used and connection settings below will be ignored.</source>
</trans-unit>
<trans-unit id="s7e2bcca51126ec9c">
<source>Subject of the verification email.</source>
</trans-unit>
<trans-unit id="sc12c90b1da0f3a47">
<source>Token expiration</source>
</trans-unit>
<trans-unit id="sc264a82f9c710f14">
<source>Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).</source>
</trans-unit>
<trans-unit id="s15986693bfc99fb7">
<source>Email-based Authenticators</source>
</trans-unit>
<trans-unit id="s6bb30c61df4cf486">
<source>Caps Lock is enabled.</source>
</trans-unit>
<trans-unit id="s3f8a07912545e72e">
<source>Configure your email</source>
</trans-unit>
<trans-unit id="scedf77e8b75cad5a">
<source>Please enter your email address.</source>
</trans-unit>
<trans-unit id="s7cdd62c100b6b17b">
<source>Please enter the code you received via email</source>
</trans-unit>
<trans-unit id="s1d64dba9bb8b284d">
<source>A code has been sent to you via email<x id="0" equiv-text="${email ? ` ${email}` : &quot;&quot;}"/></source>
</trans-unit>
<trans-unit id="s833cfe815918c143">
<source>Tokens sent via email.</source>
</trans-unit>
</body>
</file>

4
website/docs/add-secure-apps/applications/index.md
View File

@ -6,12 +6,12 @@ Applications, as defined in authentik, are used to configure and separate the au
When a user logs into authentik, they see a list of the applications for which authentik is configured to provide authentication and authorization (the applications that that they are authorized to use).
Applications are the "other half" of providers. They typically exist in a 1-to-1 relationship; each application needs a provider and every provider can be used with one application. Applications can, however, use specific, additional providers to augment the functionality of the main provider. For more information, see [Backchannel providers](./manage_apps.mdx#backchannel-providers).
Applications are the "other half" of providers. They typically exist in a 1-to-1 relationship; each application needs a provider and every provider can be used with one application. Applications can, however, use specific, additional providers to augment the functionality of the main provider. For more information, see [Backchannel providers](./manage_apps.md#backchannel-providers).
Furthermore, the [RAC (Remote Access Control)](../providers/rac/index.md) feature uses a single application and a single provider, but multiple "endpoints". An endpoint defines each remote machine.
:::info
For information about creating and managing applications, refer to [Manage applications](./manage_apps.mdx).
For information about creating and managing applications, refer to [Manage applications](./manage_apps.md).
:::
## Appearance

8
website/docs/add-secure-apps/applications/manage_apps.mdx → website/docs/add-secure-apps/applications/manage_apps.md
View File

@ -37,12 +37,8 @@ When multiple policies/groups/users are attached, you can configure the _Policy
## Application Entitlements
<p className="badge-group">
:ak-version[2024.12]
:ak-preview
</p>
<span class="badge badge--preview">Preview</span>
<span class="badge badge--version">authentik 2024.12+</span>
Application entitlements can be used through authentik to manage authorization within an application (what areas of the app users or groups can access). Entitlements are scoped to a single application and can be bound to multiple users and/or groups (binding policies is not currently supported), giving them access to the entitlement. An application can either check for the name of the entitlement (via the `entitlements` scope), or via attributes stored in entitlements.

2
website/docs/add-secure-apps/flows-stages/bindings/index.md
View File

@ -24,7 +24,7 @@ A _policy binding_ connects a specific policy to a flow or to a stage. With the
You can also bind groups and users to another component (a policy, a stage, a flow, etc.). For example, you can create a binding for a specific group, and then [bind that to a stage binding](../stages/index.md#bind-users-and-groups-to-a-flows-stage-binding), with the result that everyone in that group now will see that stage (and any policies bound to that stage) as part of their flow. Or more specifically, and going one step deeper, you can also _bind a binding to a binding_.
Bindings are also used for [Application Entitlements](../../applications/manage_apps.mdx#application-entitlements), where you can bind specific users or groups to an application as a way to manage who has access to the application.
Bindings are also used for [Application Entitlements](../../applications/manage_apps.md#application-entitlements), where you can bind specific users or groups to an application as a way to manage who has access to the application.
It's important to remember that bindings are instantiated objects themselves, and conceptually can be considered as a "connector" between two components. This is why you might read about "binding a binding", because technically, a binding is "spliced" into another binding, in order to intercept and enforce the criteria defined in the second binding.

4
website/docs/add-secure-apps/flows-stages/bindings/work_with_bindings.md
View File

@ -8,6 +8,6 @@ For instructions to create a binding, refer to the documentation for the specifi
- [Bind a stage to a flow](../stages/index.md#bind-a-stage-to-a-flow)
- [Bind a policy to a flow or stage](../../../customize/policies/working_with_policies#bind-a-policy-to-a-flow-or-stage)
- [Bind users or groups to a specific application with an Application Entitlement](../../applications/manage_apps.mdx#application-entitlements)
- [Bind a policy to a specific application when you create a new application and provider](../../applications/manage_apps.mdx#instructions)
- [Bind users or groups to a specific application with an Application Entitlement](../../applications/manage_apps.md#application-entitlements)
- [Bind a policy to a specific application when you create a new application and provider](../../applications/manage_apps.md#instructions)
- [Bind users and groups to a stage binding, to define whether or not that stage is shown](../stages/index.md#bind-users-and-groups-to-a-flows-stage-binding)

24
website/docs/add-secure-apps/flows-stages/flow/context/index.mdx → website/docs/add-secure-apps/flows-stages/flow/context/index.md
View File

@ -24,11 +24,11 @@ Keys prefixed with `goauthentik.io` are used internally by authentik and are sub
### Common keys
#### `pending_user` ([User object](../../../../users-sources/user/user_ref.mdx#object-properties))
#### `pending_user` ([User object](../../../../users-sources/user/user_ref.md#object-properties))
`pending_user` is used by multiple stages. In the context of most flow executions, it represents the data of the user that is executing the flow. This value is not set automatically, it is set via the [Identification stage](../../stages/identification/index.mdx).
`pending_user` is used by multiple stages. In the context of most flow executions, it represents the data of the user that is executing the flow. This value is not set automatically, it is set via the [Identification stage](../../stages/identification/index.md).
Stages that require a user, such as the [Password stage](../../stages/password/index.md), the [Authenticator validation stage](../../stages/authenticator_validate/index.mdx) and others will use this value if it is set, and fallback to the request's users when possible.
Stages that require a user, such as the [Password stage](../../stages/password/index.md), the [Authenticator validation stage](../../stages/authenticator_validate/index.md) and others will use this value if it is set, and fallback to the request's users when possible.
#### `prompt_data` (Dictionary)
@ -62,7 +62,7 @@ When an unauthenticated user attempts to access a secured resource, they are red
When a user authenticates/enrolls via an external source, this will be set to the source they are using.
#### `outpost` (dictionary):ak-version[2024.10]
#### `outpost` (dictionary) <span class="badge badge--version">authentik 2024.10+</span>
When a flow is executed by an Outpost (for example the [LDAP](../../../providers/ldap/index.md) or [RADIUS](../../../providers/radius/index.mdx)), this will be set to a dictionary containing the Outpost instance under the key `"instance"`.
@ -76,7 +76,7 @@ This key is set to `True` when the flow is executed from an "SSO" context. For e
This key is set when a flow execution is continued from a token. This happens for example when an [Email stage](../../stages/email/index.mdx) is used and the user clicks on the link within the email. The token object contains the key that was used to restore the flow execution.
#### `is_redirected` (Flow object):ak-version[2024.12]
#### `is_redirected` (Flow object) <span class="badge badge--version">authentik 2024.12+</span>
This key is set when the current flow was reached through a [Redirect stage](../../stages/redirect/index.md) in Flow mode.
@ -98,7 +98,7 @@ URL that the form will be submitted to.
Key-value pairs of the data that is included in the form and will be submitted to `url`.
#### Captcha stage:ak-version[2024.6]
#### Captcha stage <span class="badge badge--version">authentik 2024.6+</span>
##### `captcha` (dictionary)
@ -118,7 +118,7 @@ An optional list of all permissions that will be given to the application by gra
#### Deny stage
##### `deny_message` (string)
##### `deny_message` (string) <span class="badge badge--version">authentik 2023.10+</span>
Optionally overwrite the deny message shown, has a higher priority than the message configured in the stage.
@ -134,7 +134,7 @@ If set, this must be a list of group objects and not group names.
Path the `pending_user` will be written to. If not set in the flow, falls back to the value set in the user_write stage, and otherwise to the `users` path.
##### `user_type` (string)
##### `user_type` (string) <span class="badge badge--version">authentik 2023.10+</span>
Type the `pending_user` will be created as. Must be one of `internal`, `external` or `service_account`.
@ -146,7 +146,7 @@ Set by the [Password stage](../../stages/password/index.md) after successfully a
##### `auth_method` (string)
Set by the [Password stage](../../stages/password/index.md), the [Authenticator validation stage](../../stages/authenticator_validate/index.mdx), the [OAuth2 Provider](../../../providers/oauth2/index.mdx), and the API authentication depending on which method was used to authenticate.
Set by the [Password stage](../../stages/password/index.md), the [Authenticator validation stage](../../stages/authenticator_validate/index.md), the [OAuth2 Provider](../../../providers/oauth2/index.md), and the API authentication depending on which method was used to authenticate.
Possible options:
@ -154,8 +154,8 @@ Possible options:
- `token` (Authenticated via API token)
- `ldap` (Authenticated via LDAP bind from an LDAP source)
- `auth_mfa` (Authentication via MFA device without password)
- `auth_webauthn_pwl` (Passwordless authentication via WebAuthn with Passkeys)
- `jwt` ([M2M](../../../providers/oauth2/client_credentials.mdx) authentication via an existing JWT)
- `auth_webauthn_pwl` (Passwordless authentication via WebAuthn)
- `jwt` ([M2M](../../../providers/oauth2/client_credentials.md) authentication via an existing JWT)
##### `auth_method_args` (dictionary)
@ -198,7 +198,7 @@ If _Show matched user_ is disabled, this key will be set to the user identifier
#### Redirect stage
##### `redirect_stage_target` (string):ak-version[2024.12]
##### `redirect_stage_target` (string) <span class="badge badge--version">authentik 2024.12+</span>
[Set this key](../../../../customize/policies/expression/managing_flow_context_keys.md) in an Expression Policy to override [Redirect stage](../../stages/redirect/index.md) to force it to redirect to a certain URL or flow. This is useful when a flow requires that the redirection target be decided dynamically.

2
website/docs/add-secure-apps/flows-stages/flow/examples/snippets.mdx → website/docs/add-secure-apps/flows-stages/flow/examples/snippets.md
View File

@ -2,7 +2,7 @@
title: Example policy snippets for flows
---
### Redirect current flow to another URL
### Redirect current flow to another URL <span class="badge badge--version">authentik 2022.7+</span>
```python
plan = request.context.get("flow_plan")

4
website/docs/add-secure-apps/flows-stages/flow/executors/headless.md
View File

@ -6,6 +6,6 @@ The headless flow executor is used by clients that don't have access to the web
The following stages are supported:
- [**Identification stage**](../../stages/identification/index.mdx)
- [**Identification stage**](../../stages/identification/index.md)
- [**Password stage**](../../stages/password/index.md)
- [**Authenticator Validation Stage**](../../stages/authenticator_validate/index.mdx)
- [**Authenticator Validation Stage**](../../stages/authenticator_validate/index.md)

7
website/docs/add-secure-apps/flows-stages/flow/executors/sfe.md
View File

@ -1,8 +1,9 @@
---
title: Simplified flow executor
authentik_version: "2024.6.1"
---
<span class="badge badge--version">authentik 2024.6.1+</span>
A simplified web-based flow executor that authentik automatically uses for older browsers that do not support modern web technologies.
Currently this flow executor is automatically used for the following browsers:
@ -12,14 +13,14 @@ Currently this flow executor is automatically used for the following browsers:
The following stages are supported:
- [**Identification stage**](../../stages/identification/index.mdx)
- [**Identification stage**](../../stages/identification/index.md)
:::info
Only user identifier and user identifier + password stage configurations are supported; sources and passwordless configurations are not supported.
:::
- [**Password stage**](../../stages/password/index.md)
- [**Authenticator Validation Stage**](../../stages/authenticator_validate/index.mdx)
- [**Authenticator Validation Stage**](../../stages/authenticator_validate/index.md)
Compared to the [default flow executor](./if-flow.md), this flow executor does _not_ support the following features:

4
website/docs/add-secure-apps/flows-stages/flow/executors/user-settings.md
View File

@ -2,6 +2,10 @@
title: User settings
---
<span class="badge badge--version">authentik 2023.3+</span>
---
The user interface (/if/user/) uses a specialized flow executor to allow individual users to customize their profile. A user's profile consists of key/value fields, so this executor only supports Prompt or User Write stages. If the configured flow contains another stage, a button will be shown to open the default executor.
Because the stages in a flow can change during its execution, be awre that configuring this executor to use any stage type other than Prompt or User Write will automatically trigger a redirect to the standard executor.

2
website/docs/add-secure-apps/flows-stages/flow/flow_list/_defaultflowlist.mdx
View File

@ -6,7 +6,7 @@
- **Invalidation**: designates a default flow to be used to invalidate a session. Use `default-invalidation-flow` for invalidation from authentik itself, or use `default-provider-invalidation-flow` to invalidate when the session of an application ends. When you use the `default-invalidation-flow` as a global invalidation flow, it should contain a [**User Logout**](../../stages/user_logout.md) stage. When you use the `default-provider-invalidation-flow` (supported with OIDC, SAML, Proxy, and RAC providers), you can configure this default flow to present users log-off options such as "log out of the app but remain logged in to authentik" or "return to the **My Applications** page", or "log out completely". (Alternatively, you can create a custom invalidation flow, with a branded background image.)
- **Recovery**: designates a flow for recovery. This flow normally contains an [**Identification**](../../stages/identification/index.mdx) stage to find the user. It can also contain any amount of verification stages, such as [**Email**](../../stages/email/index.mdx) or [**CAPTCHA**](../../stages/captcha/index.md). Afterwards, use the [**Prompt**](../../stages/prompt/index.md) stage to ask the user for a new password and the [**User Write**](../../stages/user_write.md) stage to update the password.
- **Recovery**: designates a flow for recovery. This flow normally contains an [**Identification**](../../stages/identification/index.md) stage to find the user. It can also contain any amount of verification stages, such as [**Email**](../../stages/email/index.mdx) or [**CAPTCHA**](../../stages/captcha/index.md). Afterwards, use the [**Prompt**](../../stages/prompt/index.md) stage to ask the user for a new password and the [**User Write**](../../stages/user_write.md) stage to update the password.
- **Stage configuration**: designates a flow for general setup. This designation doesn't have any constraints in what you can do. For example, by default this designation is used to configure authenticators, like change a password and set up TOTP.

2
website/docs/add-secure-apps/flows-stages/flow/index.md
View File

@ -20,7 +20,7 @@ When these stages are successfully completed, authentik logs in the user.
By default, policies are evaluated dynamically, right before the stage (to which a policy is bound) is presented to the user. This flexibility allows the login process to continue, change, or stop, based on the success or failure of each policy.
This default behaviour can be altered by enabling the **Evaluate when flow is planned** option on the stage binding. With this setting a _flow plan_ containing all stages is generated upon flow execution. This means that all attached policies are evaluated upon execution. For more information about flow plans, read our [flow context documentation](./context/index.mdx).
This default behaviour can be altered by enabling the **Evaluate when flow is planned** option on the stage binding. With this setting a _flow plan_ containing all stages is generated upon flow execution. This means that all attached policies are evaluated upon execution. For more information about flow plans, read our [flow context documentation](./context/index.md).
## Permissions

2
website/docs/add-secure-apps/flows-stages/flow/inspector.md
View File

@ -2,7 +2,7 @@
title: Flow Inspector
---
The flow inspector, introduced in 2021.10, allows administrators to visually determine how custom flows work, inspect the current [flow context](./context/index.mdx), and investigate issues.
The flow inspector, introduced in 2021.10, allows administrators to visually determine how custom flows work, inspect the current [flow context](./context/index.md), and investigate issues.
As shown in the screenshot below, the flow inspector displays next to the selected flow (in this case, "Change Password"), with [information](#flow-inspector-details) about that specific flow and flow context.

4
website/docs/add-secure-apps/flows-stages/stages/authenticator_duo/index.mdx → website/docs/add-secure-apps/flows-stages/stages/authenticator_duo/index.md
View File

@ -10,7 +10,7 @@ Copy all of the integration key, secret key and API hostname, and paste them in
Devices created reference the stage they were created with, since the API credentials are needed to authenticate. This also means when the stage is deleted, all devices are removed.
## Importing users
## Importing users <span class="badge badge--version">authentik 2022.9+</span>
:::info
Due to the way the Duo API works, authentik can only automatically import existing Duo users when a Duo MFA or higher license is active.
@ -20,7 +20,7 @@ To import a device, open the Stages list in the authentik Admin interface. On th
The Duo username can be found by navigating to your Duo Admin dashboard and selecting _Users_ in the sidebar. Optionally if you have multiple users with the same username, you can click on a User and copy their ID from the URL, and use that to import the device.
### Older versions
### Older versions <span class="badge badge--version">authentik 2021.9.1+</span>
You can call the `/api/v3/stages/authenticator/duo/{stage_uuid}/import_devices/` endpoint ([see here](https://goauthentik.io/api/#post-/stages/authenticator/duo/-stage_uuid-/import_devices/)) using the following parameters:

2
website/docs/add-secure-apps/flows-stages/stages/authenticator_email/index.md
View File

@ -8,7 +8,7 @@ This stage configures an email-based authenticator that sends a one-time code to
When a user goes through a flow that includes this stage, they are prompted for their email address (if not already set). The user then receives an email with a one-time code, which they enter into the authentik Login panel.
The email address will be saved and can be used with the [Authenticator validation](../authenticator_validate/index.mdx) stage for future authentications.
The email address will be saved and can be used with the [Authenticator validation](../authenticator_validate/index.md) stage for future authentications.
## Flow integration

20
website/docs/add-secure-apps/flows-stages/stages/authenticator_endpoint_gdtc/index.md
View File

@ -1,8 +1,11 @@
---
title: Endpoint Authenticator Google Device Trust Connector Stage
authentik_version: "2024.10"
authentik_preview: true
authentik_enterprise: true
---
<span class="badge badge--primary">Enterprise</span>
<span class="badge badge--preview">Preview</span>
<span class="badge badge--version">authentik 2024.10+</span>
---
With this stage, authentik can validate users' Chrome browsers and ensure that users' devices are compliant and up-to-date.
@ -15,11 +18,10 @@ This stage only works with Google Chrome, as it relies on the [Chrome Verified A
The main steps to set up your Google workspace are as follows:
- [Configuration](#configuration)
- [Create a Google cloud project](#create-a-google-cloud-project)
- [Create a service account](#create-a-service-account)
- [Set credentials for the service account](#set-credentials-for-the-service-account)
- [Create the stage](#create-the-stage)
1. [Create your Google Cloud Project](#create-a-google-cloud-project)
2. [Create a service account](#create-a-service-account)
3. [Set credentials for the service account](#set-credentials-for-the-service-account)
4. [Define access and scope in the Admin Console](#set-credentials-for-the-service-account)
For detailed instructions, refer to Google documentation.
@ -74,4 +76,4 @@ For detailed instructions, refer to Google documentation.
4. Click **Finish**.
After creating the stage, it can be used in any flow. Compared to other Authenticator stages, this stage does not require enrollment. Instead of adding an [Authenticator Validation Stage](../authenticator_validate/index.mdx), this stage only verifies the users' browser.
After creating the stage, it can be used in any flow. Compared to other Authenticator stages, this stage does not require enrollment. Instead of adding an [Authenticator Validation Stage](../authenticator_validate/index.md), this stage only verifies the users' browser.

4
website/docs/add-secure-apps/flows-stages/stages/authenticator_sms/index.mdx → website/docs/add-secure-apps/flows-stages/stages/authenticator_sms/index.md
View File

@ -46,9 +46,9 @@ return {
}
```
## Verify only
## Verify only <span class="badge badge--version">authentik 2022.6+</span>
To only verify the validity of a users' phone number, without saving it in an easily accessible way, you can enable this option. Phone numbers from devices enrolled through this stage will only have their hashed phone number saved. These devices can also not be used with the [Authenticator validation](../authenticator_validate/index.mdx) stage.
To only verify the validity of a users' phone number, without saving it in an easily accessible way, you can enable this option. Phone numbers from devices enrolled through this stage will only have their hashed phone number saved. These devices can also not be used with the [Authenticator validation](../authenticator_validate/index.md) stage.
## Limiting phone numbers

14
website/docs/add-secure-apps/flows-stages/stages/authenticator_validate/index.mdx → website/docs/add-secure-apps/flows-stages/stages/authenticator_validate/index.md
View File

@ -4,12 +4,12 @@ title: Authenticator Validation stage
This stage validates an already configured Authenticator Device. This device has to be configured using any of the other authenticator stages:
- [Duo authenticator stage](../authenticator_duo/index.mdx)
- [Duo authenticator stage](../authenticator_duo/index.md)
- [Email authenticator stage](../authenticator_email/index.md)
- [SMS authenticator stage](../authenticator_sms/index.mdx)
- [SMS authenticator stage](../authenticator_sms/index.md)
- [Static authenticator stage](../authenticator_static/index.md)
- [TOTP authenticator stage](../authenticator_totp/index.md)
- [WebAuthn authenticator stage](../authenticator_webauthn/index.mdx)
- [WebAuthn authenticator stage](../authenticator_webauthn/index.md)
You can select which type of device classes are allowed.
@ -24,17 +24,17 @@ Keep in mind that when using Code-based devices (TOTP, Static and SMS), values l
### Options
#### Less-frequent validation
#### Less-frequent validation <span class="badge badge--version">authentik 2022.5.1+</span>
You can configure this stage to only ask for MFA validation if the user hasn't authenticated themselves within a defined time period. To configure this, set _Last validation threshold_ to any non-zero value. Any of the users devices within the selected classes are checked.
#### Passwordless authentication
#### Passwordless authentication <span class="badge badge--version">authentik 2021.12.4+</span>
:::caution
Firefox has some known issues regarding TouchID (see https://bugzilla.mozilla.org/show_bug.cgi?id=1536482)
:::
Passwordless authentication currently only supports WebAuthn devices, which provides for the use of passkeys, security keys and biometrics. For an alternate passwordless setup, see [Password stage](../password/index.md#passwordless-login), which supports other types.
Passwordless authentication currently only supports WebAuthn devices, like security keys and biometrics. For an alternate passwordless setup, see [Password stage](../password/index.md#passwordless-login), which supports other types.
To configure passwordless authentication, create a new Flow with the designation set to _Authentication_.
@ -69,7 +69,7 @@ Logins which used Passwordless authentication have the _auth_method_ context var
}
```
#### WebAuthn Device type restrictions:ak-version[2024.4]
#### WebAuthn Device type restrictions <span class="badge badge--version">authentik 2024.4+</span>
Optionally restrict which WebAuthn device types can be used to authenticate.

8
website/docs/add-secure-apps/flows-stages/stages/authenticator_webauthn/index.mdx → website/docs/add-secure-apps/flows-stages/stages/authenticator_webauthn/index.md
View File

@ -1,9 +1,7 @@
---
title: WebAuthn / Passkeys Authenticator setup stage
title: WebAuthn Authenticator Setup stage
---
<span class="badge badge--version">authentik 2021.3.1+</span>
This stage configures a WebAuthn-based Authenticator. This can either be a browser, biometrics or a Security stick like a YubiKey.
### Options
@ -14,13 +12,13 @@ Configure if authentik should require, prefer or discourage user verification fo
#### Resident key requirement
Configure if the created authenticator is stored in the encrypted memory on the device or in persistent memory. When configuring [passwordless login](../identification/index.mdx#passwordless-flow), this should be set to either _Preferred_ or _Required_, otherwise the authenticator cannot be used for passwordless authentication.
Configure if the created authenticator is stored in the encrypted memory on the device or in persistent memory. When configuring [passwordless login](../identification/index.md#passwordless-flow), this should be set to either _Preferred_ or _Required_, otherwise the authenticator cannot be used for passwordless authentication.
#### Authenticator Attachment
Configure if authentik will require either a removable device (like a YubiKey, Google Titan, etc) or a non-removable device (like Windows Hello, TouchID or password managers), or not send a requirement.
#### Device type restrictions:ak-version[2024.4]
#### Device type restrictions <span class="badge badge--version">authentik 2024.4+</span>
Optionally restrict the types of devices allowed to be enrolled. This option can be used to ensure users are only able to enroll FIPS-compliant devices for example.

6
website/docs/add-secure-apps/flows-stages/stages/identification/index.mdx → website/docs/add-secure-apps/flows-stages/stages/identification/index.md
View File

@ -30,13 +30,13 @@ To run a CAPTCHA process in the background while the user is entering their iden
These fields specify if and which flows are linked on the form. The enrollment flow is linked as `Need an account? Sign up.`, and the recovery flow is linked as `Forgot username or password?`.
## Pretend user exists:ak-version[2024.2]
## Pretend user exists <span class="badge badge--version">authentik 2024.2+</span>
When enabled, any user identifier will be accepted as valid (as long as they match the correct format, i.e. when [User fields](#user-fields) is set to only allow Emails, then the identifier still needs to be an Email). The stage will succeed and the flow will continue to the next stage. Stages like the [Password stage](../password/index.md) and [Email stage](../email/index.mdx) are aware of this "pretend" user and will behave the same as if the user would exist.
## Source settings
Some sources (like the [OAuth Source](../../../../users-sources/sources/protocols/oauth/index.mdx) and [SAML Source](../../../../users-sources/sources/protocols/saml/index.md)) require user interaction. To make these sources available to users, they can be selected in the Identification stage settings, which will show them below the selected [user field](#user-fields).
Some sources (like the [OAuth Source](../../../../users-sources/sources/protocols/oauth/index.md) and [SAML Source](../../../../users-sources/sources/protocols/saml/index.md)) require user interaction. To make these sources available to users, they can be selected in the Identification stage settings, which will show them below the selected [user field](#user-fields).
By default, sources are only shown with their icon, which can be changed with the _Show sources' labels_ option.
@ -50,7 +50,7 @@ Starting with authentik 2023.5, when no user fields are selected and only one so
### Passwordless flow
See [Passwordless authentication](../authenticator_validate/index.mdx#passwordless-authentication).
See [Passwordless authentication](../authenticator_validate/index.md#passwordless-authentication-authentik-2021124).
### Enrollment flow

2
website/docs/add-secure-apps/flows-stages/stages/password/index.md
View File

@ -6,7 +6,7 @@ This is a generic password prompt which authenticates the current `pending_user`
## Passwordless login
There are two different ways to configure passwordless authentication; you can follow the instructions [here](../authenticator_validate/index.mdx#passwordless-authentication) to allow users to directly authenticate with their authenticator (only supported for WebAuthn devices), or dynamically skip the password stage depending on the users device, which is documented here.
There are two different ways to configure passwordless authentication; you can follow the instructions [here](../authenticator_validate/index.md#passwordless-authentication-authentik-2021124) to allow users to directly authenticate with their authenticator (only supported for WebAuthn devices), or dynamically skip the password stage depending on the users device, which is documented here.
Depending on what kind of device you want to require the user to have:

9
website/docs/add-secure-apps/flows-stages/stages/redirect/index.md
View File

@ -1,6 +1,9 @@
---
title: Redirect stage
authentik_version: "2024.12"
---
<span class="badge badge--version">authentik 2024.12+</span>
---
This stage's main purpose is to redirect the user to a new Flow while keeping flow context. For convenience, it can also redirect the user to a static URL.
@ -13,6 +16,6 @@ When the user reaches this stage, they are redirected to a static URL.
### Flow mode
When the user reaches this stage, they are redirected to a specified flow, retaining all [flow context](../../flow/context/index.mdx).
When the user reaches this stage, they are redirected to a specified flow, retaining all [flow context](../../flow/context).
Optionally, untoggle the "Keep flow context" switch. If this is untoggled, all flow context is cleared with the exception of the [is_redirected](../../flow/context#is_redirected-flow-object) key.
Optionally, untoggle the "Keep flow context" switch. If this is untoggled, all flow context is cleared with the exception of the [is_redirected](../../flow/context#is_redirected-flow-object-authentik-202412) key.

13
website/docs/add-secure-apps/flows-stages/stages/source/index.md
View File

@ -1,10 +1,13 @@
---
title: Source stage
authentik_version: "2024.4"
authentik_enterprise: true
---
The source stage injects an [OAuth](../../../../users-sources/sources/protocols/oauth/index.mdx) or [SAML](../../../../users-sources/sources/protocols/saml/index.md) Source into the flow execution. This allows for additional user verification, or to dynamically access different sources for different user identifiers (username, email address, etc).
<span class="badge badge--primary">Enterprise</span>
<span class="badge badge--version">authentik 2024.4+</span>
---
The source stage injects an [OAuth](../../../../users-sources/sources/protocols/oauth/index.md) or [SAML](../../../../users-sources/sources/protocols/saml/index.md) Source into the flow execution. This allows for additional user verification, or to dynamically access different sources for different user identifiers (username, email address, etc).
```mermaid
sequenceDiagram
@ -41,13 +44,13 @@ This stage can be used to leverage an external OAuth/SAML identity provider.
For example, you can authenticate users by routing them through a custom device-health solution.
Another use case is to route users to authenticate with your legacy (Okta, etc) IdP and then use the returned identity and attributes within authentik as part of an authorization flow, for example as part of an IdP migration. For authentication/enrollment this is also possible with an [OAuth](../../../../users-sources/sources/protocols/oauth/index.mdx)/[SAML](../../../../users-sources/sources/protocols/saml/index.md) source by itself.
Another use case is to route users to authenticate with your legacy (Okta, etc) IdP and then use the returned identity and attributes within authentik as part of an authorization flow, for example as part of an IdP migration. For authentication/enrollment this is also possible with an [OAuth](../../../../users-sources/sources/protocols/oauth/index.md)/[SAML](../../../../users-sources/sources/protocols/saml/index.md) source by itself.
### Options
#### Source
The source the user is redirected to. Must be a web-based source, such as [OAuth](../../../../users-sources/sources/protocols/oauth/index.mdx) or [SAML](../../../../users-sources/sources/protocols/saml/index.md). Sources like [LDAP](../../../../users-sources/sources/protocols/ldap/index.md) are _not_ compatible.
The source the user is redirected to. Must be a web-based source, such as [OAuth](../../../../users-sources/sources/protocols/oauth/index.md) or [SAML](../../../../users-sources/sources/protocols/saml/index.md). Sources like [LDAP](../../../../users-sources/sources/protocols/ldap/index.md) are _not_ compatible.
#### Resume timeout

5
website/docs/add-secure-apps/providers/entra/add-entra-provider.md
View File

@ -1,6 +1,9 @@
---
title: Add an Entra ID provider
authentik_enterprise: true
---
<span class="badge badge--primary">Enterprise</span>
---
For more information about using an Entra ID provider, see the [Overview](./index.md) documentation.

5
website/docs/add-secure-apps/providers/entra/index.md
View File

@ -1,6 +1,9 @@
---
title: Microsoft Entra ID provider
authentik_enterprise: true
---
<span class="badge badge--primary">Enterprise</span>
---
With the Microsoft Entra ID provider, authentik serves as the single source of truth for all users and groups. Configuring Entra ID as a provider allows for auto-discovery of user and group accounts, on-going synchronization of user data such as email address, name, and status, and integrated data mapping of field names and values.

5
website/docs/add-secure-apps/providers/entra/setup-entra.md
View File

@ -1,6 +1,9 @@
---
title: Configure Entra ID
authentik_enterprise: true
---
<span class="badge badge--primary">Enterprise</span>
---
The configuration of your Microsoft Entra ID environment must be completed before you [add the new provider](./add-entra-provider.md) in authentik.

5
website/docs/add-secure-apps/providers/gws/add-gws-provider.md
View File

@ -1,6 +1,9 @@
---
title: Create a Google Workspace provider
authentik_enterprise: true
---
<span class="badge badge--primary">Enterprise</span>
---
For more information about using a Google Workspace provider, see the [Overview](./index.md) documentation.

5
website/docs/add-secure-apps/providers/gws/index.md
View File

@ -1,6 +1,9 @@
---
title: Google Workspace provider
authentik_enterprise: true
---
<span class="badge badge--primary">Enterprise</span>
---
With the Google Workspace provider, authentik serves as the single source of truth for all users and groups, when using Google products like Gmail.

5
website/docs/add-secure-apps/providers/gws/setup-gws.md
View File

@ -1,6 +1,9 @@
---
title: Configure Google Workspace
authentik_enterprise: true
---
<span class="badge badge--primary">Enterprise</span>
---
The configuration and set up of your Google Workspace must be completed before you [add the new provider](./add-gws-provider.md) in authentik.

4
website/docs/add-secure-apps/providers/index.mdx
View File

@ -9,9 +9,9 @@ A Provider is an authentication method, a service that is used by authentik to a
Providers are the "other half" of [applications](../applications/index.md). They typically exist in a 1-to-1 relationship; each application needs a provider and every provider can be used with one application.
Applications can use additional providers to augment the functionality of the main provider. For more information, see [Backchannel providers](../applications/manage_apps.mdx#backchannel-providers).
Applications can use additional providers to augment the functionality of the main provider. For more information, see [Backchannel providers](../applications/manage_apps.md#backchannel-providers).
You can create a new provider in the Admin interface, or you can use the [**Create with provider** option](../applications/manage_apps.mdx#instructions) to create a new application and its provider at the same time.
You can create a new provider in the Admin interface, or you can use the [**Create with provider** option](../applications/manage_apps.md#instructions) to create a new application and its provider at the same time.
When you create certain types of providers, you need to select specific [flows](../flows-stages/flow/index.md) to apply to users who access authentik via the provider. To learn more, refer to our [default flow documentation](../flows-stages/flow/examples/default_flows.md).

2
website/docs/add-secure-apps/providers/ldap/generic_setup.md
View File

@ -9,7 +9,7 @@ title: Create an LDAP provider
Note the DN of this user will be `cn=ldapservice,ou=users,dc=ldap,dc=goauthentik,dc=io`
:::info
Note: The `default-authentication-flow` validates MFA by default, and currently everything but SMS-based devices and WebAuthn (which enables passkey-based authentication) devices are supported by LDAP. If you plan to use only dedicated service accounts to bind to LDAP, or don't use SMS-based authenticators, then you can use the default flow and skip the extra steps below and continue at [Create LDAP Application & Provider](#create-ldap-application--provider)
Note: The `default-authentication-flow` validates MFA by default, and currently everything but SMS-based devices and WebAuthn devices are supported by LDAP. If you plan to use only dedicated service accounts to bind to LDAP, or don't use SMS-based authenticators, then you can use the default flow and skip the extra steps below and continue at [Create LDAP Application & Provider](#create-ldap-application--provider)
:::
### LDAP Flow

6
website/docs/add-secure-apps/providers/ldap/index.md
View File

@ -64,7 +64,7 @@ Starting with 2023.3, periods and slashes in custom attributes will be sanitized
You can also configure SSL for your LDAP Providers by selecting a certificate and a server name in the provider settings.
Starting with authentik 2023.6, StartTLS is supported, and the provider will pick the correct certificate based on the configured _TLS Server name_ field. The certificate is not picked based on the Bind DN, as the StartTLS operation should happen before the bind request to ensure bind credentials are transmitted over TLS.
Starting with authentik 2023.6, StartTLS is supported, and the provider will pick the correct certificate based on the configured _TLS Server name_ field. The certificate is not picked based on the Bind DN, as the StartTLS operation should happen be the bind request to ensure bind credentials are transmitted over TLS.
This enables you to bind on port 636 using LDAPS.
@ -78,9 +78,9 @@ All bind modes rely on flows.
The following stages are supported:
- [Identification](../../flows-stages/stages/identification/index.mdx)
- [Identification](../../flows-stages/stages/identification/index.md)
- [Password](../../flows-stages/stages/password/index.md)
- [Authenticator validation](../../flows-stages/stages/authenticator_validate/index.mdx)
- [Authenticator validation](../../flows-stages/stages/authenticator_validate/index.md)
Note: Authenticator validation currently only supports DUO, TOTP and static authenticators.

4
website/docs/add-secure-apps/providers/oauth2/client_credentials.mdx → website/docs/add-secure-apps/providers/oauth2/client_credentials.md
View File

@ -30,7 +30,7 @@ In addition to that, with authentik 2024.4 it is also possible to pass the confi
### JWT-authentication
#### Externally issued JWTs
#### Externally issued JWTs <span class="badge badge--version">authentik 2022.4+</span>
You can authenticate and get a token using an existing JWT. For readability we will refer to the JWT issued by the external issuer/platform as input JWT, and the resulting JWT from authentik as the output JWT.
@ -59,7 +59,7 @@ To dynamically limit access based on the claims of the tokens, you can use _[Exp
return request.context["oauth_jwt"]["iss"] == "https://my.issuer"
```
#### authentik-issued JWTs:ak-version[2024.12]
#### authentik-issued JWTs <span class="badge badge--version">authentik 2024.12+</span>
To allow federation between providers, modify the provider settings of the application (whose token will be used for authentication) to select the provider of the application to which you want to federate.

Some files were not shown because too many files have changed in this diff Show More