core: bump aiohappyeyeballs from 2.6.1 to v2.6.1 (#15336)

* drafty

* rearrange everything

* fix links

* fixed link

* more links to fix

* tweaks

* not sure

* Optimised images with calibre/image-actions

* Update website/docs/add-secure-apps/providers/rac/index.md

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/_global/global.mdx

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/sys-mgmt/brands.md

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/_global/global.mdx

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/add-secure-apps/providers/rac/index.md

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/_global/global.mdx

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/user-admin/customization.mdx

Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/user-admin/customization.mdx

Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/user-admin/customization.mdx

Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/user-admin/customization.mdx

Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/user-admin/customization.mdx

Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/netlify.toml

Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/flow/customization.mdx

Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* tweak

* separated admin and user again

* so many busted things, now unbusted

* redirect yesterday's redirects

* dewi edits

* tweak to bump build

* revert package.json change

* links, tweaks

* Optimised images with calibre/image-actions

* Update website/docs/customize/interfaces/admin/customization_admin_ui.mdx

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/admin/customization_admin_ui.mdx

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/flow/customization_flow.mdx

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/flow/customization_flow.mdx

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/user/customization_user_ui.mdx

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/customize/interfaces/admin/customization_admin_ui.mdx

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* simplify sidebar

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix redirect indent

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rename files

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* flows -> flow interface

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana M Berry <tana@goauthentik.io>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>

uv.lock

@@ -1831,6 +1831,8 @@ wheels = [
     { url = "https://files.pythonhosted.org/packages/79/21/6e7c060822a3c954ff085e5e1b94b4a25757c06529eac91e550f3f5cd8b8/lxml-6.0.0-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:6da7cd4f405fd7db56e51e96bff0865b9853ae70df0e6720624049da76bde2da", size = 8414372, upload-time = "2025-06-26T16:26:39.079Z" },
     { url = "https://files.pythonhosted.org/packages/a4/f6/051b1607a459db670fc3a244fa4f06f101a8adf86cda263d1a56b3a4f9d5/lxml-6.0.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:b34339898bb556a2351a1830f88f751679f343eabf9cf05841c95b165152c9e7", size = 4593940, upload-time = "2025-06-26T16:26:41.891Z" },
     { url = "https://files.pythonhosted.org/packages/8e/74/dd595d92a40bda3c687d70d4487b2c7eff93fd63b568acd64fedd2ba00fe/lxml-6.0.0-cp313-cp313-manylinux2010_i686.manylinux2014_i686.manylinux_2_12_i686.manylinux_2_17_i686.whl", hash = "sha256:51a5e4c61a4541bd1cd3ba74766d0c9b6c12d6a1a4964ef60026832aac8e79b3", size = 5214329, upload-time = "2025-06-26T16:26:44.669Z" },
+    { url = "https://files.pythonhosted.org/packages/52/46/3572761efc1bd45fcafb44a63b3b0feeb5b3f0066886821e94b0254f9253/lxml-6.0.0-cp313-cp313-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:d18a25b19ca7307045581b18b3ec9ead2b1db5ccd8719c291f0cd0a5cec6cb81", size = 4947559, upload-time = "2025-06-28T18:47:31.091Z" },
+    { url = "https://files.pythonhosted.org/packages/94/8a/5e40de920e67c4f2eef9151097deb9b52d86c95762d8ee238134aff2125d/lxml-6.0.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:d4f0c66df4386b75d2ab1e20a489f30dc7fd9a06a896d64980541506086be1f1", size = 5102143, upload-time = "2025-06-28T18:47:33.612Z" },
     { url = "https://files.pythonhosted.org/packages/7c/4b/20555bdd75d57945bdabfbc45fdb1a36a1a0ff9eae4653e951b2b79c9209/lxml-6.0.0-cp313-cp313-manylinux_2_27_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:9f4b481b6cc3a897adb4279216695150bbe7a44c03daba3c894f49d2037e0a24", size = 5021931, upload-time = "2025-06-26T16:26:47.503Z" },
     { url = "https://files.pythonhosted.org/packages/d4/dd/39c8507c16db6031f8c1ddf70ed95dbb0a6d466a40002a3522c128aba472/lxml-6.0.0-cp313-cp313-manylinux_2_27_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:2ae06fbab4f1bb7db4f7c8ca9897dc8db4447d1a2b9bee78474ad403437bcc29", size = 5247467, upload-time = "2025-06-26T16:26:49.998Z" },
     { url = "https://files.pythonhosted.org/packages/4d/56/732d49def0631ad633844cfb2664563c830173a98d5efd9b172e89a4800d/lxml-6.0.0-cp313-cp313-manylinux_2_31_armv7l.whl", hash = "sha256:1fa377b827ca2023244a06554c6e7dc6828a10aaf74ca41965c5d8a4925aebb4", size = 4720601, upload-time = "2025-06-26T16:26:52.564Z" },

website/docs/add-secure-apps/providers/rac/index.md

@@ -45,11 +45,11 @@ Configuration details such as credentials can be specified through _settings_, w
 
 ### Connection settings
 
-Each connection is authorized through authentik Policy objects that are bound to the application and the endpoint. Additional verification can be done with the authorization flow.
+Each connection is authorized through authentik policy objects that are bound to the application and the endpoint. Additional verification can be done with the authorization flow.
 
-A new connection is created every time an endpoint is selected in the [User Interface](../../../customize/interfaces/user/customization.mdx). Once the user's authentik session expires, the connection is terminated. Additionally, the connection timeout can be specified in the provider, which applies even if the user is still authenticated. The connection can also be terminated manually.
+A new connection is created every time an endpoint is selected in the [User Interface](../../../customize/interfaces/user). After the user's authentik session expires, the connection is terminated. Additionally, the connection timeout can be specified in the provider, which applies even if the user is still authenticated. The connection can also be terminated manually from the **Connections** tab of the RAC provider.
 
-Additionally it is possible to modify the connection settings through the authorization flow. Configuration set in `connection_settings` in the flow plan context will be merged with other settings as shown above.
+Additionally, it is possible to modify the connection settings through the authorization flow. Configuration set in `connection_settings` in the flow plan context will be merged with other settings as shown above.
 
 The RAC provider utilises [Apache Guacamole](https://guacamole.apache.org/) for establishing SSH, RDP and VNC connections. RAC supports the use of Apache Guacamole connection configurations.
 

website/docs/customize/index.md

@@ -6,8 +6,8 @@ You can customize the behaviour, look, and available resources for your authenti
 
 - [Policies](./policies/working_with_policies.md)
 - Interfaces:
-    - [Flows](./interfaces/flow/customization.mdx)
-    - [User interface](./interfaces/user/customization.mdx)
-    - [Admin interface](./interfaces/admin/customization.mdx)
+    - [Flow interface](./interfaces/flow)
+    - [User interface](./interfaces/user)
+    - [Admin interface](./interfaces/admin)
 - [Blueprints](./blueprints/index.mdx)
 - [Branding](./branding.md)

website/docs/customize/interfaces/_enabledfeatureslist.mdx

@@ -0,0 +1,19 @@
+### Enabling/disabling features
+
+The features listed below can be enabled or disabled through attributes set on the Brand. By default, all of the listed features are enabled. To disable a specific feature, set its value to `false`.
+
+#### `settings.enabledFeatures.apiDrawer`
+
+    Display the API Request drawer in the upper tool bar.
+
+#### `settings.enabledFeatures.notificationDrawer`
+
+    Display the Notification drawer in the upper tool bar.
+
+#### `settings.enabledFeatures.settings`
+
+    Display the Settings link in the upper tool bar.
+
+#### `settings.enabledFeatures.search`
+
+    Display the Search bar in the upper tool bar.

website/docs/customize/interfaces/_generalattributes.mdx

@@ -0,0 +1,36 @@
+### General settings (both Admin and User interfaces)
+
+#### `settings.navbar.userDisplay`
+
+Configure what is shown in the top right corner. Defaults to `username`. Available options: `username`, `name`, `email`
+
+#### `settings.theme.base`
+
+Configure the base color scheme or toggle between dark and light modes. The default setting is `automatic`, which adapts based on the user’s browser preference. Available options: `automatic`, `dark`, `light`.
+
+**Example**:
+
+```
+settings:
+  theme:
+    base: dark
+```
+
+#### `settings.theme.background`
+
+Optional CSS that is applied to the background of the User interface, for example to set a custom background color, gradient, or image.
+
+```yaml
+settings:
+    theme:
+        background: >
+            background: url('https://picsum.photos/1920/1080');
+            filter: blur(8px);
+            background-position: center;
+            background-repeat: no-repeat;
+            background-size: cover;
+```
+
+#### `settings.locale`
+
+The locale which can be configured in the user settings by default. This can be used to preset locales for groups of users, but still let them choose their own preferred locale.

website/docs/customize/interfaces/_global/global.mdx

@@ -1,3 +1,11 @@
-### Global customization
+## Global customization
 
-See [Brand Settings](../../../sys-mgmt/brands.md#branding-settings)
+To customize the following brand settings, log in to the Admin interface and navigate to **System > Brands > Brand settings**.
+
+- Title
+- Logo
+- Favicon
+- Default flow background image
+- Custom CSS
+
+For more details, see the [Brand settings](../../../sys-mgmt/brands.md#branding-settings) documentation.

website/docs/customize/interfaces/admin/customization.mdx

@@ -1,17 +0,0 @@
-# Customization
-
-### `settings.pagination.perPage`
-
-How many items should be retrieved per page. Defaults to 20.
-
-### `settings.defaults.userPath`
-
-Default user path which is opened when opening the user list. Defaults to `users`.
-
-### `settings.theme.base`
-
-Configure the base color scheme. Defaults to `automatic`, which switches between dark and light mode based on the users' browsers' preference. Choices: `automatic`, `dark`, `light`.
-
-import Global from "../_global/global.mdx";
-
-<Global />

website/docs/customize/interfaces/admin/index.mdx

@@ -0,0 +1,46 @@
+---
+title: Customize the Admin interface
+sidebar_label: Admin interface
+---
+
+The Admin interface can be customized using attributes configured in [Brands](../../../sys-mgmt/brands.md)
+
+To add, remove, or modify attributes for a brand, log in to the Admin interface and navigate to **System > Brands > Other global settings > Attributes**.
+
+Most attributes defined in a brand apply to _both_ the User and Admin interfaces. However, any settings that are specific to only the Admin interface are explicitly noted as such below.
+
+The following screenshot shows the syntax for setting several attributes for a brand: dark mode, a 3-column display of applications on **My applications** page of the User interface, and hiding the API and Notifications drawers from the Admin interface tool bar.
+
+![](./admin-interface-attributes.png)
+
+## Custom settings
+
+The following settings for attributes are grouped by:
+
+- `enabledFeatures` settings
+- General settings (used on both the Admin interface and the User interface)
+- Admin interface only
+
+import Enabledfeatureslist from "../\_enabledfeatureslist.mdx";
+
+<Enabledfeatureslist />
+
+import Generalattributes from "../\_generalattributes.mdx";
+
+<Generalattributes />
+
+### Settings for the Admin interface only
+
+The following settings can only be used to customize the Admin interface, not the User interface.
+
+#### `settings.pagination.perPage`
+
+How many items should be retrieved per page. Defaults to 20.
+
+#### `settings.defaults.userPath`
+
+Default user path which is used when opening the user list. Defaults to `users`.
+
+import Global from "../_global/global.mdx";
+
+<Global />

website/docs/customize/interfaces/flow/customization.mdx

@@ -1,11 +0,0 @@
-# Customization
-
-Since flows can be executed authenticated or unauthenticated, the default settings can be set via brands _attributes_.
-
-### `settings.theme.base`
-
-Configure the base color scheme. Defaults to `automatic`, which switches between dark and light mode based on the users' browsers' preference. Choices: `automatic`, `dark`, `light`.
-
-import Global from "../_global/global.mdx";
-
-<Global />

website/docs/customize/interfaces/flow/index.mdx

@@ -0,0 +1,19 @@
+---
+title: Customize a flow
+sidebar_label: Flow interface
+---
+
+Typically, settings for flows are defined as defaults in the [Brand settings](../../../sys-mgmt/brands.md). However, it’s important to note that some flows are executed before the specific user is authenticated and thus before authentik can determine which user is viewing the flow (for example, the `default-authentication-flow`!). Consequently, using default settings for all flows ensures a more consistent user experience.
+
+Two settings that you can configure per flow are the _background image_ for the flow, and the _layout_.
+
+## Customize a flow's background image
+
+You can define a:
+
+- Default background image for all flows, set in the instance's [brand](../../../sys-mgmt/brands.md)
+- A background image for [one or more specific flows](../../../add-secure-apps/flows-stages/flow/index.md#flow-configuration-options) (overrides the default)
+
+## Set the layout for a flow
+
+To define the layout for a flow, edit the flow and under **Appearance settings > Layout** select how the UI displays the flow when it is executed; with stacked elements, content left or right, and sidebar left or right.

website/docs/customize/interfaces/user/customization.mdx

@@ -1,64 +0,0 @@
-# Customization
-
-The user interface can be customized through attributes, and will be inherited from a users' groups.
-
-## Enabling/disabling features
-
-The following features can be enabled/disabled. By default, all of them are enabled:
-
-- `settings.enabledFeatures.apiDrawer`
-
-    API Request drawer in navbar
-
-- `settings.enabledFeatures.notificationDrawer`
-
-    Notification drawer in navbar
-
-- `settings.enabledFeatures.settings`
-
-    Settings link in navbar
-
-- `settings.enabledFeatures.applicationEdit`
-
-    Application edit in library (only shown when user is superuser)
-
-- `settings.enabledFeatures.search`
-
-    Search bar
-
-## Other configuration
-
-### `settings.navbar.userDisplay`
-
-Configure what is shown in the top right corner. Defaults to `username`. Choices: `username`, `name`, `email`
-
-### `settings.theme.base`
-
-Configure the base color scheme. Defaults to `automatic`, which switches between dark and light mode based on the users' browsers' preference. Choices: `automatic`, `dark`, `light`.
-
-### `settings.theme.background`
-
-Optional CSS which is applied in the background of the background of the user interface; for example
-
-```yaml
-settings:
-    theme:
-        background: >
-            background: url('https://picsum.photos/1920/1080');
-            filter: blur(8px);
-            background-position: center;
-            background-repeat: no-repeat;
-            background-size: cover;
-```
-
-### `settings.layout.type`
-
-Which layout to use for the _My applications_ view. Defaults to `row`. Choices: `row`, `2-column`, `3-column`
-
-### `settings.locale`
-
-The locale which can be configured in the user settings by default. This can be used to preset locales for groups of users, but still let them choose their own preferred locale
-
-import Global from "../_global/global.mdx";
-
-<Global />

website/docs/customize/interfaces/user/index.mdx

@@ -0,0 +1,44 @@
+---
+title: Customize the User interface
+sidebar_label: User interface
+---
+
+The User interface can be customized using attributes configured in [Brands](../../../sys-mgmt/brands.md).
+
+To add, remove, or modify attributes for a brand, log in as an administrator and navigate to **System > Brands > Other global settings > Attributes**.
+
+Most attributes defined in a brand apply to _both_ the User and Admin interfaces. However, any settings that are specific to only one interface are explicitly noted as such below.
+
+The following screenshot shows the syntax for setting several attributes for a brand: light mode, a 3-column display of applications on **My applications** page, hiding the API drawer and the Notification drawer from the tool bar, and disallowing users to edit the applications on **My applications** page.
+
+![](./user-interface-attributes.png)
+
+## Custom settings
+
+The following settings for attributes are grouped by:
+
+- `enabledFeatures` settings
+- General attributes (used on both the Admin interface and the User interface)
+- User interface only
+
+import Enabledfeatureslist from "../\_enabledfeatureslist.mdx";
+
+<Enabledfeatureslist />
+
+#### `settings.enabledFeatures.applicationEdit` (User interface only)
+
+    Display the Edit option for each application on the **My applications** page (only shown when user is superuser).
+
+import Generalattributes from "../\_generalattributes.mdx";
+
+<Generalattributes />
+
+### Settings for the User interface only
+
+#### `settings.layout.type`
+
+Which layout to use for the **My applications** page. Defaults to `row`. Choices: `row`, `2-column`, `3-column`
+
+import Global from "../_global/global.mdx";
+
+<Global />

website/docs/releases/2023/v2023.3.md

@@ -16,8 +16,8 @@ slug: "/releases/2023.3"
     Documentation: [SCIM Provider](../../add-secure-apps/providers/scim/index.md)
 
 - Theming improvements
-    - The custom.css file is now loaded in ShadowDOMs, allowing for much greater customization, as previously it was only possible to style elements outside of the ShadowDOM. See docs for [Flow](../../customize/interfaces/flow/customization.mdx), [User](../../customize/interfaces/user/customization.mdx) and [Admin](../../customize/interfaces/admin/customization.mdx) interfaces.
-    - Previously, authentik would automatically switch between dark and light theme based on the users' browsers' settings. This can now be overridden to either force the light or dark theme, per user/group/tenant. See docs for [Flow](../../customize/interfaces/flow/customization.mdx), [User](../../customize/interfaces/user/customization.mdx) and [Admin](../../customize/interfaces/admin/customization.mdx) interfaces.
+    - The custom.css file is now loaded in ShadowDOMs, allowing for much greater customization, as previously it was only possible to style elements outside of the ShadowDOM. See docs for the [User interface](../../customize/interfaces/user/index.mdx) and [Admin interface](../../customize/interfaces/admin/index.mdx).
+    - Previously, authentik would automatically switch between dark and light theme based on the users' browsers' settings. This can now be overridden to either force the light or dark theme, per user/group/brand. See docs for the [User interface](../../customize/interfaces/user/index.mdx) and [Admin interface](../../customize/interfaces/admin/index.mdx).
 
 ## Upgrading
 

website/docs/sys-mgmt/brands.md

@@ -3,7 +3,7 @@ title: Brands
 slug: /brands
 ---
 
-As an authentik admin, you can customize your instance's appearance and behavior using brands. Brands apply to a single domain, a domain wildcard or can be set as default, in which case the brand will be used when no other brand matches the domain.
+As an authentik administrator, you can customize your instance's appearance and behavior using brands. Brands apply to a single domain, a domain wildcard, or can be set as default, in which case the brand will be applied when no other brand matches the domain.
 
 For an overview of branding and other customization options in authentik refer to [Customize your instance](../customize/index.md).
 
@@ -71,4 +71,4 @@ When using the [Mutual TLS Stage](../add-secure-apps/flows-stages/stages/mtls/in
 
 #### Attributes
 
-Attributes such as locale, theme settings and custom attributes can be set to a per-brand default value here. Any custom attributes can be retrieved via [`group_attributes()`](../users-sources/user/user_ref.mdx#object-properties).
+Attributes such as locale, theme settings (light/dark mode), and custom attributes can be set to a per-brand default value here. Any custom attributes can be retrieved via [`group_attributes()`](../users-sources/user/user_ref.mdx#object-properties).

website/docs/sys-mgmt/events/notification_rule_expression_policies.mdx

@@ -1,172 +0,0 @@
----
-title: Notification Rule Expression Policies
----
-
-## Introduction
-
-Notification rules with bound expression policies are very powerful. The following are examples of what can be achieved.
-
-### Change user attributes upon account deactivation
-
-This example code is triggered when a user account with the `sshPublicKey` attribute set is deactivated. It saves the `sshPublicKey` attribute to a new `inactivesshPublicKey` attribute, and subsequently nullifies the `sshPublicKey` attribute.
-
-```python
-from authentik.core.models import User
-
-# Check if an event has occurred
-event = request.context.get("event", None)
-if not event:
-    ak_logger.info("no event")
-    return False
-
-# Check if the event action includes updating a model
-if event.action != "model_updated":
-    ak_logger.info("event action does not match")
-    return False
-
-model_app = event.context["model"]["app"]
-model_name = event.context["model"]["model_name"]
-
-# Check if the model that was updated is the user model
-if model_app != "authentik_core" or model_name != "user":
-    ak_logger.info("model does not match")
-
-user_pk = event.context["model"]["pk"]
-user = User.objects.filter(pk=user_pk).first()
-
-# Check if an user object was found
-if not user:
-    ak_logger.info("user not found")
-    return False
-
-# Check if user is active
-if user.is_active:
-    ak_logger.info("user is active, not changing")
-    return False
-
-# Check if user has the `sshPublicKey` attribute set
-if not user.attributes.get("sshPublicKey"):
-    ak_logger.info("no public keys to remove")
-    return False
-
-# Save the `sshPublicKey` attribute to a new `inactiveSSHPublicKey` attribute
-user.attributes["inactiveSSHPublicKey"] = user.attributes["sshPublicKey"]
-
-# Nullify the `sshPublicKey` attribute
-user.attributes["sshPublicKey"] = []
-
-# Save the changes made to the user
-user.save()
-
-return False
-```
-
-### Alert when application is created without binding
-
-This code is triggered when a new application is created without any user, group, or policy bound to it. The notification rule can then be configured to alert an administrator. This feature is useful for ensuring limited access to applications, as by default, an application without any users, groups, or policies bound to it can be accessed by all users.
-
-```python
-from authentik.core.models import Application
-from authentik.policies.models import PolicyBinding
-
-# Check if an event has occurred
-event = request.context.get("event", None)
-if not event:
-    ak_logger.info("no event")
-    return False
-
-# Check if the event action includes creating a model
-if event.action != "model_created":
-    ak_logger.info("event action does not match")
-    return False
-
-model_app = event.context["model"]["app"]
-model_name = event.context["model"]["model_name"]
-
-# Check if the model that was created is the application model
-if model_app != "authentik_core" or model_name != "application":
-    ak_logger.info("model does not match")
-
-application_pk = event.context["model"]["pk"]
-application = Application.objects.filter(pk=application_pk).first()
-
-# Check if an application object was found
-if not application:
-    ak_logger.info("application not found")
-    return False
-
-# Check if application has binding
-if PolicyBinding.objects.filter(target=application).exists():
-    output = PolicyBinding.objects.filter(target=application)
-    ak_logger.info("application has bindings, returning true")
-    return True
-
-return False
-```
-
-### Append user addition history to group attributes
-
-This code is triggered when a user is added to a group. It then creates and updates a `UserAddedHistory` attribute to the group with a date/time stamp and the username of the added user. This functionality is already available within the changelog of a group, but this code can be used as a template to trigger alerts or other events.
-
-:::note
-This policy interacts with the `diff` event output. This filed is only available with an enterprise license.
-:::
-
-```python
-from authentik.core.models import User
-from authentik.core.models import Group
-from datetime import datetime
-
-# Check if an event has occurred
-event = request.context.get("event", None)
-if not event:
-    ak_logger.info("no event")
-    return False
-
-# Check if the event action includes updating a model
-if event.action != "model_updated":
-    ak_logger.info("event action does not match")
-    return False
-
-model_app = event.context["model"]["app"]
-model_name = event.context["model"]["model_name"]
-
-# Check if the model that was updated is the group model
-if model_app != "authentik_core" or model_name != "group":
-    ak_logger.info("model does not match")
-
-group_pk = event.context["model"]["pk"]
-group = Group.objects.filter(pk=group_pk).first()
-
-# If user was added to group, get user object, else return false
-if "add" in event.context["diff"]["users"]:
-    ak_logger.info("user added to group")
-
-    user_pk = event.context["diff"]["users"]["add"][0]
-    user = User.objects.filter(pk=user_pk).first()
-else:
-    ak_logger.info("user not added to group")
-    return False
-
-# Check if a group object was found
-if not group:
-    ak_logger.info("group not found")
-    return False
-
-# Check if an user object was found
-if not user:
-    ak_logger.info("user not found")
-    return False
-
-if not group.attributes.get("UserAddedHistory"):
-    group.attributes["UserAddedHistory"] = []
-
-current_date_time = datetime.now().isoformat(timespec='seconds')
-
-group.attributes["UserAddedHistory"].append(current_date_time + " - Added user: " + user.username)
-
-# Save the changes made to the group
-group.save()
-
-return False
-```

website/docusaurus.config.esm.mjs

@@ -131,6 +131,10 @@ const config = createDocusaurusConfig({
                         ],
                     ],
                 },
+                gtag: {
+                    trackingID: ["G-9MVR9WZFZH"],
+                    anonymizeIP: true,
+                },
                 theme: {
                     customCss: require.resolve("@goauthentik/docusaurus-config/css/index.css"),
                 },

website/integrations/docusaurus.config.esm.mjs

@@ -128,6 +128,10 @@ const config = createDocusaurusConfig({
                         ],
                     ],
                 },
+                gtag: {
+                    trackingID: ["G-9MVR9WZFZH"],
+                    anonymizeIP: true,
+                },
                 theme: {
                     customCss: require.resolve("@goauthentik/docusaurus-config/css/index.css"),
                 },

website/netlify.toml

@@ -86,6 +86,20 @@ package = "netlify-plugin-debug-cache"
   to = "/docs/customize/branding"
   status = 302
 
+[[redirects]]
+  from = "/docs/customize/interfaces/admin/customization"
+  to = "/docs/customize/interfaces/admin"
+  status = 302
+
+[[redirects]]
+  from = "/docs/customize/interfaces/user/customization"
+  to = "/docs/customize/interfaces/user"
+  status = 302
+
+[[redirects]]
+  from = "/docs/customize/interfaces/flow/customization"
+  to = "/docs/customize/interfaces/flow"
+  status = 302
 
 # Migration to new structure with script Sept 2025
 [[redirects]]

website/package-lock.json

@@ -19,7 +19,7 @@
                 "@goauthentik/docusaurus-config": "^1.1.0",
                 "@goauthentik/tsconfig": "^1.0.4",
                 "@mdx-js/react": "^3.1.0",
-                "@rspack/binding-linux-x64-gnu": "1.4.1",
+                "@swc/html-linux-x64-gnu": "1.12.9",
                 "clsx": "^2.1.1",
                 "docusaurus-plugin-openapi-docs": "^4.4.0",
                 "docusaurus-theme-openapi-docs": "^4.4.0",
@@ -62,15 +62,15 @@
                 "node": ">=22.14.0"
             },
             "optionalDependencies": {
-                "@rspack/binding-darwin-arm64": "1.4.1",
-                "@rspack/binding-linux-arm64-gnu": "1.4.1",
-                "@rspack/binding-linux-x64-gnu": "1.4.1",
-                "@swc/core-darwin-arm64": "1.12.7",
-                "@swc/core-linux-arm64-gnu": "1.12.7",
-                "@swc/core-linux-x64-gnu": "1.12.7",
-                "@swc/html-darwin-arm64": "1.12.7",
-                "@swc/html-linux-arm64-gnu": "1.12.7",
-                "@swc/html-linux-x64-gnu": "1.12.7",
+                "@rspack/binding-darwin-arm64": "1.4.2",
+                "@rspack/binding-linux-arm64-gnu": "1.4.2",
+                "@rspack/binding-linux-x64-gnu": "1.4.2",
+                "@swc/core-darwin-arm64": "1.12.9",
+                "@swc/core-linux-arm64-gnu": "1.12.9",
+                "@swc/core-linux-x64-gnu": "1.12.9",
+                "@swc/html-darwin-arm64": "1.12.9",
+                "@swc/html-linux-arm64-gnu": "1.12.9",
+                "@swc/html-linux-x64-gnu": "1.12.9",
                 "lightningcss-darwin-arm64": "1.30.1",
                 "lightningcss-linux-arm64-gnu": "1.30.1",
                 "lightningcss-linux-x64-gnu": "1.30.1"
@@ -5034,9 +5034,9 @@
             }
         },
         "node_modules/@rspack/binding-darwin-arm64": {
-            "version": "1.4.1",
-            "resolved": "https://registry.npmjs.org/@rspack/binding-darwin-arm64/-/binding-darwin-arm64-1.4.1.tgz",
-            "integrity": "sha512-enh5DYbpaexdEmjbcxj3BJDauP3w+20jFKWvKROtAQV350PUw0bf2b4WOgngIH9hBzlfjpXNYAk6T5AhVAlY3Q==",
+            "version": "1.4.2",
+            "resolved": "https://registry.npmjs.org/@rspack/binding-darwin-arm64/-/binding-darwin-arm64-1.4.2.tgz",
+            "integrity": "sha512-0fPOew7D0l/x6qFZYdyUqutbw15K98VLvES2/7x2LPssTgypE4rVmnQSmVBnge3Nr8Qs/9qASPRpMWXBaqMfOA==",
             "cpu": [
                 "arm64"
             ],
@@ -5060,9 +5060,9 @@
             "peer": true
         },
         "node_modules/@rspack/binding-linux-arm64-gnu": {
-            "version": "1.4.1",
-            "resolved": "https://registry.npmjs.org/@rspack/binding-linux-arm64-gnu/-/binding-linux-arm64-gnu-1.4.1.tgz",
-            "integrity": "sha512-PJ5cHqvrj1bK7jH5DVrdKoR8Fy+p6l9baxXajq/6xWTxP+4YTdEtLsRZnpLMS1Ho2RRpkxDWJn+gdlKuleNioQ==",
+            "version": "1.4.2",
+            "resolved": "https://registry.npmjs.org/@rspack/binding-linux-arm64-gnu/-/binding-linux-arm64-gnu-1.4.2.tgz",
+            "integrity": "sha512-UHAzggS8Mc7b3Xguhj82HwujLqBZquCeo8qJj5XreNaMKGb6YRw/91dJOVmkNiLCB0bj71CRE1Cocd+Peq3N9A==",
             "cpu": [
                 "arm64"
             ],
@@ -5086,9 +5086,9 @@
             "peer": true
         },
         "node_modules/@rspack/binding-linux-x64-gnu": {
-            "version": "1.4.1",
-            "resolved": "https://registry.npmjs.org/@rspack/binding-linux-x64-gnu/-/binding-linux-x64-gnu-1.4.1.tgz",
-            "integrity": "sha512-jjTx53CpiYWK7fAv5qS8xHEytFK6gLfZRk+0kt2YII6uqez/xQ3SRcboreH8XbJcBoxINBzMNMf5/SeMBZ939A==",
+            "version": "1.4.2",
+            "resolved": "https://registry.npmjs.org/@rspack/binding-linux-x64-gnu/-/binding-linux-x64-gnu-1.4.2.tgz",
+            "integrity": "sha512-ucCCWdtH1tekZadrsYj6GNJ8EP21BM2uSE7MootbwLw8aBtgVTKUuRDQEps1h/rtrdthzd9XBX6Lc2N926gM+g==",
             "cpu": [
                 "x64"
             ],
@@ -5586,13 +5586,12 @@
             }
         },
         "node_modules/@swc/core-darwin-arm64": {
-            "version": "1.12.7",
-            "resolved": "https://registry.npmjs.org/@swc/core-darwin-arm64/-/core-darwin-arm64-1.12.7.tgz",
-            "integrity": "sha512-w6BBT0hBRS56yS+LbReVym0h+iB7/PpCddqrn1ha94ra4rZ4R/A91A/rkv+LnQlPqU/+fhqdlXtCJU9mrhCBtA==",
+            "version": "1.12.9",
+            "resolved": "https://registry.npmjs.org/@swc/core-darwin-arm64/-/core-darwin-arm64-1.12.9.tgz",
+            "integrity": "sha512-GACFEp4nD6V+TZNR2JwbMZRHB+Yyvp14FrcmB6UCUYmhuNWjkxi+CLnEvdbuiKyQYv0zA+TRpCHZ+whEs6gwfA==",
             "cpu": [
                 "arm64"
             ],
-            "license": "Apache-2.0 AND MIT",
             "optional": true,
             "os": [
                 "darwin"
@@ -5634,13 +5633,12 @@
             }
         },
         "node_modules/@swc/core-linux-arm64-gnu": {
-            "version": "1.12.7",
-            "resolved": "https://registry.npmjs.org/@swc/core-linux-arm64-gnu/-/core-linux-arm64-gnu-1.12.7.tgz",
-            "integrity": "sha512-N15hKizSSh+hkZ2x3TDVrxq0TDcbvDbkQJi2ZrLb9fK+NdFUV/x+XF16ZDPlbxtrGXl1CT7VD439SNaMN9F7qw==",
+            "version": "1.12.9",
+            "resolved": "https://registry.npmjs.org/@swc/core-linux-arm64-gnu/-/core-linux-arm64-gnu-1.12.9.tgz",
+            "integrity": "sha512-6qx1ka9LHcLzxIgn2Mros+CZLkHK2TawlXzi/h7DJeNnzi8F1Hw0Yzjp8WimxNCg6s2n+o3jnmin1oXB7gg8rw==",
             "cpu": [
                 "arm64"
             ],
-            "license": "Apache-2.0 AND MIT",
             "optional": true,
             "os": [
                 "linux"
@@ -5666,13 +5664,12 @@
             }
         },
         "node_modules/@swc/core-linux-x64-gnu": {
-            "version": "1.12.7",
-            "resolved": "https://registry.npmjs.org/@swc/core-linux-x64-gnu/-/core-linux-x64-gnu-1.12.7.tgz",
-            "integrity": "sha512-PR4tPVwU1BQBfFDk2XfzXxsEIjF3x/bOV1BzZpYvrlkU0TKUDbR4t2wzvsYwD/coW7/yoQmlL70/qnuPtTp1Zw==",
+            "version": "1.12.9",
+            "resolved": "https://registry.npmjs.org/@swc/core-linux-x64-gnu/-/core-linux-x64-gnu-1.12.9.tgz",
+            "integrity": "sha512-SFUxyhWLZRNL8QmgGNqdi2Q43PNyFVkRZ2zIif30SOGFSxnxcf2JNeSeBgKIGVgaLSuk6xFVVCtJ3KIeaStgRg==",
             "cpu": [
                 "x64"
             ],
-            "license": "Apache-2.0 AND MIT",
             "optional": true,
             "os": [
                 "linux"
@@ -5824,13 +5821,12 @@
             }
         },
         "node_modules/@swc/html-darwin-arm64": {
-            "version": "1.12.7",
-            "resolved": "https://registry.npmjs.org/@swc/html-darwin-arm64/-/html-darwin-arm64-1.12.7.tgz",
-            "integrity": "sha512-4rHV4lW8PXSc7YfJ/c9Cj0xZWSJArkD/Yuax4plH6f4VtEcEAluZI3ryBG3Vh4VawQ1RMkytPQ2S65BbCyDIXg==",
+            "version": "1.12.9",
+            "resolved": "https://registry.npmjs.org/@swc/html-darwin-arm64/-/html-darwin-arm64-1.12.9.tgz",
+            "integrity": "sha512-uQl0y9uOgqnYR6t+TgcwFeGv1TC48xHGBqw3MrOIQLc+tqavqhQsLkVEEz1yd1J0WW3cVAsNSQlbERiwQcXQXA==",
             "cpu": [
                 "arm64"
             ],
-            "license": "Apache-2.0 AND MIT",
             "optional": true,
             "os": [
                 "darwin"
@@ -5872,13 +5868,12 @@
             }
         },
         "node_modules/@swc/html-linux-arm64-gnu": {
-            "version": "1.12.7",
-            "resolved": "https://registry.npmjs.org/@swc/html-linux-arm64-gnu/-/html-linux-arm64-gnu-1.12.7.tgz",
-            "integrity": "sha512-z66ejXsSwI0mKyDhLimG74+xZyvSQCrceSZv9jLHa23sn/di+07M9njZrj3SQKGfHoJqXsN1iPqDpvkVajNb9Q==",
+            "version": "1.12.9",
+            "resolved": "https://registry.npmjs.org/@swc/html-linux-arm64-gnu/-/html-linux-arm64-gnu-1.12.9.tgz",
+            "integrity": "sha512-xX/S0galaqXMNc1olt1UOMcHXybDYGogGP90WheI6XD5zKVmbHdz9yU/nVeddZNUf5gZ011NCc5QSMB+2fh8EA==",
             "cpu": [
                 "arm64"
             ],
-            "license": "Apache-2.0 AND MIT",
             "optional": true,
             "os": [
                 "linux"
@@ -5904,13 +5899,12 @@
             }
         },
         "node_modules/@swc/html-linux-x64-gnu": {
-            "version": "1.12.7",
-            "resolved": "https://registry.npmjs.org/@swc/html-linux-x64-gnu/-/html-linux-x64-gnu-1.12.7.tgz",
-            "integrity": "sha512-5KFLil4ELKzCLjjvKpt+SMEU6uBDR/EL4e7eleybtYi1cU8Jzv0xnTvabsVDfpT8fsvJF3Mvach4F/ggH5+CDQ==",
+            "version": "1.12.9",
+            "resolved": "https://registry.npmjs.org/@swc/html-linux-x64-gnu/-/html-linux-x64-gnu-1.12.9.tgz",
+            "integrity": "sha512-9tRAsVsjjyEUFMH5uNrcLxb+5q0l2PCgTH7pe48hjcshKFoZamp1aiwvNnJMMBan3Ny9vFG5jKMJKG3ZkYPYxg==",
             "cpu": [
                 "x64"
             ],
-            "license": "Apache-2.0 AND MIT",
             "optional": true,
             "os": [
                 "linux"

website/package.json

@@ -75,15 +75,15 @@
         "typescript-eslint": "^8.35.1"
     },
     "optionalDependencies": {
-        "@rspack/binding-darwin-arm64": "1.4.1",
-        "@rspack/binding-linux-arm64-gnu": "1.4.1",
-        "@rspack/binding-linux-x64-gnu": "1.4.1",
-        "@swc/core-darwin-arm64": "1.12.7",
-        "@swc/core-linux-arm64-gnu": "1.12.7",
-        "@swc/core-linux-x64-gnu": "1.12.7",
-        "@swc/html-darwin-arm64": "1.12.7",
-        "@swc/html-linux-arm64-gnu": "1.12.7",
-        "@swc/html-linux-x64-gnu": "1.12.7",
+        "@rspack/binding-darwin-arm64": "1.4.2",
+        "@rspack/binding-linux-arm64-gnu": "1.4.2",
+        "@rspack/binding-linux-x64-gnu": "1.4.2",
+        "@swc/core-darwin-arm64": "1.12.9",
+        "@swc/core-linux-arm64-gnu": "1.12.9",
+        "@swc/core-linux-x64-gnu": "1.12.9",
+        "@swc/html-darwin-arm64": "1.12.9",
+        "@swc/html-linux-arm64-gnu": "1.12.9",
+        "@swc/html-linux-x64-gnu": "1.12.9",
         "lightningcss-darwin-arm64": "1.30.1",
         "lightningcss-linux-arm64-gnu": "1.30.1",
         "lightningcss-linux-x64-gnu": "1.30.1"

website/sidebars/docs.mjs

@@ -408,21 +408,9 @@ const items = [
                 type: "category",
                 label: "Interfaces",
                 items: [
-                    {
-                        type: "category",
-                        label: "Flow",
-                        items: ["customize/interfaces/flow/customization"],
-                    },
-                    {
-                        type: "category",
-                        label: "User",
-                        items: ["customize/interfaces/user/customization"],
-                    },
-                    {
-                        type: "category",
-                        label: "Admin",
-                        items: ["customize/interfaces/admin/customization"],
-                    },
+                    "customize/interfaces/flow/index",
+                    "customize/interfaces/user/index",
+                    "customize/interfaces/admin/index",
                 ],
             },
             {