4 Releases published by 1 person

• version/2024.8.5 Release 2024.8.5

  published Nov 21, 2024

• version/2024.10.3 Release 2024.10.3

  published Nov 21, 2024

• version/2024.8.6 Release 2024.8.6

  published Nov 21, 2024

• version/2024.10.4 Release 2024.10.4

  published Nov 21, 2024

78 Pull requests merged by 9 people

• ci: mirror repo to internal repo

  #12160 merged Nov 22, 2024

• core: bump goauthentik.io/api/v3 from 3.2024102.2 to 3.2024104.1

  #12149 merged Nov 22, 2024

• core: bump debugpy from 1.8.8 to 1.8.9

  #12150 merged Nov 22, 2024

• core: bump webauthn from 2.2.0 to 2.3.0

  #12151 merged Nov 22, 2024

• core: bump pydantic from 2.10.0 to 2.10.1

  #12152 merged Nov 22, 2024

• translate: Updates for file web/xliff/en.xlf in zh_CN

  #12156 merged Nov 22, 2024

• translate: Updates for file web/xliff/en.xlf in zh-Hans

  #12157 merged Nov 22, 2024

• core: bump sentry-sdk from 2.18.0 to 2.19.0

  #12153 merged Nov 22, 2024

• web: bump API Client version

  #12147 merged Nov 22, 2024

• root: Backport version change

  #12146 merged Nov 22, 2024

• website/docs: update info about footer links to match new UI

  #12120 merged Nov 21, 2024

• website/docs: prepare release notes

  #12142 merged Nov 21, 2024

• providers/oauth2: fix migration (cherry-pick #12138)

  #12139 merged Nov 21, 2024

• providers/oauth2: fix migration (cherry-pick #12138)

  #12140 merged Nov 21, 2024

• providers/oauth2: fix migration

  #12138 merged Nov 21, 2024

• providers/oauth2: fix migration dependencies (cherry-pick #12123)

  #12132 merged Nov 21, 2024

• web: bump API Client version (cherry-pick #12129)

  #12130 merged Nov 21, 2024

• web: bump API Client version (cherry-pick #12129)

  #12131 merged Nov 21, 2024

• providers/oauth2: fix migration dependencies

  #12123 merged Nov 21, 2024

• web: bump API Client version

  #12129 merged Nov 21, 2024

• providers/oauth2: fix redirect uri input (cherry-pick #12122)

  #12128 merged Nov 21, 2024

• providers/oauth2: fix redirect uri input (cherry-pick #12122)

  #12127 merged Nov 21, 2024

• providers/proxy: fix redirect_uri (cherry-pick #12121)

  #12126 merged Nov 21, 2024

• providers/proxy: fix redirect_uri (cherry-pick #12121)

  #12125 merged Nov 21, 2024

• providers/oauth2: fix redirect uri input

  #12122 merged Nov 21, 2024

• providers/proxy: fix redirect_uri

  #12121 merged Nov 21, 2024

• website/docs: prepare release notes

  #12119 merged Nov 21, 2024

• web: bump API Client version

  #12118 merged Nov 21, 2024

• security: fix CVE 2024 52289

  #12113 merged Nov 21, 2024

• security: fix CVE 2024 52287 (cherry-pick #12114)

  #12117 merged Nov 21, 2024

• security: fix CVE 2024 52307

  #12115 merged Nov 21, 2024

• security: fix CVE 2024 52287

  #12114 merged Nov 21, 2024

• website/docs: add CSP to hardening (cherry-pick #11970)

  #12116 merged Nov 21, 2024

• website/docs: add CSP to hardening

  #11970 merged Nov 21, 2024

• core: bump uvicorn from 0.32.0 to 0.32.1

  #12103 merged Nov 21, 2024

• core: bump google-api-python-client from 2.153.0 to 2.154.0

  #12104 merged Nov 21, 2024

• core: bump pydantic from 2.9.2 to 2.10.0

  #12105 merged Nov 21, 2024

• translate: Updates for file locale/en/LC_MESSAGES/django.po in it

  #12110 merged Nov 21, 2024

• internal: add CSP header to files in /media (cherry-pick #12092)

  #12108 merged Nov 21, 2024

• internal: add CSP header to files in /media

  #12092 merged Nov 21, 2024

• core, web: update translations

  #12101 merged Nov 21, 2024

• web: fix bug that prevented error reporting in current wizard.

  #12033 merged Nov 20, 2024

• website/docs: group CVEs by year (cherry-pick #12099)

  #12100 merged Nov 20, 2024

• website/docs: group CVEs by year

  #12099 merged Nov 20, 2024

• root: check remote IP for proxy protocol same as HTTP/etc (cherry-pick #12094)

  #12097 merged Nov 20, 2024

• root: check remote IP for proxy protocol same as HTTP/etc

  #12094 merged Nov 20, 2024

• root: fix activation of locale not being scoped (cherry-pick #12091)

  #12096 merged Nov 20, 2024

• root: fix activation of locale not being scoped

  #12091 merged Nov 20, 2024

• providers/scim: accept string and int for SCIM IDs (cherry-pick #12093)

  #12095 merged Nov 20, 2024

• providers/scim: accept string and int for SCIM IDs

  #12093 merged Nov 20, 2024

• website: bump the docusaurus group in /website with 9 updates

  #12086 merged Nov 20, 2024

• core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link (cherry-pick #12080)

  #12081 merged Nov 19, 2024

• core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link

  #12080 merged Nov 19, 2024

• translate: Updates for file locale/en/LC_MESSAGES/django.po in de

  #12079 merged Nov 19, 2024

• scripts: remove read_replicas from generated dev config

  #12078 merged Nov 19, 2024

• core: bump geoip2 from 4.8.0 to 4.8.1

  #12071 merged Nov 19, 2024

• core: bump goauthentik.io/api/v3 from 3.2024100.2 to 3.2024102.2

  #12072 merged Nov 19, 2024

• core: bump maxmind/geoipupdate from v7.0.1 to v7.1.0

  #12073 merged Nov 19, 2024

• translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN

  #12074 merged Nov 19, 2024

• translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans

  #12075 merged Nov 19, 2024

• translate: Updates for file web/xliff/en.xlf in zh-Hans

  #12076 merged Nov 19, 2024

• translate: Updates for file web/xliff/en.xlf in zh_CN

  #12077 merged Nov 19, 2024

• web/admin: auto-prefill user path for new users based on selected path

  #12070 merged Nov 19, 2024

• core: bump aiohttp from 3.10.2 to 3.10.11

  #12069 merged Nov 19, 2024

• web/admin: fix brand title not respected in application list

  #12068 merged Nov 18, 2024

• core: bump pyjwt from 2.9.0 to 2.10.0

  #12063 merged Nov 18, 2024

• web: add italian locale

  #11958 merged Nov 18, 2024

• web/admin: better footer links

  #12004 merged Nov 18, 2024

• core, web: update translations

  #12052 merged Nov 18, 2024

• core: bump twilio from 9.3.6 to 9.3.7

  #12061 merged Nov 18, 2024

• core: bump ruff from 0.7.3 to 0.7.4

  #12062 merged Nov 18, 2024

• core: bump setproctitle from 1.3.3 to 1.3.4

  #12064 merged Nov 18, 2024

• core: bump channels from 4.1.0 to 4.2.0

  #12065 merged Nov 18, 2024

• core: bump coverage from 7.6.5 to 7.6.7

  #12066 merged Nov 18, 2024

• core: bump channels-redis from 4.2.0 to 4.2.1

  #12067 merged Nov 18, 2024

• website: bump cross-spawn from 7.0.3 to 7.0.5 in /website

  #12060 merged Nov 18, 2024

• web: bump API Client version

  #12059 merged Nov 18, 2024

• core: add support to set policy bindings in transactional endpoint

  #10399 merged Nov 17, 2024

13 Pull requests opened by 10 people

• sources/ldap: add rate limit delay, increase timeouts, add request to-restart

  #12056 opened Nov 17, 2024

• website/docs: install: add aws

  #12082 opened Nov 19, 2024

• providers/oauth2: Add provider federation between OAuth2 Providers

  #12083 opened Nov 19, 2024

• core: app entitlements

  #12090 opened Nov 20, 2024

• root: maintenance: upgrade openapi generator

  #12098 opened Nov 20, 2024

• translate: Updates for file web/xliff/en.xlf in it

  #12111 opened Nov 21, 2024

• website/docs: Fix CSP syntax

  #12124 opened Nov 21, 2024

• web/flows: disambiguate brand links codeblock

  #12141 opened Nov 21, 2024

• web: table-driven executor for flow

  #12144 opened Nov 21, 2024

• core, web: update translations

  #12145 opened Nov 22, 2024

• website/integrations: added hoarder integration

  #12161 opened Nov 22, 2024

• core: bump tornado from 6.4.1 to 6.4.2

  #12165 opened Nov 22, 2024

• website/docs: add . in https://netbird.company*

  #12166 opened Nov 23, 2024

14 Issues closed by 7 people

• proxy-outpost crashes with "panic: repeated read on failed websocket connection"

  #11090 closed Nov 23, 2024

• Bug in the Redirect URIs/Origins field box

  #12155 closed Nov 22, 2024

• GET /api/v3/flows/executor/recovery/

  #12143 closed Nov 21, 2024

• Error Redirect URI after update from 2024.10.2 to 2024.10.3

  #12137 closed Nov 21, 2024

• Redirect URI Error in 2024.10.3 The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri).

  #12136 closed Nov 21, 2024

• Incorrect redirect url migration for outposts

  #12135 closed Nov 21, 2024

• authentik tells the user what's wrong when creating an application with the wizard

  #11977 closed Nov 21, 2024

• A user who sets their locale will change the entire authentik runtime language.

  #12088 closed Nov 20, 2024

• GET /api/v3/flows/executor/hyvecloud-authorization-implicit-consent/

  #12084 closed Nov 20, 2024

• ldap_sync shows last synced with "[object Object]" with no further error details

  #9795 closed Nov 19, 2024

• Authentik keeps requesting to login after successful login

  #9865 closed Nov 19, 2024

• Theme: authentik theme is affected by the os/browser theme

  #9896 closed Nov 19, 2024

• Problem with CloudFlare Turnstile

  #12058 closed Nov 18, 2024

• Default Authentication flow don't load when Arr Sevices set to Authentication popup

  #12057 closed Nov 17, 2024

15 Issues opened by 14 people

• Validation Errors in authentik-client Python Library Due to API Returning Null Values for String Fields

  #12164 opened Nov 22, 2024

• Error trying to impersonate

  #12163 opened Nov 22, 2024

• LDAP cant get TLS (ldaps:https://) to work

  #12162 opened Nov 22, 2024

• Missing CORS header: Cannot perform an API request - can I configure allowed origins?

  #12159 opened Nov 22, 2024

• Dynamic role assignment in AWS

  #12158 opened Nov 22, 2024

• Authentik requires public schema

  #12154 opened Nov 22, 2024

• gibberish output for 404 in /static/

  #12148 opened Nov 22, 2024

• Extend management commands to support "targeted" LDAP sync

  #12134 opened Nov 21, 2024

• Generated token link not working

  #12112 opened Nov 21, 2024

• Authentik and Redis disconnect 30 seconds after Authentik is brought online.

  #12107 opened Nov 21, 2024

• Error with no explanation while saving a new provider with the same slug as an already existing

  #12106 opened Nov 21, 2024

• Brand logo on S3

  #12089 opened Nov 20, 2024

• User gets 405 Method not allowed, when logging in using Okta SAML, while having an active session

  #12087 opened Nov 20, 2024

• Restrict app passwords / tokens for specific application

  #12085 opened Nov 20, 2024

• Wrong permissions getting set via Role Object Permissions

  #12055 opened Nov 16, 2024

26 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• website/integrations: add Aruba Orchestrator

  #12027 commented on Nov 22, 2024 • 13 new comments

• website/integrations: add The Lounge

  #11971 commented on Nov 22, 2024 • 4 new comments

• web/admin: bugfix: dual select initialization revision

  #12051 commented on Nov 22, 2024 • 0 new comments

• web: applications: redirect user on application rename

  #11981 commented on Nov 20, 2024 • 0 new comments

• website/integrations: mastodon: set correct uid field

  #11945 commented on Nov 20, 2024 • 0 new comments

• providers/ldap: set password_change_date in check_pwd_last_set to avoid loop ending user sessions

  #11913 commented on Nov 18, 2024 • 0 new comments

• website/integrations: proxmox: cleanup guide

  #11894 commented on Nov 20, 2024 • 0 new comments

• web/admin: replace wizard provider forms with those from provider, eliminating duplication, and provide comprehensive unit tests.

  #11856 commented on Nov 22, 2024 • 0 new comments

• core: bump goauthentik/fips-python from 3.12.7-slim-bookworm-fips-full to 3.13.0-slim-bookworm-fips-full

  #11687 commented on Nov 19, 2024 • 0 new comments

• web/admin: add application bindings to the application wizard

  #11462 commented on Nov 22, 2024 • 0 new comments

• root: fix 100% CPU for worker container (#7025)

  #7762 commented on Nov 17, 2024 • 0 new comments

• Forward auth with HAProxy

  #5768 commented on Nov 23, 2024 • 0 new comments

• POST /application/o/token/ Authentication loop

  #11967 commented on Nov 22, 2024 • 0 new comments

• New install: Not Found on https://<ip>:9000/if/flow/initial-setup/

  #11046 commented on Nov 22, 2024 • 0 new comments

• Creating application or provider via core API causes validation errors

  #9787 commented on Nov 22, 2024 • 0 new comments

• Azure AD enrollment not working

  #11746 commented on Nov 22, 2024 • 0 new comments

• Logging out from authentik should invalidate sessions of proxied applications

  #2023 commented on Nov 22, 2024 • 0 new comments

• SCIM Group Filtering

  #6065 commented on Nov 21, 2024 • 0 new comments

• Error 400 on Forward Auth (domain level) via Outpost

  #10848 commented on Nov 21, 2024 • 0 new comments

• 404 errors for Flows on compose/development environment

  #10487 commented on Nov 21, 2024 • 0 new comments

• Worker won't reconnect to Redis after a connection drop

  #9252 commented on Nov 21, 2024 • 0 new comments

• application/o/authorize endpoint missing CORS headers

  #10057 commented on Nov 20, 2024 • 0 new comments

• Reopen: Outpost Controller task (and thus respective pods) not starting when Authentik is started with helm chart (#9574)

  #9678 commented on Nov 20, 2024 • 0 new comments

• Bug Report: "Not you?" Button Cancels Authentication Flow for Applications

  #9965 commented on Nov 20, 2024 • 0 new comments

• Compound LDAP searches fail

  #11880 commented on Nov 19, 2024 • 0 new comments

• Yubikey without pin fails to log in

  #11369 commented on Nov 18, 2024 • 0 new comments