2023-02-02 20:18:59 +00:00
---
title: Release 2023.2
slug: "/releases/2023.2"
---
## New features
- Proxy provider logout improvements
In previous versions, logging out of a single proxied application would only invalidate that application's session. Starting with this release, when logging out of a proxied application (via the _/outpost.goauthentik.io/sign_out_ URL), all the users session within the outpost are terminated. Sessions in other outposts and with other protocols are unaffected.
2023-02-07 21:52:29 +00:00
- UX Improvements
As with the previous improvements, we've made a lot of minor improvements to the general authentik UX to make your life easier.
2023-02-02 20:18:59 +00:00
## Upgrading
This release does not introduce any new requirements.
### docker-compose
Download the docker-compose file for 2023.2 from [here ](https://goauthentik.io/version/2023.2/docker-compose.yml ). Afterwards, simply run `docker-compose up -d` .
### Kubernetes
Update your values to use the new images:
```yaml
image:
repository: ghcr.io/goauthentik/server
tag: 2023.2.0
```
## Minor changes/fixes
2023-02-07 21:52:29 +00:00
- \*/saml: disable pretty_print, add signature tests
- blueprints: don't update default tenant
- blueprints: handle error when blueprint entry identifier field does not exist
- core: delete session when user is set to inactive
- core: fix inconsistent branding in end_session view
- core: fix token's set_key accessing data incorrectly
- events: improve sanitising for tuples and sets
- events: prevent error when request fails without response
- internal: fix cache-control header
- providers/ldap: add unbind flow execution (#4484)
- providers/ldap: fix error not being checked correctly when fetching users
- providers/oauth2: add user id as "sub" mode
- providers/oauth2: only set auth_time in ID token when a login event is stored in the session
- providers/oauth2: optimise client credentials JWT database lookup (#4606)
- providers/proxy: outpost wide logout implementation (#4605)
- stages/authenticator_validate: fix error with passwordless webauthn login
- stages/prompt: field name (#4497)
- stages/prompt: fix mismatched name field in migration
- stages/user_write: fix migration setting wrong value, fix form
- web/admin: fix certificate filtering for SAML verification certificate
- web/admin: fix dark theme for hover on tables
- web/admin: fix token edit button
- web/admin: rework event info page to show all event infos
- web/elements: add dropdown css to DOM directly instead of including
- web/elements: fix ak-expand not using correct font
- web/elements: fix clashing page url param
- web/elements: fix click propagation from modal into table
- web/elements: improve codemirror contrast in dark theme
- web/elements: make table rows clickable to select items
- web/elements: persist table page in URL parameters
- web/flows: improve handling of flow info
- web/user: filter tokens by username
- web/user: refactor loading of data in userinterface
2023-02-02 20:18:59 +00:00
## API Changes
2023-02-07 21:52:29 +00:00
#### What's New
---
##### `POST` /admin/system/
#### What's Changed
---
##### `POST` /core/tokens/{identifier}/set_key/
##### `GET` /providers/oauth2/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `PUT` /providers/oauth2/{id}/
###### Request:
Changed content type : `application/json`
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `PATCH` /providers/oauth2/{id}/
###### Request:
Changed content type : `application/json`
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `POST` /providers/oauth2/
###### Request:
Changed content type : `application/json`
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
###### Return Type:
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /providers/oauth2/
###### Parameters:
Changed: `sub_mode` in `query`
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > OAuth2Provider Serializer
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /oauth2/authorization_codes/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /oauth2/refresh_tokens/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /oauth2/authorization_codes/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /oauth2/refresh_tokens/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Changed property `sub_mode` (string)
> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Added enum value:
- `user_id`
##### `GET` /stages/prompt/prompts/{prompt_uuid}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `name`
* Added property `name` (string)
##### `PUT` /stages/prompt/prompts/{prompt_uuid}/
###### Request:
Changed content type : `application/json`
New required properties:
- `name`
* Added property `name` (string)
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `name`
* Added property `name` (string)
##### `PATCH` /stages/prompt/prompts/{prompt_uuid}/
###### Request:
Changed content type : `application/json`
- Added property `name` (string)
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
New required properties:
- `name`
* Added property `name` (string)
##### `POST` /stages/prompt/prompts/
###### Request:
Changed content type : `application/json`
New required properties:
- `name`
* Added property `name` (string)
###### Return Type:
Changed response : **201 Created**
- Changed content type : `application/json`
New required properties:
- `name`
* Added property `name` (string)
##### `GET` /stages/prompt/prompts/
###### Parameters:
Added: `name` in `query`
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Prompt Serializer
New required properties:
- `name`
* Added property `name` (string)