authentik/website/docs/releases/v2021.12.md

---
title: Release 2021.12
slug: "2021.12"
---

## Headline changes

This release does not have any headline features, and mostly fixes bugs.

## Breaking changes

- stages/prompt: Before 2021.12, any policy was required to pass for the result to be considered valid. This has been changed, and now all policies are required to be valid.

## Minor changes

- core: make defaults for _change_email and _change_username configurable
- core: remove dump_config, handle directly in config loader without booting django, don't check database
- events: add gdpr_compliance option
- internal: fix integrated docs not working
- internal: use runserver when debug for code reload
- lib: add cli option for lib.config
- lib: add improved log to sentry events being sent
- lib: fix custom URL schemes being overwritten
- lib: load json strings in config env variables
- lib: log error for file:// in config
- lifecycle: allow custom worker count in k8s
- lifecycle: improve backup restore by dropping database before
- lifecycle: improve redis connection debug py printing full URL
- outpost: configure error reporting based off of main instance config
- outposts: don't panic when listening for metrics fails
- outposts: reload on signal USR1, fix display of reload offset
- outposts/ldap: copy boundUsers map when running refresh instead of using blank map
- outposts/ldap: fix panic when attempting to update without locked users mutex
- outposts/proxy: continue compiling additional regexes even when one fails
- outposts/proxy: show better error when hostname isn't configured
- outposts/proxy: use disableIndex for static files
- policies/expression: fix ak_user_has_authenticator evaluation when not specifying optional device_type (#1849)
- providers/saml: fix SessionNotOnOrAfter not being included
- root: add lifespan shim to prevent errors
- root: fix settings for managed not loaded
- root: make sentry sample rate configurable
- stages/authenticator_validate: catch error when attempting to configure user without flow
- stages/email: fix missing component in response when retrying email send
- stages/email: minify email css template
- stages/email: prevent error with duplicate token
- web: improve dark theme for vertical tabs
- web: only show applications with http link
- web/admin: allow flow edit on flow view page
- web/admin: fix actions column on ip reputation page
- web/admin: fix Forms with file uploads not handling errors correctly
- web/admin: make object view pages more consistent
- web/admin: make user clickable for bound policies list
- web/admin: redesign provider pages to provide more info
- web/admin: show changelog on user info page
- web/admin: unify rendering and sorting of user lists
- web/elements: add new API to store attributes in URL, use for table and tabs
- web/elements: allow app.model names for ak-object-changelog
- web/elements: allow multiple tabs with different state
- web/flows: fix spinner during webauthn not centred
- web/flows: update default background
- web/user: fix filtering for applications based on launchURL
- web/user: fix height issues on user interface

## Fixed in 2021.12.1-rc2

- *: don't use go embed to make using custom files easier
- crypto: add certificate discovery to automatically import certificates from lets encrypt
- crypto: fix default API not having an ordering
- outposts: always trigger outpost reconcile on startup
- outposts/ldap: Rework/improve LDAP search logic. (#1687)
- outposts/proxy: make logging fields more consistent
- outposts/proxy: re-add rs256 support
- providers/proxy: fix defaults for traefik integration
- providers/proxy: use wildcard for traefik headers copy
- providers/saml: fix error when using post bindings and user freshly logged in
- providers/saml: fix IndexError in signature check
- sources/ldap: add optional tls verification certificate
- sources/ldap: allow multiple server URIs for loadbalancing and failover
- sources/ldap: don't cache LDAP Connection, use random server
- sources/ldap: handle typeerror during creation of objects when using wrong keyword params
- sources/plex: fix plex token being included in event log
- stages/prompt: fix error when both default and required are set
- web/admin: add spinner to table refresh button to show progress
- web/admin: don't show disabled http basic as red
- web/admin: fix wrong description for reputation policy
- web/flows: fix linting errors
- web/flows: Revise duo authenticator login prompt text (#1872)

## Upgrading

This release does not introduce any new requirements.

### docker-compose

Download the docker-compose file for 2021.12 from [here](https://goauthentik.io/version/2021.12/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.

### Kubernetes

Update your values to use the new images:

```yaml
image:
  repository: goauthentik.io/server
  tag: 2021.12.1-rc1
```
website/docs: add v2021.12 release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-12-01 12:23:55 +00:00			`---`
			`title: Release 2021.12`
			`slug: "2021.12"`
			`---`

stages/prompt: use policyenginemode all Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-12-09 08:39:37 +00:00			`## Headline changes`
website/docs: add v2021.12 release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-12-01 12:23:55 +00:00
			`This release does not have any headline features, and mostly fixes bugs.`

stages/prompt: use policyenginemode all Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-12-09 08:39:37 +00:00			`## Breaking changes`

			`- stages/prompt: Before 2021.12, any policy was required to pass for the result to be considered valid. This has been changed, and now all policies are required to be valid.`

website/docs: add v2021.12 release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-12-01 12:23:55 +00:00			`## Minor changes`

			`- core: make defaults for _change_email and _change_username configurable`
			`- core: remove dump_config, handle directly in config loader without booting django, don't check database`
			`- events: add gdpr_compliance option`
			`- internal: fix integrated docs not working`
			`- internal: use runserver when debug for code reload`
			`- lib: add cli option for lib.config`
			`- lib: add improved log to sentry events being sent`
			`- lib: fix custom URL schemes being overwritten`
			`- lib: load json strings in config env variables`
			`- lib: log error for file:// in config`
			`- lifecycle: allow custom worker count in k8s`
			`- lifecycle: improve backup restore by dropping database before`
			`- lifecycle: improve redis connection debug py printing full URL`
			`- outpost: configure error reporting based off of main instance config`
			`- outposts: don't panic when listening for metrics fails`
			`- outposts: reload on signal USR1, fix display of reload offset`
			`- outposts/ldap: copy boundUsers map when running refresh instead of using blank map`
			`- outposts/ldap: fix panic when attempting to update without locked users mutex`
			`- outposts/proxy: continue compiling additional regexes even when one fails`
			`- outposts/proxy: show better error when hostname isn't configured`
			`- outposts/proxy: use disableIndex for static files`
			`- policies/expression: fix ak_user_has_authenticator evaluation when not specifying optional device_type (#1849)`
			`- providers/saml: fix SessionNotOnOrAfter not being included`
			`- root: add lifespan shim to prevent errors`
			`- root: fix settings for managed not loaded`
			`- root: make sentry sample rate configurable`
			`- stages/authenticator_validate: catch error when attempting to configure user without flow`
			`- stages/email: fix missing component in response when retrying email send`
			`- stages/email: minify email css template`
			`- stages/email: prevent error with duplicate token`
			`- web: improve dark theme for vertical tabs`
			`- web: only show applications with http link`
			`- web/admin: allow flow edit on flow view page`
			`- web/admin: fix actions column on ip reputation page`
			`- web/admin: fix Forms with file uploads not handling errors correctly`
			`- web/admin: make object view pages more consistent`
			`- web/admin: make user clickable for bound policies list`
			`- web/admin: redesign provider pages to provide more info`
			`- web/admin: show changelog on user info page`
			`- web/admin: unify rendering and sorting of user lists`
			`- web/elements: add new API to store attributes in URL, use for table and tabs`
			`- web/elements: allow app.model names for ak-object-changelog`
			`- web/elements: allow multiple tabs with different state`
			`- web/flows: fix spinner during webauthn not centred`
			`- web/flows: update default background`
			`- web/user: fix filtering for applications based on launchURL`
			`- web/user: fix height issues on user interface`

webiste/docs: add 2021.12.1-rc2 release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-12-04 19:03:26 +00:00			`## Fixed in 2021.12.1-rc2`

			`- *: don't use go embed to make using custom files easier`
			`- crypto: add certificate discovery to automatically import certificates from lets encrypt`
			`- crypto: fix default API not having an ordering`
			`- outposts: always trigger outpost reconcile on startup`
			`- outposts/ldap: Rework/improve LDAP search logic. (#1687)`
			`- outposts/proxy: make logging fields more consistent`
			`- outposts/proxy: re-add rs256 support`
			`- providers/proxy: fix defaults for traefik integration`
			`- providers/proxy: use wildcard for traefik headers copy`
			`- providers/saml: fix error when using post bindings and user freshly logged in`
			`- providers/saml: fix IndexError in signature check`
			`- sources/ldap: add optional tls verification certificate`
			`- sources/ldap: allow multiple server URIs for loadbalancing and failover`
			`- sources/ldap: don't cache LDAP Connection, use random server`
			`- sources/ldap: handle typeerror during creation of objects when using wrong keyword params`
			`- sources/plex: fix plex token being included in event log`
			`- stages/prompt: fix error when both default and required are set`
			`- web/admin: add spinner to table refresh button to show progress`
			`- web/admin: don't show disabled http basic as red`
			`- web/admin: fix wrong description for reputation policy`
			`- web/flows: fix linting errors`
			`- web/flows: Revise duo authenticator login prompt text (#1872)`
website/docs: add v2021.12 release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-12-01 12:23:55 +00:00
			`## Upgrading`

			`This release does not introduce any new requirements.`

			`### docker-compose`

			Download the docker-compose file for 2021.12 from [here](https://goauthentik.io/version/2021.12/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.

			`### Kubernetes`

			`Update your values to use the new images:`

			```yaml
			`image:`
			`repository: goauthentik.io/server`
			`tag: 2021.12.1-rc1`
			```