authentik/website/docs/releases/2022/v2022.4.md

---
title: Release 2022.4
slug: "/releases/2022.4"
---

## Breaking changes

-   Removal of HTTP Basic authentication for API requests

    For legacy reasons, authentik used to support HTTP-Basic authenticated requests, using the token as a password. This has been removed.

-   Removal of deprecated context in Expression policies used in prompt stages

    Before this version, you could use both `context['*field_name*']` and `context['prompt_data']['*field_name*']`. The former one has been removed as it could overwrite other data in the context if the field name is the same as another context value.

-   Added name field for invitations

    Invitations now require a name, used to better identify their purpose.

## New features

-   Application Grouping

    Applications can now be grouped together to better organise connected applications in the user dashboard.

-   JWT authentication for `client_credentials` grants

    Providers can now be configured to accept JWTs signed by configured certificates, which makes it a lot easier to services access to authentik, when an existing machine/service identity is provided (for example, this can be used to let Kubernetes Pods authenticate themselves to authentik via their service account)

## Minor changes/fixes

-   core: add method to set key of token
-   core: add num_pk to group for applications that need a numerical group id
-   internal: disable HTML encoding in go-generated log messages
-   lifecycle: fix password and hostname in redis URI not properly quoted
-   outposts: check if docker ports should be mapped before comparing ports
-   policies: add policy log messages to test endpoints
-   providers/oauth2: map internal groups to GitHub teams in GHE OAuth emulation (#2497)
-   providers/oauth2: pass scope and other parameters to access policy request context
-   stages/email: allow overriding of destination email in plan context
-   stages/invitation: add invitation name
-   stages/prompt: filter rest_framework.fields.empty when field is not required
-   stages/prompt: fix non-required fields not allowing blank values
-   stages/prompt: set field default based on placeholder
-   tenants: add tenant-level attributes, applied to users based on request
-   web: live-convert to slug in fields where only slugs are allowed
-   web: migrate dropdowns to wizards (#2633)
-   web/admin: allow editing of invitations
-   web/admin: fix missing protocols on generated nginx config
-   web/admin: trigger update when provider wizard finishes
-   web/user: add column layouts

## Upgrading

This release does not introduce any new requirements.

### docker-compose

Download the docker-compose file for 2022.4 from [here](https://goauthentik.io/version/2022.4/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.

### Kubernetes

Update your values to use the new images:

```yaml
image:
    repository: ghcr.io/goauthentik/server
    tag: 2022.4.1
```
website/docs: prepare 2022.4 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-03-30 21:43:36 +00:00			`---`
			`title: Release 2022.4`
providers/saml: initial SLO implementation (#2346) * providers/saml: initial SLO implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add logout request tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add tests for POST SLO Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * matrix e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix import Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * set e2e matrix name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * separate oidc and oauth tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add basic saml slo e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add better metadata download url Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * kinda prepare release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sort releases into folders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add slo urls to website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix linking Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2023-01-04 18:45:31 +00:00			`slug: "/releases/2022.4"`
website/docs: prepare 2022.4 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-03-30 21:43:36 +00:00			`---`

			`## Breaking changes`

website: format docs with prettier (#2833) * run prettier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add scim to comparison Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-05-09 19:22:41 +00:00			`- Removal of HTTP Basic authentication for API requests`
website/docs: prepare 2022.4 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-03-30 21:43:36 +00:00
website: format docs with prettier (#2833) * run prettier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add scim to comparison Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-05-09 19:22:41 +00:00			`For legacy reasons, authentik used to support HTTP-Basic authenticated requests, using the token as a password. This has been removed.`
website/docs: prepare 2022.4 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-03-30 21:43:36 +00:00
website: format docs with prettier (#2833) * run prettier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add scim to comparison Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-05-09 19:22:41 +00:00			`- Removal of deprecated context in Expression policies used in prompt stages`
website/docs: add missing breaking change in prompt stages Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-04-29 19:19:51 +00:00
website: format docs with prettier (#2833) * run prettier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add scim to comparison Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-05-09 19:22:41 +00:00			Before this version, you could use both `context['field_name']` and `context['prompt_data']['field_name']`. The former one has been removed as it could overwrite other data in the context if the field name is the same as another context value.
website/docs: add missing breaking change in prompt stages Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-04-29 19:19:51 +00:00
website/docs: fix missing new name attribute for invitations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-05-16 18:40:24 +00:00			`- Added name field for invitations`

			`Invitations now require a name, used to better identify their purpose.`

website/docs: prepare 2022.4 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-03-30 21:43:36 +00:00			`## New features`

website: format docs with prettier (#2833) * run prettier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add scim to comparison Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-05-09 19:22:41 +00:00			`- Application Grouping`
core: add grouping to applications (#2648) * core: add grouping to applications Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add new field to tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-04-02 21:08:58 +00:00
website: format docs with prettier (#2833) * run prettier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add scim to comparison Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-05-09 19:22:41 +00:00			`Applications can now be grouped together to better organise connected applications in the user dashboard.`
core: add grouping to applications (#2648) * core: add grouping to applications Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add new field to tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-04-02 21:08:58 +00:00
website: format docs with prettier (#2833) * run prettier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add scim to comparison Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-05-09 19:22:41 +00:00			- JWT authentication for `client_credentials` grants
website/docs: prepare 2022.4 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-03-30 21:43:36 +00:00
website: format docs with prettier (#2833) * run prettier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add scim to comparison Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-05-09 19:22:41 +00:00			`Providers can now be configured to accept JWTs signed by configured certificates, which makes it a lot easier to services access to authentik, when an existing machine/service identity is provided (for example, this can be used to let Kubernetes Pods authenticate themselves to authentik via their service account)`
website/docs: prepare 2022.4 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-03-30 21:43:36 +00:00
			`## Minor changes/fixes`

website: format docs with prettier (#2833) * run prettier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add scim to comparison Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-05-09 19:22:41 +00:00			`- core: add method to set key of token`
			`- core: add num_pk to group for applications that need a numerical group id`
			`- internal: disable HTML encoding in go-generated log messages`
			`- lifecycle: fix password and hostname in redis URI not properly quoted`
			`- outposts: check if docker ports should be mapped before comparing ports`
			`- policies: add policy log messages to test endpoints`
			`- providers/oauth2: map internal groups to GitHub teams in GHE OAuth emulation (#2497)`
			`- providers/oauth2: pass scope and other parameters to access policy request context`
			`- stages/email: allow overriding of destination email in plan context`
			`- stages/invitation: add invitation name`
			`- stages/prompt: filter rest_framework.fields.empty when field is not required`
			`- stages/prompt: fix non-required fields not allowing blank values`
			`- stages/prompt: set field default based on placeholder`
			`- tenants: add tenant-level attributes, applied to users based on request`
			`- web: live-convert to slug in fields where only slugs are allowed`
			`- web: migrate dropdowns to wizards (#2633)`
			`- web/admin: allow editing of invitations`
			`- web/admin: fix missing protocols on generated nginx config`
			`- web/admin: trigger update when provider wizard finishes`
			`- web/user: add column layouts`
website/docs: prepare 2022.4 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-04-11 18:54:16 +00:00
website/docs: prepare 2022.4 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-03-30 21:43:36 +00:00			`## Upgrading`

			`This release does not introduce any new requirements.`

			`### docker-compose`

			Download the docker-compose file for 2022.4 from [here](https://goauthentik.io/version/2022.4/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.

			`### Kubernetes`

			`Update your values to use the new images:`

			```yaml
			`image:`
website: format docs with prettier (#2833) * run prettier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add scim to comparison Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-05-09 19:22:41 +00:00			`repository: ghcr.io/goauthentik/server`
			`tag: 2022.4.1`
website/docs: prepare 2022.4 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-03-30 21:43:36 +00:00			```