website/docs: add missing docs for #2828
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
b7979ad48e
commit
6460245d5e
|
@ -21,7 +21,15 @@ Using the `Not configured action`, you can choose what happens when a user does
|
|||
By default, authenticator validation is required every time the flow containing this stage is executed. To only change this behavior, set _Last validation threshold_ to a non-zero value. (Requires authentik 2022.5)
|
||||
Keep in mind that when using Code-based devices (TOTP, Static and SMS), values lower than `seconds=30` cannot be used, as with the way TOTP devices are saved, there is no exact timestamp.
|
||||
|
||||
## Passwordless authentication
|
||||
### Less-frequent validation
|
||||
|
||||
:::info
|
||||
Requires authentik 2022.5.1
|
||||
:::
|
||||
|
||||
You can configure this stage to only ask for MFA validation if the user hasn't authenticated themselves within a defined time period. To configure this, set _Last validation threshold_ to any non-zero value. Any of the users devices within the selected classes are checked.
|
||||
|
||||
### Passwordless authentication
|
||||
|
||||
:::info
|
||||
Requires authentik 2021.12.4
|
||||
|
@ -37,7 +45,7 @@ As final stage, bind a _User login_ stage.
|
|||
|
||||
Users can either access this flow directly via it's URL, or you can modify any Identification stage to add a direct link to this flow.
|
||||
|
||||
#### Logging
|
||||
### Logging
|
||||
|
||||
Logins which used Passwordless authentication have the _auth_method_ context variable set to `auth_webauthn_pwl`, and the device used is saved in the arguments. Example:
|
||||
|
||||
|
|
|
@ -22,6 +22,10 @@ slug: "2022.5"
|
|||
See [LDAP provider](../providers/ldap.md#cached-bind)
|
||||
|
||||
- OAuth2: Add support for `form_post` response mode
|
||||
- Don't prompt users for MFA when they've authenticated themselves within a time period
|
||||
|
||||
You can now configure any [Authenticator Validation Stage](../flow/stages/authenticator_validate/index.md) stage to not ask for MFA validation if the user has previously authenticated themselves with an MFA device (of any of the selected classes) in the `Last validation threshold`.
|
||||
|
||||
- Optimise bundling of web assets
|
||||
|
||||
Previous versions had the entire frontend bundled in a single file (per interface). This has been revamped to produce smaller bundle sizes for each interface to improve the loading times.
|
||||
|
|
Reference in New Issue