This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/docs/releases/2023/v2023.2.md

9.5 KiB

title slug
Release 2023.2 /releases/2023.2

New features

  • Proxy provider logout improvements

    In previous versions, logging out of a single proxied application would only invalidate that application's session. Starting with this release, when logging out of a proxied application (via the /outpost.goauthentik.io/sign_out URL), all the users session within the outpost are terminated. Sessions in other outposts and with other protocols are unaffected.

  • UX Improvements

    As with the previous improvements, we've made a lot of minor improvements to the general authentik UX to make your life easier.

Upgrading

This release does not introduce any new requirements.

docker-compose

Download the docker-compose file for 2023.2 from here. Afterwards, simply run docker-compose up -d.

Kubernetes

Update your values to use the new images:

image:
    repository: ghcr.io/goauthentik/server
    tag: 2023.2.0

Minor changes/fixes

  • */saml: disable pretty_print, add signature tests
  • blueprints: don't update default tenant
  • blueprints: handle error when blueprint entry identifier field does not exist
  • core: delete session when user is set to inactive
  • core: fix inconsistent branding in end_session view
  • core: fix token's set_key accessing data incorrectly
  • events: improve sanitising for tuples and sets
  • events: prevent error when request fails without response
  • internal: fix cache-control header
  • providers/ldap: add unbind flow execution (#4484)
  • providers/ldap: fix error not being checked correctly when fetching users
  • providers/oauth2: add user id as "sub" mode
  • providers/oauth2: only set auth_time in ID token when a login event is stored in the session
  • providers/oauth2: optimise client credentials JWT database lookup (#4606)
  • providers/proxy: outpost wide logout implementation (#4605)
  • stages/authenticator_validate: fix error with passwordless webauthn login
  • stages/prompt: field name (#4497)
  • stages/prompt: fix mismatched name field in migration
  • stages/user_write: fix migration setting wrong value, fix form
  • web/admin: fix certificate filtering for SAML verification certificate
  • web/admin: fix dark theme for hover on tables
  • web/admin: fix token edit button
  • web/admin: rework event info page to show all event infos
  • web/elements: add dropdown css to DOM directly instead of including
  • web/elements: fix ak-expand not using correct font
  • web/elements: fix clashing page url param
  • web/elements: fix click propagation from modal into table
  • web/elements: improve codemirror contrast in dark theme
  • web/elements: make table rows clickable to select items
  • web/elements: persist table page in URL parameters
  • web/flows: improve handling of flow info
  • web/user: filter tokens by username
  • web/user: refactor loading of data in userinterface

API Changes

What's New


POST /admin/system/

What's Changed


POST /core/tokens/{identifier}/set_key/
GET /providers/oauth2/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property sub_mode (string)

      Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

      Added enum value:

      • user_id
PUT /providers/oauth2/{id}/
Request:

Changed content type : application/json

  • Changed property sub_mode (string)

    Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

    Added enum value:

    • user_id
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property sub_mode (string)

      Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

      Added enum value:

      • user_id
PATCH /providers/oauth2/{id}/
Request:

Changed content type : application/json

  • Changed property sub_mode (string)

    Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

    Added enum value:

    • user_id
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property sub_mode (string)

      Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

      Added enum value:

      • user_id
POST /providers/oauth2/
Request:

Changed content type : application/json

  • Changed property sub_mode (string)

    Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

    Added enum value:

    • user_id
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property sub_mode (string)

      Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

      Added enum value:

      • user_id
GET /providers/oauth2/
Parameters:

Changed: sub_mode in query

Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > OAuth2Provider Serializer

      • Changed property sub_mode (string)

        Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

        Added enum value:

        • user_id
GET /oauth2/authorization_codes/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property provider (object)

      OAuth2Provider Serializer

      • Changed property sub_mode (string)

        Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

        Added enum value:

        • user_id
GET /oauth2/refresh_tokens/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property provider (object)

      OAuth2Provider Serializer

      • Changed property sub_mode (string)

        Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

        Added enum value:

        • user_id
GET /oauth2/authorization_codes/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant

      • Changed property provider (object)

        OAuth2Provider Serializer

        • Changed property sub_mode (string)

          Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

          Added enum value:

          • user_id
GET /oauth2/refresh_tokens/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Serializer for BaseGrantModel and RefreshToken

      • Changed property provider (object)

        OAuth2Provider Serializer

        • Changed property sub_mode (string)

          Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

          Added enum value:

          • user_id
GET /stages/prompt/prompts/{prompt_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • name
    • Added property name (string)
PUT /stages/prompt/prompts/{prompt_uuid}/
Request:

Changed content type : application/json

New required properties:

  • name
  • Added property name (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • name
    • Added property name (string)
PATCH /stages/prompt/prompts/{prompt_uuid}/
Request:

Changed content type : application/json

  • Added property name (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • name
    • Added property name (string)
POST /stages/prompt/prompts/
Request:

Changed content type : application/json

New required properties:

  • name
  • Added property name (string)
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    New required properties:

    • name
    • Added property name (string)
GET /stages/prompt/prompts/
Parameters:

Added: name in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Prompt Serializer

      New required properties:

      • name
      • Added property name (string)