This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/docs/releases/2023/v2023.4.md
Jens L c08c849fec
website: fix doc build (#5242)
* ci: run both builds

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix build

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-13 17:20:44 +02:00

1952 lines
76 KiB
Markdown

---
title: Release 2023.4 - RADIUS support
slug: "/releases/2023.4"
---
## New features
- RADIUS support
:::info
This feature is still in technical preview, so please report any Bugs you run into on [GitHub](https://github.com/goauthentik/authentik/issues).
:::
authentik now supports the [RADIUS protocol](https://en.wikipedia.org/wiki/RADIUS) for authentication, allowing for the integration of a wider variety of systems such as VPN software, network switches/routers, and others.
The RADIUS provider also uses a flow to authenticate users, and supports the same stages as the [LDAP Provider](../../../docs/providers/ldap/index.md).
Documentation: [RADIUS Provider](../../../docs/providers/radius/index.md)
- Decreased CPU usage for workers
Previously, authentik used a method to ensure that the worker containers are running correctly called "pinging", which would send a request to the worker and ensure it was processed correctly. This however used a lot of resources every time the health check ran. We've switched to a simpler method, one that will reduce CPU and memory usage (only affects Docker-Compose).
- Configurable authentication flow for providers
It is now possible to configure the authentication flow per provider. This configured flow will be used when an un-authenticated user tries to access the application the provider is used with. If no flow is set on a provider, the default authentication flow configured on the tenant will be used.
- "Stay logged in" prompt
In the [User login stage](../../../docs/flow/stages/user_login/index.md), an admin can use the new "Stay Logged In" option to add additional minutes or hours to the defined `session duration` value. When this "Stay Logged In" offset time is configured, the user logging in is presented with a prompt asking if they want to extend their session.
- Prompt preview
When creating a single prompt for use with a [Prompt stage](../../../docs/flow/stages/prompt/index.md), a live preview of the prompt is now shown. This makes it easier to test how a prompt will behave, and also shows what data it will send, and how it will be available in the flow context.
## Upgrading
This release does not introduce any new requirements.
### docker-compose
Download the docker-compose file for 2023.4 from [here](https://goauthentik.io/version/2023.4/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.
### Kubernetes
Update your values to use the new images:
```yaml
image:
repository: ghcr.io/goauthentik/server
tag: 2023.4.0
```
## Minor changes/fixes
- \*: load websocket paths similarly to URLs (#5018)
- blueprints: allow setting of token key in blueprint context (#4995)
- core: Add unique constraint to user UUID (#5004)
- core: extend Postgres configuration (#5138)
- core: fix app launch URL flow selection (#5113)
- lifecycle: also migrate before starting worker, trap exit to cleanup mode (#5123)
- lifecycle: don't use celery ping for worker healthcheck (#5153)
- outposts: run containers as non root (#5212)
- outposts: set Kubernetes deployment security context (#5163)
- policies: provider raw result for better policy reusability (#5189)
- providers/ldap: fix duplicate attributes (#4972)
- providers/oauth2: fix response for response_type code and response_mode fragment (#4975)
- providers/proxy: rework endpoints logic (#4993)
- providers/radius: simple RADIUS outpost (#1796)
- providers/scim: add missing default fields (#5108)
- providers/scim: fix error when user-group m2m is updated forward (#5082)
- providers: Add ability to choose a default authentication flow (#5070)
- stages/authenticator_validate: fix stage not working without pending user (#5096)
- stages/identification: revert is_active check (#5183)
- stages/prompt: Add Radio Button Group, Dropdown and Text Area prompt fields (#4822)
- stages/prompt: Fix dropdown invalid choice (#5046)
- stages/user_login: stay logged in (#4958)
- stages/user_write: improve error handling (#5136)
- stages: Add ability to set user friendly names for MFA stages (#5005)
- web/admin: fix error adding users to groups (#5016)
- web/admin: fix error listing blueprints with missing metadata (#5041)
- web/admin: fix error when creating bindings due to hidden inputs (#5081)
- web/admin: fix inconsistent display of flows in selections (#4977)
- web/admin: fix ldap form when editing scim provider from view page (#5164)
- web/admin: fix prompt field display (#4990)
- web/admin: fix sidebar avatar not loaded (#5184)
- web/admin: prompt preview (#5078)
- web/admin: show warning when adding user to superuser group (#5091)
- web/elements: fix search select inconsistency (#4989)
- web/elements: only render form once instance is loaded (#5049)
- web/flows: fix authenticator selector in dark mode (#4974)
- web/user: rework search (#5107)
- web: only show debug locale if debug mode is enabled (#5111)
- web: remove more until (#5057)
## API Changes
#### What's New
---
##### `GET` /outposts/radius/
##### `GET` /outposts/radius/{id}/
##### `GET` /providers/radius/
##### `POST` /providers/radius/
##### `GET` /providers/radius/{id}/
##### `PUT` /providers/radius/{id}/
##### `DELETE` /providers/radius/{id}/
##### `PATCH` /providers/radius/{id}/
##### `GET` /providers/radius/{id}/used_by/
##### `POST` /stages/prompt/prompts/preview/
#### What's Changed
---
##### `GET` /policies/event_matcher/{policy_uuid}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
> - `authentik.api` - authentik API
> - `authentik.crypto` - authentik Crypto
> - `authentik.events` - authentik Events
> - `authentik.flows` - authentik Flows
> - `authentik.lib` - authentik lib
> - `authentik.outposts` - authentik Outpost
> - `authentik.policies.dummy` - authentik Policies.Dummy
> - `authentik.policies.event_matcher` - authentik Policies.Event Matcher
> - `authentik.policies.expiry` - authentik Policies.Expiry
> - `authentik.policies.expression` - authentik Policies.Expression
> - `authentik.policies.password` - authentik Policies.Password
> - `authentik.policies.reputation` - authentik Policies.Reputation
> - `authentik.policies` - authentik Policies
> - `authentik.providers.ldap` - authentik Providers.LDAP
> - `authentik.providers.oauth2` - authentik Providers.OAuth2
> - `authentik.providers.proxy` - authentik Providers.Proxy
> - `authentik.providers.radius` - authentik Providers.Radius
> - `authentik.providers.saml` - authentik Providers.SAML
> - `authentik.providers.scim` - authentik Providers.SCIM
> - `authentik.recovery` - authentik Recovery
> - `authentik.sources.ldap` - authentik Sources.LDAP
> - `authentik.sources.oauth` - authentik Sources.OAuth
> - `authentik.sources.plex` - authentik Sources.Plex
> - `authentik.sources.saml` - authentik Sources.SAML
> - `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
> - `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
> - `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
> - `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
> - `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
> - `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
> - `authentik.stages.captcha` - authentik Stages.Captcha
> - `authentik.stages.consent` - authentik Stages.Consent
> - `authentik.stages.deny` - authentik Stages.Deny
> - `authentik.stages.dummy` - authentik Stages.Dummy
> - `authentik.stages.email` - authentik Stages.Email
> - `authentik.stages.identification` - authentik Stages.Identification
> - `authentik.stages.invitation` - authentik Stages.User Invitation
> - `authentik.stages.password` - authentik Stages.Password
> - `authentik.stages.prompt` - authentik Stages.Prompt
> - `authentik.stages.user_delete` - authentik Stages.User Delete
> - `authentik.stages.user_login` - authentik Stages.User Login
> - `authentik.stages.user_logout` - authentik Stages.User Logout
> - `authentik.stages.user_write` - authentik Stages.User Write
> - `authentik.tenants` - authentik Tenants
> - `authentik.blueprints` - authentik Blueprints
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
##### `PUT` /policies/event_matcher/{policy_uuid}/
###### Request:
Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
> - `authentik.api` - authentik API
> - `authentik.crypto` - authentik Crypto
> - `authentik.events` - authentik Events
> - `authentik.flows` - authentik Flows
> - `authentik.lib` - authentik lib
> - `authentik.outposts` - authentik Outpost
> - `authentik.policies.dummy` - authentik Policies.Dummy
> - `authentik.policies.event_matcher` - authentik Policies.Event Matcher
> - `authentik.policies.expiry` - authentik Policies.Expiry
> - `authentik.policies.expression` - authentik Policies.Expression
> - `authentik.policies.password` - authentik Policies.Password
> - `authentik.policies.reputation` - authentik Policies.Reputation
> - `authentik.policies` - authentik Policies
> - `authentik.providers.ldap` - authentik Providers.LDAP
> - `authentik.providers.oauth2` - authentik Providers.OAuth2
> - `authentik.providers.proxy` - authentik Providers.Proxy
> - `authentik.providers.radius` - authentik Providers.Radius
> - `authentik.providers.saml` - authentik Providers.SAML
> - `authentik.providers.scim` - authentik Providers.SCIM
> - `authentik.recovery` - authentik Recovery
> - `authentik.sources.ldap` - authentik Sources.LDAP
> - `authentik.sources.oauth` - authentik Sources.OAuth
> - `authentik.sources.plex` - authentik Sources.Plex
> - `authentik.sources.saml` - authentik Sources.SAML
> - `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
> - `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
> - `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
> - `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
> - `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
> - `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
> - `authentik.stages.captcha` - authentik Stages.Captcha
> - `authentik.stages.consent` - authentik Stages.Consent
> - `authentik.stages.deny` - authentik Stages.Deny
> - `authentik.stages.dummy` - authentik Stages.Dummy
> - `authentik.stages.email` - authentik Stages.Email
> - `authentik.stages.identification` - authentik Stages.Identification
> - `authentik.stages.invitation` - authentik Stages.User Invitation
> - `authentik.stages.password` - authentik Stages.Password
> - `authentik.stages.prompt` - authentik Stages.Prompt
> - `authentik.stages.user_delete` - authentik Stages.User Delete
> - `authentik.stages.user_login` - authentik Stages.User Login
> - `authentik.stages.user_logout` - authentik Stages.User Logout
> - `authentik.stages.user_write` - authentik Stages.User Write
> - `authentik.tenants` - authentik Tenants
> - `authentik.blueprints` - authentik Blueprints
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
> - `authentik.api` - authentik API
> - `authentik.crypto` - authentik Crypto
> - `authentik.events` - authentik Events
> - `authentik.flows` - authentik Flows
> - `authentik.lib` - authentik lib
> - `authentik.outposts` - authentik Outpost
> - `authentik.policies.dummy` - authentik Policies.Dummy
> - `authentik.policies.event_matcher` - authentik Policies.Event Matcher
> - `authentik.policies.expiry` - authentik Policies.Expiry
> - `authentik.policies.expression` - authentik Policies.Expression
> - `authentik.policies.password` - authentik Policies.Password
> - `authentik.policies.reputation` - authentik Policies.Reputation
> - `authentik.policies` - authentik Policies
> - `authentik.providers.ldap` - authentik Providers.LDAP
> - `authentik.providers.oauth2` - authentik Providers.OAuth2
> - `authentik.providers.proxy` - authentik Providers.Proxy
> - `authentik.providers.radius` - authentik Providers.Radius
> - `authentik.providers.saml` - authentik Providers.SAML
> - `authentik.providers.scim` - authentik Providers.SCIM
> - `authentik.recovery` - authentik Recovery
> - `authentik.sources.ldap` - authentik Sources.LDAP
> - `authentik.sources.oauth` - authentik Sources.OAuth
> - `authentik.sources.plex` - authentik Sources.Plex
> - `authentik.sources.saml` - authentik Sources.SAML
> - `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
> - `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
> - `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
> - `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
> - `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
> - `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
> - `authentik.stages.captcha` - authentik Stages.Captcha
> - `authentik.stages.consent` - authentik Stages.Consent
> - `authentik.stages.deny` - authentik Stages.Deny
> - `authentik.stages.dummy` - authentik Stages.Dummy
> - `authentik.stages.email` - authentik Stages.Email
> - `authentik.stages.identification` - authentik Stages.Identification
> - `authentik.stages.invitation` - authentik Stages.User Invitation
> - `authentik.stages.password` - authentik Stages.Password
> - `authentik.stages.prompt` - authentik Stages.Prompt
> - `authentik.stages.user_delete` - authentik Stages.User Delete
> - `authentik.stages.user_login` - authentik Stages.User Login
> - `authentik.stages.user_logout` - authentik Stages.User Logout
> - `authentik.stages.user_write` - authentik Stages.User Write
> - `authentik.tenants` - authentik Tenants
> - `authentik.blueprints` - authentik Blueprints
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
##### `PATCH` /policies/event_matcher/{policy_uuid}/
###### Request:
Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
> - `authentik.api` - authentik API
> - `authentik.crypto` - authentik Crypto
> - `authentik.events` - authentik Events
> - `authentik.flows` - authentik Flows
> - `authentik.lib` - authentik lib
> - `authentik.outposts` - authentik Outpost
> - `authentik.policies.dummy` - authentik Policies.Dummy
> - `authentik.policies.event_matcher` - authentik Policies.Event Matcher
> - `authentik.policies.expiry` - authentik Policies.Expiry
> - `authentik.policies.expression` - authentik Policies.Expression
> - `authentik.policies.password` - authentik Policies.Password
> - `authentik.policies.reputation` - authentik Policies.Reputation
> - `authentik.policies` - authentik Policies
> - `authentik.providers.ldap` - authentik Providers.LDAP
> - `authentik.providers.oauth2` - authentik Providers.OAuth2
> - `authentik.providers.proxy` - authentik Providers.Proxy
> - `authentik.providers.radius` - authentik Providers.Radius
> - `authentik.providers.saml` - authentik Providers.SAML
> - `authentik.providers.scim` - authentik Providers.SCIM
> - `authentik.recovery` - authentik Recovery
> - `authentik.sources.ldap` - authentik Sources.LDAP
> - `authentik.sources.oauth` - authentik Sources.OAuth
> - `authentik.sources.plex` - authentik Sources.Plex
> - `authentik.sources.saml` - authentik Sources.SAML
> - `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
> - `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
> - `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
> - `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
> - `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
> - `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
> - `authentik.stages.captcha` - authentik Stages.Captcha
> - `authentik.stages.consent` - authentik Stages.Consent
> - `authentik.stages.deny` - authentik Stages.Deny
> - `authentik.stages.dummy` - authentik Stages.Dummy
> - `authentik.stages.email` - authentik Stages.Email
> - `authentik.stages.identification` - authentik Stages.Identification
> - `authentik.stages.invitation` - authentik Stages.User Invitation
> - `authentik.stages.password` - authentik Stages.Password
> - `authentik.stages.prompt` - authentik Stages.Prompt
> - `authentik.stages.user_delete` - authentik Stages.User Delete
> - `authentik.stages.user_login` - authentik Stages.User Login
> - `authentik.stages.user_logout` - authentik Stages.User Logout
> - `authentik.stages.user_write` - authentik Stages.User Write
> - `authentik.tenants` - authentik Tenants
> - `authentik.blueprints` - authentik Blueprints
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
> - `authentik.api` - authentik API
> - `authentik.crypto` - authentik Crypto
> - `authentik.events` - authentik Events
> - `authentik.flows` - authentik Flows
> - `authentik.lib` - authentik lib
> - `authentik.outposts` - authentik Outpost
> - `authentik.policies.dummy` - authentik Policies.Dummy
> - `authentik.policies.event_matcher` - authentik Policies.Event Matcher
> - `authentik.policies.expiry` - authentik Policies.Expiry
> - `authentik.policies.expression` - authentik Policies.Expression
> - `authentik.policies.password` - authentik Policies.Password
> - `authentik.policies.reputation` - authentik Policies.Reputation
> - `authentik.policies` - authentik Policies
> - `authentik.providers.ldap` - authentik Providers.LDAP
> - `authentik.providers.oauth2` - authentik Providers.OAuth2
> - `authentik.providers.proxy` - authentik Providers.Proxy
> - `authentik.providers.radius` - authentik Providers.Radius
> - `authentik.providers.saml` - authentik Providers.SAML
> - `authentik.providers.scim` - authentik Providers.SCIM
> - `authentik.recovery` - authentik Recovery
> - `authentik.sources.ldap` - authentik Sources.LDAP
> - `authentik.sources.oauth` - authentik Sources.OAuth
> - `authentik.sources.plex` - authentik Sources.Plex
> - `authentik.sources.saml` - authentik Sources.SAML
> - `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
> - `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
> - `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
> - `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
> - `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
> - `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
> - `authentik.stages.captcha` - authentik Stages.Captcha
> - `authentik.stages.consent` - authentik Stages.Consent
> - `authentik.stages.deny` - authentik Stages.Deny
> - `authentik.stages.dummy` - authentik Stages.Dummy
> - `authentik.stages.email` - authentik Stages.Email
> - `authentik.stages.identification` - authentik Stages.Identification
> - `authentik.stages.invitation` - authentik Stages.User Invitation
> - `authentik.stages.password` - authentik Stages.Password
> - `authentik.stages.prompt` - authentik Stages.Prompt
> - `authentik.stages.user_delete` - authentik Stages.User Delete
> - `authentik.stages.user_login` - authentik Stages.User Login
> - `authentik.stages.user_logout` - authentik Stages.User Logout
> - `authentik.stages.user_write` - authentik Stages.User Write
> - `authentik.tenants` - authentik Tenants
> - `authentik.blueprints` - authentik Blueprints
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
##### `GET` /providers/all/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /providers/oauth2/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PUT` /providers/oauth2/{id}/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PATCH` /providers/oauth2/{id}/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /providers/proxy/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PUT` /providers/proxy/{id}/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PATCH` /providers/proxy/{id}/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /core/applications/{slug}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PUT` /core/applications/{slug}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PATCH` /core/applications/{slug}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /outposts/instances/{uuid}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `type` (string)
> - `proxy` - Proxy
> - `ldap` - Ldap
> - `radius` - Radius
Added enum value:
- `radius`
- Changed property `providers_obj` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PUT` /outposts/instances/{uuid}/
###### Request:
Changed content type : `application/json`
- Changed property `type` (string)
> - `proxy` - Proxy
> - `ldap` - Ldap
> - `radius` - Radius
Added enum value:
- `radius`
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `type` (string)
> - `proxy` - Proxy
> - `ldap` - Ldap
> - `radius` - Radius
Added enum value:
- `radius`
- Changed property `providers_obj` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PATCH` /outposts/instances/{uuid}/
###### Request:
Changed content type : `application/json`
- Changed property `type` (string)
> - `proxy` - Proxy
> - `ldap` - Ldap
> - `radius` - Radius
Added enum value:
- `radius`
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `type` (string)
> - `proxy` - Proxy
> - `ldap` - Ldap
> - `radius` - Radius
Added enum value:
- `radius`
- Changed property `providers_obj` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `POST` /policies/event_matcher/
###### Request:
Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
> - `authentik.api` - authentik API
> - `authentik.crypto` - authentik Crypto
> - `authentik.events` - authentik Events
> - `authentik.flows` - authentik Flows
> - `authentik.lib` - authentik lib
> - `authentik.outposts` - authentik Outpost
> - `authentik.policies.dummy` - authentik Policies.Dummy
> - `authentik.policies.event_matcher` - authentik Policies.Event Matcher
> - `authentik.policies.expiry` - authentik Policies.Expiry
> - `authentik.policies.expression` - authentik Policies.Expression
> - `authentik.policies.password` - authentik Policies.Password
> - `authentik.policies.reputation` - authentik Policies.Reputation
> - `authentik.policies` - authentik Policies
> - `authentik.providers.ldap` - authentik Providers.LDAP
> - `authentik.providers.oauth2` - authentik Providers.OAuth2
> - `authentik.providers.proxy` - authentik Providers.Proxy
> - `authentik.providers.radius` - authentik Providers.Radius
> - `authentik.providers.saml` - authentik Providers.SAML
> - `authentik.providers.scim` - authentik Providers.SCIM
> - `authentik.recovery` - authentik Recovery
> - `authentik.sources.ldap` - authentik Sources.LDAP
> - `authentik.sources.oauth` - authentik Sources.OAuth
> - `authentik.sources.plex` - authentik Sources.Plex
> - `authentik.sources.saml` - authentik Sources.SAML
> - `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
> - `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
> - `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
> - `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
> - `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
> - `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
> - `authentik.stages.captcha` - authentik Stages.Captcha
> - `authentik.stages.consent` - authentik Stages.Consent
> - `authentik.stages.deny` - authentik Stages.Deny
> - `authentik.stages.dummy` - authentik Stages.Dummy
> - `authentik.stages.email` - authentik Stages.Email
> - `authentik.stages.identification` - authentik Stages.Identification
> - `authentik.stages.invitation` - authentik Stages.User Invitation
> - `authentik.stages.password` - authentik Stages.Password
> - `authentik.stages.prompt` - authentik Stages.Prompt
> - `authentik.stages.user_delete` - authentik Stages.User Delete
> - `authentik.stages.user_login` - authentik Stages.User Login
> - `authentik.stages.user_logout` - authentik Stages.User Logout
> - `authentik.stages.user_write` - authentik Stages.User Write
> - `authentik.tenants` - authentik Tenants
> - `authentik.blueprints` - authentik Blueprints
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
###### Return Type:
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
> - `authentik.api` - authentik API
> - `authentik.crypto` - authentik Crypto
> - `authentik.events` - authentik Events
> - `authentik.flows` - authentik Flows
> - `authentik.lib` - authentik lib
> - `authentik.outposts` - authentik Outpost
> - `authentik.policies.dummy` - authentik Policies.Dummy
> - `authentik.policies.event_matcher` - authentik Policies.Event Matcher
> - `authentik.policies.expiry` - authentik Policies.Expiry
> - `authentik.policies.expression` - authentik Policies.Expression
> - `authentik.policies.password` - authentik Policies.Password
> - `authentik.policies.reputation` - authentik Policies.Reputation
> - `authentik.policies` - authentik Policies
> - `authentik.providers.ldap` - authentik Providers.LDAP
> - `authentik.providers.oauth2` - authentik Providers.OAuth2
> - `authentik.providers.proxy` - authentik Providers.Proxy
> - `authentik.providers.radius` - authentik Providers.Radius
> - `authentik.providers.saml` - authentik Providers.SAML
> - `authentik.providers.scim` - authentik Providers.SCIM
> - `authentik.recovery` - authentik Recovery
> - `authentik.sources.ldap` - authentik Sources.LDAP
> - `authentik.sources.oauth` - authentik Sources.OAuth
> - `authentik.sources.plex` - authentik Sources.Plex
> - `authentik.sources.saml` - authentik Sources.SAML
> - `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
> - `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
> - `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
> - `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
> - `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
> - `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
> - `authentik.stages.captcha` - authentik Stages.Captcha
> - `authentik.stages.consent` - authentik Stages.Consent
> - `authentik.stages.deny` - authentik Stages.Deny
> - `authentik.stages.dummy` - authentik Stages.Dummy
> - `authentik.stages.email` - authentik Stages.Email
> - `authentik.stages.identification` - authentik Stages.Identification
> - `authentik.stages.invitation` - authentik Stages.User Invitation
> - `authentik.stages.password` - authentik Stages.Password
> - `authentik.stages.prompt` - authentik Stages.Prompt
> - `authentik.stages.user_delete` - authentik Stages.User Delete
> - `authentik.stages.user_login` - authentik Stages.User Login
> - `authentik.stages.user_logout` - authentik Stages.User Logout
> - `authentik.stages.user_write` - authentik Stages.User Write
> - `authentik.tenants` - authentik Tenants
> - `authentik.blueprints` - authentik Blueprints
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
##### `GET` /policies/event_matcher/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Event Matcher Policy Serializer
- Changed property `app` (string)
> - `authentik.admin` - authentik Admin
> - `authentik.api` - authentik API
> - `authentik.crypto` - authentik Crypto
> - `authentik.events` - authentik Events
> - `authentik.flows` - authentik Flows
> - `authentik.lib` - authentik lib
> - `authentik.outposts` - authentik Outpost
> - `authentik.policies.dummy` - authentik Policies.Dummy
> - `authentik.policies.event_matcher` - authentik Policies.Event Matcher
> - `authentik.policies.expiry` - authentik Policies.Expiry
> - `authentik.policies.expression` - authentik Policies.Expression
> - `authentik.policies.password` - authentik Policies.Password
> - `authentik.policies.reputation` - authentik Policies.Reputation
> - `authentik.policies` - authentik Policies
> - `authentik.providers.ldap` - authentik Providers.LDAP
> - `authentik.providers.oauth2` - authentik Providers.OAuth2
> - `authentik.providers.proxy` - authentik Providers.Proxy
> - `authentik.providers.radius` - authentik Providers.Radius
> - `authentik.providers.saml` - authentik Providers.SAML
> - `authentik.providers.scim` - authentik Providers.SCIM
> - `authentik.recovery` - authentik Recovery
> - `authentik.sources.ldap` - authentik Sources.LDAP
> - `authentik.sources.oauth` - authentik Sources.OAuth
> - `authentik.sources.plex` - authentik Sources.Plex
> - `authentik.sources.saml` - authentik Sources.SAML
> - `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
> - `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
> - `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
> - `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
> - `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
> - `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
> - `authentik.stages.captcha` - authentik Stages.Captcha
> - `authentik.stages.consent` - authentik Stages.Consent
> - `authentik.stages.deny` - authentik Stages.Deny
> - `authentik.stages.dummy` - authentik Stages.Dummy
> - `authentik.stages.email` - authentik Stages.Email
> - `authentik.stages.identification` - authentik Stages.Identification
> - `authentik.stages.invitation` - authentik Stages.User Invitation
> - `authentik.stages.password` - authentik Stages.Password
> - `authentik.stages.prompt` - authentik Stages.Prompt
> - `authentik.stages.user_delete` - authentik Stages.User Delete
> - `authentik.stages.user_login` - authentik Stages.User Login
> - `authentik.stages.user_logout` - authentik Stages.User Logout
> - `authentik.stages.user_write` - authentik Stages.User Write
> - `authentik.tenants` - authentik Tenants
> - `authentik.blueprints` - authentik Blueprints
> - `authentik.core` - authentik Core
Added enum value:
- `authentik.providers.radius`
##### `GET` /providers/all/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /providers/ldap/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PUT` /providers/ldap/{id}/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PATCH` /providers/ldap/{id}/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `POST` /providers/oauth2/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /providers/oauth2/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `POST` /providers/proxy/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /providers/proxy/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > ProxyProvider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /providers/saml/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PUT` /providers/saml/{id}/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `PATCH` /providers/saml/{id}/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `POST` /core/applications/
###### Return Type:
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /core/applications/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Application Serializer
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /core/user_consent/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `application` (object)
> Application Serializer
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /oauth2/access_tokens/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /oauth2/authorization_codes/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /oauth2/refresh_tokens/{id}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `POST` /outposts/instances/
###### Request:
Changed content type : `application/json`
- Changed property `type` (string)
> - `proxy` - Proxy
> - `ldap` - Ldap
> - `radius` - Radius
Added enum value:
- `radius`
###### Return Type:
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `type` (string)
> - `proxy` - Proxy
> - `ldap` - Ldap
> - `radius` - Radius
Added enum value:
- `radius`
- Changed property `providers_obj` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /outposts/instances/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Outpost Serializer
- Changed property `type` (string)
> - `proxy` - Proxy
> - `ldap` - Ldap
> - `radius` - Radius
Added enum value:
- `radius`
- Changed property `providers_obj` (array)
Changed items (object): > Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `POST` /providers/ldap/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /providers/ldap/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > LDAPProvider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `POST` /providers/saml/
###### Request:
Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
###### Return Type:
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /providers/saml/
###### Parameters:
Added: `authentication_flow` in `query`
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > SAMLProvider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /stages/user_login/{stage_uuid}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
##### `PUT` /stages/user_login/{stage_uuid}/
###### Request:
Changed content type : `application/json`
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
##### `PATCH` /stages/user_login/{stage_uuid}/
###### Request:
Changed content type : `application/json`
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
##### `GET` /core/user_consent/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > UserConsent Serializer
- Changed property `application` (object)
> Application Serializer
- Changed property `provider_obj` (object)
> Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /flows/executor/{flow_slug}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
Added 'ak-stage-user-login' component:
- Property `type` (string)
> - `native` - NATIVE
> - `shell` - SHELL
> - `redirect` - REDIRECT
Enum values:
- `native`
- `shell`
- `redirect`
- Property `flow_info` (object)
> Contextual flow information for a challenge
- Property `title` (string)
- Property `background` (string)
- Property `cancel_url` (string)
- Property `layout` (string)
> - `stacked` - STACKED
> - `content_left` - CONTENT_LEFT
> - `content_right` - CONTENT_RIGHT
> - `sidebar_left` - SIDEBAR_LEFT
> - `sidebar_right` - SIDEBAR_RIGHT
Enum values:
- `stacked`
- `content_left`
- `content_right`
- `sidebar_left`
- `sidebar_right`
- Property `component` (string)
- Property `response_errors` (object)
- Property `pending_user` (string)
- Property `pending_user_avatar` (string)
Updated `ak-stage-prompt` component:
- Changed property `fields` (array)
Changed items (object): > Serializer for a single Prompt field
New required properties:
- `choices`
* Added property `choices` (array)
Items (string):
* Changed property `type` (string)
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
- `dropdown`
##### `POST` /flows/executor/{flow_slug}/
###### Request:
Changed content type : `application/json`
Added 'ak-stage-user-login' component:
- Property `component` (string)
- Property `remember_me` (boolean)
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
Added 'ak-stage-user-login' component:
Updated `ak-stage-prompt` component:
- Changed property `fields` (array)
Changed items (object): > Serializer for a single Prompt field
New required properties:
- `choices`
* Added property `choices` (array)
* Changed property `type` (string)
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
- `dropdown`
##### `GET` /oauth2/access_tokens/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /oauth2/authorization_codes/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /oauth2/refresh_tokens/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
- Changed property `provider` (object)
> OAuth2Provider Serializer
- Added property `authentication_flow` (string)
> Flow used for authentication when the associated application is accessed by an un-authenticated user.
##### `GET` /stages/prompt/prompts/{prompt_uuid}/
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
- Changed property `type` (string)
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
- `dropdown`
##### `PUT` /stages/prompt/prompts/{prompt_uuid}/
###### Request:
Changed content type : `application/json`
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
- Changed property `type` (string)
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
- `dropdown`
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
- Changed property `type` (string)
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
- `dropdown`
##### `PATCH` /stages/prompt/prompts/{prompt_uuid}/
###### Request:
Changed content type : `application/json`
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
- Changed property `type` (string)
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
- `dropdown`
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
- Changed property `type` (string)
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
- `dropdown`
##### `POST` /stages/user_login/
###### Request:
Changed content type : `application/json`
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
###### Return Type:
Changed response : **201 Created**
- Changed content type : `application/json`
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
##### `GET` /stages/user_login/
###### Parameters:
Added: `remember_me_offset` in `query`
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > UserLoginStage Serializer
- Added property `remember_me_offset` (string)
> Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)
##### `POST` /stages/prompt/prompts/
###### Request:
Changed content type : `application/json`
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
- Changed property `type` (string)
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
- `dropdown`
###### Return Type:
Changed response : **201 Created**
- Changed content type : `application/json`
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
- Changed property `type` (string)
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
- `dropdown`
##### `GET` /stages/prompt/prompts/
###### Parameters:
Changed: `type` in `query`
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
>
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
###### Return Type:
Changed response : **200 OK**
- Changed content type : `application/json`
- Changed property `results` (array)
Changed items (object): > Prompt Serializer
- Changed property `placeholder` (string)
> When creating a Radio Button Group or Dropdown, enable interpreting as expression and return a list to return multiple choices.
- Changed property `type` (string)
> - `text` - Text: Simple Text input
> - `text_area` - Text area: Multiline Text Input.
> - `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
> - `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
> - `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
> - `email` - Email: Text field with Email type.
> - `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
> - `number` - Number
> - `checkbox` - Checkbox
> - `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
> - `dropdown` - Fixed choice field rendered as a dropdown.
> - `date` - Date
> - `date-time` - Date Time
> - `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
> - `separator` - Separator: Static Separator Line
> - `hidden` - Hidden: Hidden field, can be used to insert data into form.
> - `static` - Static: Static value, displayed as-is.
> - `ak-locale` - authentik: Selection of locales authentik supports
Added enum values:
- `text_area`
- `text_area_read_only`
- `radio-button-group`
- `dropdown`