eliott/authentik
1
0
Fork 0
mirror of https://github.com/goauthentik/authentik synced 2026-05-14 10:56:52 +02:00
Code Issues Packages Projects Releases Wiki Activity
21,926 Commits 343 Branches 444 Tags
e4ef898feccbc0cb4613401ac744e33a193b2197
Commit Graph

21926 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Teffen Ellis
e4ef898fec ci/web: run Playwright e2e suite on every PR 
Boots the full authentik stack (postgres + Go server + Rust worker)
inside the existing ci-web workflow, applies migrations and the
test-admin user blueprint, then runs `corepack npm run --prefix web
test:e2e` against http://localhost:9000. Uploads the HTML report,
traces/videos, and authentik logs as artifacts on failure so reviewers
can debug without rerunning locally.

Also enables the HTML reporter and screenshot/video capture on CI in
playwright.config.js, and updates the full dev-environment docs to
point at the same npm scripts CI uses so local and CI runs stay in
lockstep.

Closes #21994

Co-Authored-By: Agent (authentik-i21994-better-mobile-tangelo) <279763771+playpen-agent@users.noreply.github.com>

ci/web: make test-admin blueprint self-contained

The previous blueprint used !Find to look up the authentik Admins group,
which raced against system/bootstrap.yaml and resolved to None when the
explicit apply_blueprint step ran before the worker had applied bootstrap.
The serializer rejected groups: [None] with Invalid pk "None".

Define the group in the same blueprint with state: present and reference
it via !KeyOf, so the test admin setup does not depend on any pre-existing
data. If bootstrap has already created the group, state: present is a
no-op on the identifiers; otherwise the group is created here.

Co-Authored-By: Agent (authentik-i21994-better-mobile-tangelo) <279763771+playpen-agent@users.noreply.github.com>

ci/web: format test-admin-user.yaml with prettier

Pick up the 4-space indent that web/'s prettier config enforces. The
file was added under issue #21994 with 2-space indent and tripped the
ci-web format check on push.

Co-Authored-By: Agent (authentik-i21994-better-mobile-tangelo) <279763771+playpen-agent@users.noreply.github.com>

Use parallelism.

Remove guard.

Reorder tests.

Ignore playwright-traces.

Update expected path.

Always parallel.

Flesh out types.

ci/web: post Playwright result comment + gated S3 upload + !cancelled() guards

Three reviewer-facing improvements to the e2e job:

1. Idempotent PR comment summarising Playwright pass/fail/flaky/skipped
   counts. Marker `<!-- playwright-result -->` lets re-runs edit the
   same comment instead of piling up. Skipped on fork PRs where the
   default GITHUB_TOKEN is read-only.

2. Optional S3 publish of the HTML report to
   `s3://authentik-playwright-artifacts/pr-<n>/run-<id>/attempt-<n>/`,
   gated behind `vars.PLAYWRIGHT_S3_ENABLED == 'true'`. The bucket is
   pending infra provisioning; the public URL pattern is already wired
   into the comment so flipping the variable on later requires no
   workflow changes. Borrows the OIDC + IAM role plumbing from
   `.github/workflows/release-publish.yml`.

3. Switch the failure-guarded reporting/upload steps to `!cancelled()`
   so a superseded (cancelled) run no longer emits failure-shaped noise,
   and so successful runs still produce the artifact bundle reviewers
   expect.

Adds the Playwright JSON reporter so the parse step can pull pass/fail
counts from `playwright-report/results.json` for the comment body.

Co-Authored-By: Agent (authentik-i21996-internal-achievable-raisin) <279763771+playpen-agent@users.noreply.github.com>

web/e2e: fix three regressions blocking the parallel suite

Locally and in CI the new `e2e (playwright)` job appeared to "hang"
under `fullyParallel: true` + `workers: "50%"`. The hang was actually
five tests sharing two unrelated bugs that all manifest as 30s test
timeouts; the cluster only *looks* like a parallelism issue because
multiple workers stall on the same wall-clock window. With these three
fixes the full suite is green in 1m48s on `--workers=2` (was: 5 failed
/ 17 passed in 5m30s).

1. `web/test/browser/600-providers.test.ts`
   PR #21647 dropped the `to:` argument on the `session.login()` call
   in this file's `beforeEach`. Without it, `SessionFixture.login()`
   waits for the auth-flow URL pattern to re-appear — which it does
   immediately, since we just navigated there — so the helper returns
   *before* the post-login redirect lands. The wizard buttons probed
   afterward live on `/if/admin/#/core/providers`, which the user never
   actually reaches; every test in the file then hits the 30s
   `beforeEach` timeout. Pin the destination explicitly, matching the
   shape of every other test file.

2. `web/src/admin/roles/ak-role-list.ts`
   The role-list row anchor had no aria-label, so its accessible name
   was the (random, generated) role name. `500-roles.test.ts` searches
   for that anchor with `getByRole("link", { name: "view details" })`
   — the same selector `400-groups.test.ts` uses against the group
   list, where `GroupListPage.row()` *does* set
   `aria-label="View details of group ..."`. Bring the role row to
   parity with groups; the test wasn't wrong, the UI was missing the
   accessibility hook.

3. `web/test/browser/500-roles.test.ts` ("Edit role from view page")
   The post-edit verification used `page.getByText(updatedName)`, but
   on the role view page the new name renders in two places (the
   "Role <name>" page-navbar heading and the description-list value),
   so the bare text match resolves to two elements and trips
   strict-mode. Add `{ exact: true }` so we assert the canonical value
   the edit wrote rather than the heading template.

Co-Authored-By: Agent (authentik-i21996-internal-achievable-raisin) <279763771+playpen-agent@users.noreply.github.com>

Use headless.
 2026-05-05 18:40:48 +02:00
Teffen Ellis
f0a544493a Bump NPM version. 2026-05-05 18:35:39 +02:00
Teffen Ellis
d2e0d62cb8 Lint. 2026-05-05 18:35:06 +02:00
Teffen Ellis
afd1b7f9e0 Bump. 2026-05-05 18:35:04 +02:00
Teffen Ellis
479d4785b6 lint. 2026-05-05 18:34:36 +02:00
Teffen Ellis
3e524a68ff Clean up docs container. 2026-05-05 18:34:35 +02:00
Teffen Ellis
8bf756ed40 Flesh out github actions. 2026-05-05 18:34:35 +02:00
Teffen Ellis
d537aeecd6 Update makefile. 2026-05-05 18:34:35 +02:00
Teffen Ellis
5f614e1f48 Prep containers. 2026-05-05 18:34:35 +02:00
Teffen Ellis
2a0d867e10 Bump engines. 2026-05-05 18:34:34 +02:00
Teffen Ellis
da572834fd Flesh out node scripts. 2026-05-05 18:34:34 +02:00
Teffen Ellis
67fa7bc6e6 Fix mounted references. 2026-05-05 18:34:34 +02:00
Jens L.
6be7b2f7b7 root: update django to 5.2.14 (#22064) 2026-05-05 15:49:16 +00:00
Jens L.
7cffbb4d07 tenants: add option to mark flag as deprecated (#22063) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2026-05-05 17:25:01 +02:00
Marcelo Elizeche Landó
5d629bec9b web/stages: better wording for webauthn authenticator attachments options (#22062) 
better wording for webauthn authenticator attachments options
 2026-05-05 17:02:55 +02:00
dependabot[bot]
5357f42029 web: bump vite from 8.0.8 to 8.0.10 in /web (#21842) 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 8.0.8 to 8.0.10.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.10/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 8.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 14:50:15 +02:00
Dewi Roberts
716bc6e136 api: set authenticated session user agent nullable properties (#22059) 
* Set properties to nullable and regenerate schema

* Make gen

* format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2026-05-05 14:47:27 +02:00
Dewi Roberts
60355fdf80 web/admin: redirect stage: adds mention of static url (#22060) 
Adds mention of static url, not just flow redirect
 2026-05-05 14:46:56 +02:00
dependabot[bot]
828a380569 web: bump axios from 1.15.0 to 1.16.0 in /web (#22058) 
Bumps [axios](https://github.com/axios/axios) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.16.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 14:25:07 +02:00
Luca Sannitu
b04f8a6177 providers/oauth2: override RedirectURITypeEnum capitalization for generated API (#22037) 
* fix(providers/oauth2): correct RedirectURITypeEnum capitalization in API schema

* fix: remove encoding artifacts introduced during client regeneration
 2026-05-05 14:18:02 +02:00
Dominic R
ff190847f2 website/docs: document language settings (#21968) 2026-05-05 08:08:00 -04:00
Dominic R
a7339c7f87 website/docs: document supported PostgreSQL versions (#21967) 2026-05-05 08:07:24 -04:00
dependabot[bot]
38ae472f6c website: bump docusaurus-theme-openapi-docs from 5.0.1 to 5.0.2 in /website (#22052) 
* website: bump docusaurus-theme-openapi-docs in /website

Bumps [docusaurus-theme-openapi-docs](https://github.com/PaloAltoNetworks/docusaurus-openapi-docs/tree/HEAD/packages/docusaurus-theme-openapi-docs) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/PaloAltoNetworks/docusaurus-openapi-docs/releases)
- [Changelog](https://github.com/PaloAltoNetworks/docusaurus-openapi-docs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/PaloAltoNetworks/docusaurus-openapi-docs/commits/v5.0.2/packages/docusaurus-theme-openapi-docs)

---
updated-dependencies:
- dependency-name: docusaurus-theme-openapi-docs
  dependency-version: 5.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* bump

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2026-05-05 13:36:39 +02:00
dependabot[bot]
7d0656c6fa web: bump the storybook group across 1 directory with 5 updates (#22024) 
Bumps the storybook group with 4 updates in the /web directory: [@storybook/addon-docs](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs), [@storybook/addon-links](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/links), [@storybook/web-components](https://github.com/storybookjs/storybook/tree/HEAD/code/renderers/web-components) and [@storybook/web-components-vite](https://github.com/storybookjs/storybook/tree/HEAD/code/frameworks/web-components-vite).


Updates `@storybook/addon-docs` from 10.3.5 to 10.3.6
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.3.6/code/addons/docs)

Updates `@storybook/addon-links` from 10.3.5 to 10.3.6
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.3.6/code/addons/links)

Updates `@storybook/web-components` from 10.3.5 to 10.3.6
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.3.6/code/renderers/web-components)

Updates `@storybook/web-components-vite` from 10.3.5 to 10.3.6
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.3.6/code/frameworks/web-components-vite)

Updates `storybook` from 10.3.5 to 10.3.6
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.3.6/code/core)

---
updated-dependencies:
- dependency-name: "@storybook/addon-docs"
  dependency-version: 10.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: storybook
- dependency-name: "@storybook/addon-links"
  dependency-version: 10.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: storybook
- dependency-name: "@storybook/web-components"
  dependency-version: 10.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: storybook
- dependency-name: "@storybook/web-components-vite"
  dependency-version: 10.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: storybook
- dependency-name: storybook
  dependency-version: 10.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: storybook
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 13:18:52 +02:00
Teffen Ellis
0bbe415b5b revert: web: Consistent use of "User Dashboard" (#22038) (#22046) 
Revert "web: Consistent use of "User Dashboard" (#22038)"

This reverts commit d69433b314.
 2026-05-05 13:17:40 +02:00
dependabot[bot]
e52c1b2bdc core: bump metrics-exporter-prometheus from 0.18.1 to 0.18.3 (#22057) 
Bumps [metrics-exporter-prometheus](https://github.com/metrics-rs/metrics) from 0.18.1 to 0.18.3.
- [Changelog](https://github.com/metrics-rs/metrics/blob/main/release.toml)
- [Commits](https://github.com/metrics-rs/metrics/compare/metrics-exporter-prometheus-v0.18.1...metrics-exporter-prometheus-v0.18.3)

---
updated-dependencies:
- dependency-name: metrics-exporter-prometheus
  dependency-version: 0.18.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 13:09:40 +02:00
authentik-automation[bot]
5064167f28 core, web: update translations (#22047) 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
 2026-05-05 13:08:29 +02:00
dependabot[bot]
bca0f51b53 core: bump cryptography from 47.0.0 to 48.0.0 (#22053) 
Bumps [cryptography](https://github.com/pyca/cryptography) from 47.0.0 to 48.0.0.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/47.0.0...48.0.0)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 48.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 13:08:25 +02:00
dependabot[bot]
67c197e5a5 core: bump psycopg[c,pool] from 3.3.3 to 3.3.4 (#22054) 
Bumps [psycopg[c,pool]](https://github.com/psycopg/psycopg) from 3.3.3 to 3.3.4.
- [Changelog](https://github.com/psycopg/psycopg/blob/master/docs/news.rst)
- [Commits](https://github.com/psycopg/psycopg/compare/3.3.3...3.3.4)

---
updated-dependencies:
- dependency-name: psycopg[c,pool]
  dependency-version: 3.3.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 13:08:21 +02:00
dependabot[bot]
32b17da699 ci: bump taiki-e/install-action from 2.75.28 to 2.75.29 in /.github/actions/setup (#22056) 
ci: bump taiki-e/install-action in /.github/actions/setup

Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action) from 2.75.28 to 2.75.29.
- [Release notes](https://github.com/taiki-e/install-action/releases)
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md)
- [Commits](51cd0b8c04...b5fddbb536)

---
updated-dependencies:
- dependency-name: taiki-e/install-action
  dependency-version: 2.75.29
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 13:08:16 +02:00
Dominic R
c75eed630a web: remove native fieldset borders from action groups (#21334) 
* web: remove native fieldset borders from action groups

Refs:\n- https://authentiksecurity.slack.com/archives/C08C0SCU2JV/p1775085687040019\n- https://authentiksecurity.slack.com/archives/C08C0SCU2JV/p1774988472501059

* Use consistent naming.

* Fix up styles, selector specifics, compatibility mode.

* Fix field autocapitalization, keyboard behavior.

* Fix default height.

* Fix for mid-size tablet viewports.

- Helped with debugging on mobile.

* Fix linter warning.

---------

Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com>
 2026-05-05 06:17:23 +02:00
Dominic R
9f17d6df96 website/docs: document blueprint import options (#21973) 
* website/docs: document blueprint import options

Closes: https://github.com/goauthentik/authentik/issues/21204

* Update website/docs/customize/blueprints/index.mdx

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dominic R <dominic@sdko.org>

* Update website/docs/customize/blueprints/working_with_blueprints.md

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dominic R <dominic@sdko.org>

* Clarify blueprint docs

* Apply suggestions from code review

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Dominic R <dominic@sdko.org>

---------

Signed-off-by: Dominic R <dominic@sdko.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
 2026-05-05 01:07:23 +00:00
Dominic R
13c8ad5c56 website/integrations: clarify Jellyfin LDAP bind permissions (#21975) 
* website/integrations: clarify Jellyfin LDAP bind permissions

Closes: https://github.com/goauthentik/authentik/issues/9770

* website/docs: clarify jellyfin LDAP service account

* website/docs: link jellyfin LDAP setup steps

* Update index.md

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Dominic R <dominic@sdko.org>

---------

Signed-off-by: Dominic R <dominic@sdko.org>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
 2026-05-05 00:58:10 +00:00
Marcelo Elizeche Landó
28209c03e2 docs: Improve docs on webauthn authenticator attachment (#22045) 
Improve docs on webauthn authenticator attachment
 2026-05-05 00:34:54 +00:00
Marcelo Elizeche Landó
f47cf08d8a website/docs: Add docs for webauthn hints feature (#20933) 
* Add docs for webauthn hints feature

* remove accidentally added file

* Apply suggestions from code review

Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Marcelo Elizeche Landó <marce@melizeche.com>

* Apply suggestions from code review

* Apply suggestions from code review

* Apply suggestions from code review

* point to our docs

---------

Signed-off-by: Marcelo Elizeche Landó <marce@melizeche.com>
Signed-off-by: Marcelo Elizeche Landó <marcelo@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
 2026-05-04 23:47:48 +00:00
Teffen Ellis
d69433b314 web: Consistent use of "User Dashboard" (#22038) 
* Update app labels.

* Update docs.
 2026-05-04 23:46:58 +02:00
Gianluca Ulivi
849a6053ad website/integrations: actual budget: add env var (#22036) 
Update index.mdx

Set auth method to oauth2 to use correct JWT algorithm

Signed-off-by: Gianluca Ulivi <22895603+GianlucaUlivi@users.noreply.github.com>
 2026-05-04 19:09:21 +00:00
Dominic R
abdbe0269f website/docs: add webhook mapping examples (#21971) 
* website/docs: add webhook mapping examples

Document event fields for generic webhook payload mappings.

Closes: https://github.com/goauthentik/authentik/issues/19335

* Update website/docs/sys-mgmt/events/transports.md

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Dominic R <dominic@sdko.org>

* Update website/docs/sys-mgmt/events/transports.md

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Dominic R <dominic@sdko.org>

---------

Signed-off-by: Dominic R <dominic@sdko.org>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
 2026-05-04 18:08:54 +00:00
Dominic R
55384c384a website/integrations: fix nextcloud LDAP group mapping (#21970) 
Set Nextcloud's LDAP group-member association to member (AD).

Closes: https://github.com/goauthentik/authentik/issues/21696
 2026-05-04 13:44:15 -04:00
Dominic R
06fd68f076 website/docs: preserve blueprint download filenames (#21969) 
* website/docs: preserve blueprint download filenames

Use a shared DownloadLink component for bundled blueprint downloads.

Closes: https://github.com/goauthentik/authentik/issues/20089

* website/docs: use download link for lockdown blueprint
 2026-05-04 13:41:44 -04:00
Teffen Ellis
d35ab99b2d web: Radio and Checkbox Input Revisions (#21792) 
* Flesh out checkbox group and radio style alignment.

* Fix input order, phrasing.

* fix radio not selecting default value if default value is falsey

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* align items in empty state primary

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix required flag

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Fix casing.

* consistent casing

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2026-05-04 19:12:18 +02:00
Connor Peshek
a3b0180049 providers/oauth: make rp init logout oidc certification changes (#21815) 
* providers/oauth: make rp init logout oidc certification changes

* update test

* slight rework

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add oidc certification tests

* test

* fix backchannel url

* make urls uniform

* update to main

* remove env bind

* cleanup patch

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fixup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add traefik healthcheck

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix healthcheck

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2026-05-04 19:11:59 +02:00
Dominic R
88a545f4fb website/docs: document SCIM custom attributes (#21980) 
* website/docs: document SCIM custom attributes

Add a SCIM provider example for custom extension attributes.

Closes: https://github.com/goauthentik/authentik/issues/14202

* website/docs: clarify SCIM custom attributes mapping

* website/docs: link SCIM mapping setup guidance

* Update index.md

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Dominic R <dominic@sdko.org>

---------

Signed-off-by: Dominic R <dominic@sdko.org>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
 2026-05-04 14:44:47 +00:00
Marc 'risson' Schmitt
ba62507fc2 root: introduce allinone mode (#21990) 2026-05-04 16:43:11 +02:00
Dominic R
82fc2e2c80 website/docs: add SAML source mapping guidance (#21978) 2026-05-04 10:14:25 -04:00
Marc 'risson' Schmitt
80b3739640 website/docs: fix misplaced AWS-LC clang warning (#22034) 2026-05-04 15:41:57 +02:00
Marc 'risson' Schmitt
1258e1eada lifecycle/worker_process: fix healthchecks and metrics not reloading db connections after a failure (#21992) 2026-05-04 15:06:30 +02:00
Marc 'risson' Schmitt
96ed17e760 root: add more logging to worker requests (#21989) 2026-05-04 15:06:28 +02:00
Marc 'risson' Schmitt
4b17468b6e root/channels: use group_send_blocking where possible (#21993) 2026-05-04 14:53:22 +02:00
authentik-automation[bot]
c834681251 core, web: update translations (#22014) 
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
 2026-05-04 14:41:55 +02:00