authentik

mirror of https://github.com/goauthentik/authentik synced 2026-04-25 17:15:26 +02:00

Go to file

authentik-automation[bot] 71d2a4a5dd providers/oauth2: clip device authorization scope against the provider's ScopeMapping set (cherry-pick #21701 to version-2025.12) (#21798 )

Cherry-pick #21701 to version-2025.12 (with conflicts)

This cherry-pick has conflicts that need manual resolution.

Original PR: #21701
Original commit: cce646b132

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

# Conflicts:
#	authentik/providers/oauth2/tests/test_device_backchannel.py
#	authentik/providers/oauth2/views/device_backchannel.py

Co-authored-by: Sai Asish Y <say.apm35@gmail.com>

2026-04-23 18:26:55 +02:00

.github

ci: fix postgres path for postgres 18 tests (2025.12) (#21767 ) (#21788 )

2026-04-23 10:40:28 +02:00

.vscode

web/i18n: Locale Context Merge Branch (#18426 )

2025-12-03 06:30:07 +00:00

authentik

providers/oauth2: clip device authorization scope against the provider's ScopeMapping set (cherry-pick #21701 to version-2025.12) (#21798 )

2026-04-23 18:26:55 +02:00

blueprints

website/docs: add example recovery flow with MFA (cherry-pick #19497 to version-2025.12) (#21304 )

2026-04-01 14:50:45 +02:00

cmd

cmd/server/healthcheck: remove worker HTTP healthcheck (#18090 )

2025-11-12 14:42:30 +00:00

internal

proviers/ldap: avoid concurrent header writes in API Client (cherry-pick #21223 to version-2025.12) (#21227 )

2026-03-29 21:12:43 +02:00

lifecycle

release: 2025.12.4

2026-02-12 15:47:10 +00:00

locale

core, web: update translations (#18766 )

2025-12-12 16:22:04 +00:00

packages

packages/django-dramatiq-postgres: broker: empty message after task completed successfully (cherry-pick #19340 to version-2025.12) (#19356 )

2026-01-13 13:57:40 +01:00

schemas

providers: SCIM (#4835 )

2023-03-06 19:39:08 +01:00

scripts

root: fix compose generation for patch releases release candidates (cherry-pick #21353 to version-2025.12) (#21354 )

2026-04-02 19:12:09 +02:00

tests

web/sfe: downgrade bootstrap, add access denied test (cherry-pick #19763 to version-2025.12) (#19765 )

2026-01-27 01:06:01 +01:00

web

web/flows: prevent leader tab deadlock in continuous login flow (cherry-pick #21583 to version-2025.12) (#21626 )

2026-04-15 18:20:40 +02:00

website

providers/oauth2: device code flow client id via auth header (cherry-pick #20457 to version-2025.12) (#21803 )

2026-04-23 16:10:52 +02:00

.dockerignore

root: Better version bump (#14905 )

2025-08-12 13:50:12 +00:00

.editorconfig

website: add netlify cache plugin (#15113 )

2025-06-18 15:07:15 +02:00

.gitignore

*: remove Redis leftovers (#17146 )

2025-10-11 01:46:53 +02:00

.prettierignore

web: Update Deprecated NPM Packages (#18335 )

2025-11-24 13:31:42 -05:00

CODE_OF_CONDUCT.md

website: remove the last updated option from footer (#13493 )

2025-03-12 18:59:21 +00:00

CODEOWNERS

web: Capitalize language display names, code owner fix (cherry-pick #19119 to version-2025.12) (#19122 )

2025-12-30 20:50:42 -05:00

CONTRIBUTING.md

root: clean up README (#16286 )

2025-09-02 21:38:53 +00:00

docker-compose.yml

release: 2025.12.4

2026-02-12 15:47:10 +00:00

Dockerfile

ci: always generate API clients (#19906 ) (#19932 )

2026-02-02 14:19:07 +01:00

go.mod

root: update client-go generation (cherry-pick #19762 to version-2025.12) (#19791 )

2026-01-27 16:22:18 +01:00

go.sum

root: update client-go generation (cherry-pick #19762 to version-2025.12) (#19791 )

2026-01-27 16:22:18 +01:00

ldap.Dockerfile

core: bump goauthentik/fips-debian from dea09c4 to 07f41ce (#18778 )

2025-12-12 15:13:32 +00:00

LICENSE

enterprise: initial license (#5293 )

2023-04-19 16:13:45 +02:00

Makefile

root: do not rely on npm cli for version bump (cherry-pick #20276 to version-2025.12) (#20320 )

2026-02-17 13:02:24 +01:00

manage.py

*: replace Celery with Dramatiq (#13492 )

2025-07-28 17:00:09 +02:00

package-lock.json

release: 2025.12.4

2026-02-12 15:47:10 +00:00

package.json

release: 2025.12.4

2026-02-12 15:47:10 +00:00

proxy.Dockerfile

core: bump goauthentik/fips-debian from dea09c4 to 07f41ce (#18778 )

2025-12-12 15:13:32 +00:00

pyproject.toml

core: bump django from v5.2.12 to 5.2.13 (cherry-pick #21520 to version-2025.12) (#21525 )

2026-04-16 13:03:53 +02:00

rac.Dockerfile

core: bump library/golang from b669435 to 5d35fb8 (#18718 )

2025-12-10 13:29:13 +00:00

radius.Dockerfile

core: bump goauthentik/fips-debian from dea09c4 to 07f41ce (#18778 )

2025-12-12 15:13:32 +00:00

README.md

root: Fix transifex link (#17696 )

2025-10-24 19:01:42 +02:00

schema.yml

web/flows: add continuous flow 2025.12 (#20362 )

2026-03-17 15:00:43 +01:00

SECURITY.md

core: Update supported versions in SECURITY.md (cherry-pick #19385 to version-2025.12) (#19578 )

2026-01-19 14:32:24 +01:00

tsconfig.json

web: Update Deprecated NPM Packages (#18335 )

2025-11-24 13:31:42 -05:00

uv.lock

core: bump django from v5.2.12 to 5.2.13 (cherry-pick #21520 to version-2025.12) (#21525 )

2026-04-16 13:03:53 +02:00

README.md

What is authentik?

authentik is an open-source Identity Provider (IdP) for modern SSO. It supports SAML, OAuth2/OIDC, LDAP, RADIUS, and more, designed for self-hosting from small labs to large production clusters.

Our enterprise offering is available for organizations to securely replace existing IdPs such as Okta, Auth0, Entra ID, and Ping Identity for robust, large-scale identity management.

Installation

Docker Compose: recommended for small/test setups. See the documentation.
Kubernetes (Helm Chart): recommended for larger setups. See the documentation and the Helm chart repository.
AWS CloudFormation: deploy on AWS using our official templates. See the documentation.
DigitalOcean Marketplace: one-click deployment via the official Marketplace app. See the app listing.