diff --git a/website/docs/releases/v2021.10.md b/website/docs/releases/v2021.10.md
new file mode 100644
index 000000000..d21971ce5
--- /dev/null
+++ b/website/docs/releases/v2021.10.md
@@ -0,0 +1,123 @@
+---
+title: Release 2021.10
+slug: "2021.10"
+---
+
+## Headline Changes
+
+- Flow Inspector
+
+  To better understand how a flow works, and why things might not be working as intended, you can now launch Flows with an inspector enabled. This is simply triggered by adding a `?inspector` to the URL. Currently, only superuser have the permission to access the Inspector.
+
+  The inspector shows the current stage, previous stages, next planned stages, and the current flow context.
+
+- SMS Authenticator
+
+  You can now use SMS-based TOTP authenticators. This new Stage supports both Twilio, and a generic API endpoint, if using another provider. This stage does not have to be used for authentication, it can simply be used during enrollment to verify your users phone numbers.
+
+- Sign in with Apple
+
+  It is now possible to add an Apple OAuth Source, to allow your users to authenticate with their Apple ID.
+
+A huge shoutout to all the people that contributed, helped test and also translated authentik. This is the first release that has as full French translation!
+
+## Minor changes
+
+- *: Squash Migrations (#1593)
+- admin: clear update notification when notification's version matches current version
+- cmd: prevent outposts from panicking when failing to get their config
+- core: add default for user's settings attribute
+- core: add settings serializer to user/me and update_self endpoints, saved in a key in attributes
+- core: improve detection for s3 settings to trigger backup
+- core: include group uuids in self serializer
+- core: make user's name field fully optional
+- flows: inspector (#1469)
+- internal: add internal healthchecking to prevent websocket errors
+- internal/proxyv2: improve error handling when configuring app
+- lifecycle: bump celery healthcheck to 5s timeout
+- lifecycle: only lock database when system migrations need to be applied, and during django migrations, and don't double unlock
+- lifecycle: only set prometheus_multiproc_dir in ak wrapper to prevent full disk on worker
+- managed: don't run managed reconciler in foreground on startup
+- outpost/proxy: fix missing negation for internal host ssl verification
+- outposts: add additional error checking for docker controller
+- outposts: Adding more flexibility to outposts in Kubernetes. (#1617)
+- outposts: allow disabling of docker controller port mapping
+- outposts: check ports of deployment in kubernetes outpost controller
+- outposts: don't always build permissions on outpost.user access, only in signals and tasks
+- outposts: fallback to known-good outpost image if configured image cannot be pulled
+- outposts: fix error when comparing ports in docker controller when port mapping is disabled
+- outposts: handle k8s 422 response code by recreating objects
+- outposts: rename docker_image_base to container_image_base, since its not docker specific
+- outposts/ldap: Support hard coded `uidNumber` and `gidNumber`. (#1582)
+- outposts/proxy: add new headers with unified naming
+- outposts/proxy: fix duplicate protocol in domain auth mode
+- outposts/proxy: show full error message when user is authenticated
+- policies: add additional filters to create flow charts on frontend
+- policies/password: add extra sub_text field in tests
+- providers/ldap: use RDN when using posixGroup's memberUid attribute (#1514)
+- providers/proxy: always check ingress secret in kubernetes controller
+- providers/proxy: update ingress controller to work with k8s 1.22
+- recovery: handle error when user doesn't exist
+- root: add docker-native healthcheck for web and celery
+- root: add translation for backend strings
+- root: coverage with toml support
+- root: fix error with sentry proxy
+- root: migrate docker images to netlify proxy (#1603)
+- root: remove redundant internal network from compose
+- root: remove structlog.processors.format_exc_info for new structlog version
+- root: Use fully qualified names for docker bases base images. (#1490)
+- sources/ldap: add support for Active Directory `userAccountControl` attribute
+- sources/ldap: don't sync ldap source when no property mappings are set
+- sources/ldap: fix logic error in Active Directory account disabled status
+- sources/oauth: add Sign in with Apple (#1635)
+- stages/authenticator_sms: add generic provider (#1595)
+- stages/authenticator_sms: Add SMS Authenticator Stage (#1577)
+- stages/authenticator_validate: create a default authenticator validate stage with sensible defaults
+- stages/email: add activate_user_on_success flag, add for all example flows
+- stages/prompt: add sub_text field to add HTML below prompt fields
+- stages/prompt: fix sub_text not allowing blank
+- stages/prompt: fix wrong field type of field_key
+- stages/user_login: add check for user.is_active and tests
+- stages/user_write: allow recursive writing to user.attributes
+- web: add locale detection
+- web: ensure fallback locale is loaded
+- web: fix rendering of token copy button in dark mode
+- web: fix strings not being translated at all when matching browser locale not found
+- web: make table pagination size user-configurable
+- web: new default flow background
+- web: Translate /web/src/locales/en.po in fr_FR (#1506)
+- web/admin: add fallback font for doughnut charts
+- web/admin: default to warning state for backup task
+- web/admin: don't require username nor name for activate/deactivate toggles
+- web/admin: fix description for flow import
+- web/admin: fix LDAP Source form not exposing syncParentGroup
+- web/admin: fix search group label
+- web/admin: fix SMS Authenticator stage not loading state correctly
+- web/admin: improve visibility of oauth rsa key
+- web/admin: only show outpost deployment info when not embedded
+- web/admin: truncate prompt label when too long
+- web/elements: fix initialLoad not being done when viewportCheck was disabled
+- web/elements: fix model form always loading when viewport check is disabled
+- web/elements: use dedicated button for search clear instead of webkit exclusive one
+- web/flows: adjust message for email stage
+- web/user: don't show managed tokens in user interface
+- web/user: initial optimisation for smaller screens
+- web/user: load interface settings from user settings
+
+## Upgrading
+
+This release does not introduce any new requirements.
+
+### docker-compose
+
+Download the docker-compose file for 2021.10 from [here](https://goauthentik.io/version/2021.10/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.
+
+### Kubernetes
+
+Update your values to use the new images:
+
+```yaml
+image:
+  repository: goauthentik.io/server
+  tag: 2021.10.1
+```
diff --git a/website/sidebars.js b/website/sidebars.js
index 3163bb35e..756079b34 100644
--- a/website/sidebars.js
+++ b/website/sidebars.js
@@ -177,14 +177,15 @@ module.exports = {
             type: "category",
             label: "Release Notes",
             items: [
+                "releases/v2021.10",
                 "releases/v2021.9",
                 "releases/v2021.8",
-                "releases/v2021.7",
-                "releases/v2021.6",
                 {
                     type: "category",
                     label: "Previous versions",
                     items: [
+                        "releases/v2021.7",
+                        "releases/v2021.6",
                         "releases/v2021.5",
                         "releases/v2021.4",
                         "releases/v2021.3",