This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/docs/releases/2021.2.md

3.5 KiB

title
Release 2021.1.2

Headline Changes

  • Managed objects

    Objects like property mappings can now be marked as managed, which means that they will be created, updated and deleted by authentik.

    Currently, this is used to update default property mappings, and mark tokens and users generated by outposts.

  • Improved support for different LDAP Servers

    The LDAP source has improved support for non-Active Directory LDAP setups. This includes the following changes:

    • Switch to sync membership from groups to users rather than user to group
    • Fix users, which were removed from a group in LDAP not being removed from said group
    • Add support for LDAP servers which have core fields declared as lists
    • Add property-mappings for groups, to map attributes like name or is_superuser
  • Add test view to debug property-mappings.

Fixes

  • admin: add test view for property mappings
  • core: Fix application cache not being cleared correctly (and not being ignored for searches)
  • events: add send_once flag to send webhooks only once
  • events: allow searching by event id
  • events: don't log successful system tasks
  • events: improve information sent in notification emails
  • providers/oauth2: pass application to configuration error event
  • providers/saml: fix imported provider not saving properties correctly
  • root: use filtering_bound_logger for speed improvements
  • stages/consent: fix wrong widget for expire
  • web: migrate Provider List to SPA

Fixed in 2021.2.1-rc2

  • admin: add Certificate-Keypair generation
  • admin: fix property-mapping views redirecting to invalid URL
  • admin: improve layout for policy testing
  • admin: remove old provider list view
  • outpost: cap reconnect backoff at 60 seconds, reset backoff on successful connection
  • policies: add debug flag to PolicyRequest to prevent alerts from testing policies
  • providers/saml: force-set friendly_name to empty string for managed mappings
  • root: add dedicated live and readiness healthcheck views
  • web: fix link to provider list on overview page
  • web: fix outpost item in sidebar being active on service connection views

Fixed in 2021.2.1-stable

  • admin: fix link in source list
  • web: rebuild Outposts list in SPA
  • outposts: Fix reconnect not working reliably
  • providers/oauth2: add authorized scopes to AUTHORIZE_APPLICATION event
  • providers/oauth2: add unofficial groups attribute to default profile claim
  • web: fix sidebar being active when stage prompts is selected

Upgrading

This release does not introduce any new requirements.

Due to the switch to managed objects, some default property mappings are changing. This affects only the SAML Provider.

The change affects the "SAML Name" property, which has been changed from an oid to a Schema URI to aid readability.

The integrations affected are:

docker-compose

Download the latest docker-compose file from here. Afterwards, simply run docker-compose up -d and then the standard upgrade command of docker-compose run --rm server migrate.

Kubernetes

Run helm repo update and then upgrade your release with helm upgrade passbook authentik/authentik --devel -f values.yaml.