dc1359a763
* providers/saml: initial SLO implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add logout request tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add tests for POST SLO Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * matrix e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix import Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * set e2e matrix name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * separate oidc and oauth tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add basic saml slo e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add better metadata download url Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * kinda prepare release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sort releases into folders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add slo urls to website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix linking Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
70 lines
2.9 KiB
Markdown
70 lines
2.9 KiB
Markdown
---
|
|
title: Release 2022.4
|
|
slug: "/releases/2022.4"
|
|
---
|
|
|
|
## Breaking changes
|
|
|
|
- Removal of HTTP Basic authentication for API requests
|
|
|
|
For legacy reasons, authentik used to support HTTP-Basic authenticated requests, using the token as a password. This has been removed.
|
|
|
|
- Removal of deprecated context in Expression policies used in prompt stages
|
|
|
|
Before this version, you could use both `context['*field_name*']` and `context['prompt_data']['*field_name*']`. The former one has been removed as it could overwrite other data in the context if the field name is the same as another context value.
|
|
|
|
- Added name field for invitations
|
|
|
|
Invitations now require a name, used to better identify their purpose.
|
|
|
|
## New features
|
|
|
|
- Application Grouping
|
|
|
|
Applications can now be grouped together to better organise connected applications in the user dashboard.
|
|
|
|
- JWT authentication for `client_credentials` grants
|
|
|
|
Providers can now be configured to accept JWTs signed by configured certificates, which makes it a lot easier to services access to authentik, when an existing machine/service identity is provided (for example, this can be used to let Kubernetes Pods authenticate themselves to authentik via their service account)
|
|
|
|
## Minor changes/fixes
|
|
|
|
- core: add method to set key of token
|
|
- core: add num_pk to group for applications that need a numerical group id
|
|
- internal: disable HTML encoding in go-generated log messages
|
|
- lifecycle: fix password and hostname in redis URI not properly quoted
|
|
- outposts: check if docker ports should be mapped before comparing ports
|
|
- policies: add policy log messages to test endpoints
|
|
- providers/oauth2: map internal groups to GitHub teams in GHE OAuth emulation (#2497)
|
|
- providers/oauth2: pass scope and other parameters to access policy request context
|
|
- stages/email: allow overriding of destination email in plan context
|
|
- stages/invitation: add invitation name
|
|
- stages/prompt: filter rest_framework.fields.empty when field is not required
|
|
- stages/prompt: fix non-required fields not allowing blank values
|
|
- stages/prompt: set field default based on placeholder
|
|
- tenants: add tenant-level attributes, applied to users based on request
|
|
- web: live-convert to slug in fields where only slugs are allowed
|
|
- web: migrate dropdowns to wizards (#2633)
|
|
- web/admin: allow editing of invitations
|
|
- web/admin: fix missing protocols on generated nginx config
|
|
- web/admin: trigger update when provider wizard finishes
|
|
- web/user: add column layouts
|
|
|
|
## Upgrading
|
|
|
|
This release does not introduce any new requirements.
|
|
|
|
### docker-compose
|
|
|
|
Download the docker-compose file for 2022.4 from [here](https://goauthentik.io/version/2022.4/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.
|
|
|
|
### Kubernetes
|
|
|
|
Update your values to use the new images:
|
|
|
|
```yaml
|
|
image:
|
|
repository: ghcr.io/goauthentik/server
|
|
tag: 2022.4.1
|
|
```
|