* Cherry-pick #20338 to version-2026.2 (with conflicts)
This cherry-pick has conflicts that need manual resolution.
Original PR: #20338
Original commit: e056dbdadd
* Fix conflict
* Fix conflicts
---------
Co-authored-by: Dominic R <dominic@sdko.org>
Co-authored-by: dewi-tik <dewi@goauthentik.io>
website/docs: add okta source doc (#20296)
* Begin
* Add steps
* Apply suggestions
* Update website/docs/users-sources/sources/social-logins/okta/index.md
* Apply suggestion from @dominic-r
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Dominic R <dominic@sdko.org>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
website/docs: draft of new WS-Fed provider docs (#20091)
* first draft
* add table of parms
* tweak
* add section about certs
* a little more content
* more info on wa
* new procedurla file and edit sidebar
* tweaks
* dewi and jens edits
* tweak to remove bullet
* add docs link to the Rel Notes
* dewi edits thx
* ooops missed that last edit
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
website/docs: add email verification scope doc (#20141)
* WIP
* Add link to 2025.10 release notes
* Apply suggestions from code review
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
website/docs: rac: fixes the property mapping formatting (#20200)
Fixes the property mapping formatting
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
* promote `2026.2` to beta
* add outline for `2026.2.0` release notes
* fill in some of the outlines of release notes for `2026.2.0`
* added new integration guides
* fixed oops in Int guides section, added content about Lifecycle
* highlights tweaks
Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com>
* tweaks
* content about WS-Fed provider
* add links
* batch review comments
---------
Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com>
Co-authored-by: Tana M Berry <tana@goauthentik.io>
Co-authored-by: Fletcher Heisler <fheisler@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
* specify name and slug
* Update configuration.md
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Add notes about headless servers
* Edits
* Spacing
* WIP
* WIP
* WIP
* Fix link
* Reporting issues
* Apply suggestions from code review
Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Update website/docs/endpoint-devices/device-authentication/ssh-authentication.mdx
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
* new first steps docs
* moved email config up to match Docker
* first draft
* moved sections and retitled some
* more content, tweaks
* dewis edits
* added Dewi ideas, more content, tweaks
* more content, green tips, other fixes
* Optimised images with calibre/image-actions
* Optimised images with calibre/image-actions
* Optimised images with calibre/image-actions
* conflicts?
* dominic's eedits, more content
* another fine Dominic edit
* more dewi and dominic edits, links
* a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* tweaks
* thanks Teffen
* new styles, more content
* few more dominic edits, tweaks
* formatting fights on tips
* fix some alignments
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* changes from Jens
* work on bindings docs that was needed for the first steps docs
* links, more tweaks
* more edits, more TODOs done
* add mermaid diagram, more links, more content
* fix sidebar, tweaks
* tweak
* more link fixing
* fix heading size
* more dewi and dominic edits
* more dewi and dominic edits
* teffen enhancements yay and more bindings rearchitecting
* added note about stage bindings being the only type of binding that you can bind to yeehaw
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* website/docs: Update location of media storage and outdated references
* lint
* Add content-type header info
* Apply suggestion from @dominic-r
Signed-off-by: Dominic R <dominic@sdko.org>
---------
Signed-off-by: Dominic R <dominic@sdko.org>
Co-authored-by: dewi-tik <dewi@goauthentik.io>
Overview:
Add a tip to the contributing guide explaining how to recover if you accidentally started making changes on `main` instead of a feature branch.
Testing:
n/a
Motivation:
Closes: https://github.com/goauthentik/authentik/issues/18740
* clean up roles and permissions
This was purposefully not included in `2025.12` to split the changes up.
The main content of this patch is in the migrations. Everything else
follows more or less automatically.
* add breaking change warning to release notes
* add `ak_groups` --> `groups` deprecated proxy
* fixup! add `ak_groups` --> `groups` deprecated proxy
* fixup! add `ak_groups` --> `groups` deprecated proxy
* fixup! add `ak_groups` --> `groups` deprecated proxy
* add configuration warning to default notifications blueprint
* add rudimentary tests for User.ak_groups
* remove no longer used permissions
* clarify deprecation
Co-authored-by: Jens L. <jens@goauthentik.io>
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com>
* remove integration changes
These will be included in a separate PR once this is released.
---------
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com>
Co-authored-by: Jens L. <jens@goauthentik.io>
* providers/scim: modify user- and group syncing behavior
rename filtergroup to groupfilters and allow multiple values
only sync groups which are in the scimprovider's attribute \"group_filters\"
only sync users which are entitled to view the scimprovider's application
* Update authentik/providers/scim/api/providers.py
Signed-off-by: Immanuel von Neumann <45020096+ImmanuelVonNeumann@users.noreply.github.com>
* fix(authentik/scim): update schema.yml and test name
* merge migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* providers/scim: fix linting
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* filter eagerly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Immanuel von Neumann <45020096+ImmanuelVonNeumann@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* Add cc and bcc options to TemplateEmailMessage
* Add cc and bcc arguments to ak_send_email
* Add tests and update docs
* better flow
* fix anchor link
authentik-automation[bot]
Marc 'risson' Schmitt
Simonyi Gergő
Alexander Tereshkin
Dewi Roberts
Connor Peshek
Jens L.
Tom Crasset
Tana M Berry
Dominic R
Marcelo Elizeche Landó
Teffen Ellis
Immanuel von Neumann
macmoritz