* Cherry-pick #20338 to version-2026.2 (with conflicts)
This cherry-pick has conflicts that need manual resolution.
Original PR: #20338
Original commit: e056dbdadd
* Fix conflict
* Fix conflicts
---------
Co-authored-by: Dominic R <dominic@sdko.org>
Co-authored-by: dewi-tik <dewi@goauthentik.io>
website/docs: draft of new WS-Fed provider docs (#20091)
* first draft
* add table of parms
* tweak
* add section about certs
* a little more content
* more info on wa
* new procedurla file and edit sidebar
* tweaks
* dewi and jens edits
* tweak to remove bullet
* add docs link to the Rel Notes
* dewi edits thx
* ooops missed that last edit
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
website/docs: add email verification scope doc (#20141)
* WIP
* Add link to 2025.10 release notes
* Apply suggestions from code review
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
* promote `2026.2` to beta
* add outline for `2026.2.0` release notes
* fill in some of the outlines of release notes for `2026.2.0`
* added new integration guides
* fixed oops in Int guides section, added content about Lifecycle
* highlights tweaks
Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com>
* tweaks
* content about WS-Fed provider
* add links
* batch review comments
---------
Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com>
Co-authored-by: Tana M Berry <tana@goauthentik.io>
Co-authored-by: Fletcher Heisler <fheisler@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
* clean up roles and permissions
This was purposefully not included in `2025.12` to split the changes up.
The main content of this patch is in the migrations. Everything else
follows more or less automatically.
* add breaking change warning to release notes
* add `ak_groups` --> `groups` deprecated proxy
* fixup! add `ak_groups` --> `groups` deprecated proxy
* fixup! add `ak_groups` --> `groups` deprecated proxy
* fixup! add `ak_groups` --> `groups` deprecated proxy
* add configuration warning to default notifications blueprint
* add rudimentary tests for User.ak_groups
* remove no longer used permissions
* clarify deprecation
Co-authored-by: Jens L. <jens@goauthentik.io>
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com>
* remove integration changes
These will be included in a separate PR once this is released.
---------
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com>
Co-authored-by: Jens L. <jens@goauthentik.io>
* Add cc and bcc options to TemplateEmailMessage
* Add cc and bcc arguments to ak_send_email
* Add tests and update docs
* better flow
* fix anchor link
* Updates m2m doc, add mention to proxy provider about finding logs, updates filename/links/redirects
* Apply suggestions from code review
Co-authored-by: Jens L. <jens@goauthentik.io>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Prettier
* wip
* Removed section and changed some wording
* Add section
* Update website/docs/add-secure-apps/providers/proxy/index.md
Co-authored-by: Dominic R <dominic@sdko.org>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
* website: fix bad escaping of URLs in release notes
## What
Fixes bad escaping of URLs in the release notes that resulted in mangled output.
v2024.6.4 had entries that looked like this:
```
##### `GET` /providers/google_workspace/{#123;id}#125;/
```
v2025.4.md had entries that looked like this:
```
##### `GET` /policies/unique_password/{#125;#123;policy_uuid}/
```
A couple of straightforward search-and-replaces has fixed the issue.
## Notes
Two of the release notes had bad escaping of URLs. I'm not sure how the error was made or got past,
but it was obvious when visiting the page.
@Beryju suggested that the bug is due to our using `{...}` to symbolize parameters in a URL while
Docusaurus wants to interpret `{...}` as an internal template instruction, resulting in odd
behavior. In either case, docusarus interpreted the hashtagged entries as links to unrelated issues
in Github (the same two issues, which were "bump version of pylint" and "bump version of sentry"),
which could be very confusing.
The inconsistencies between the two releases, and the working releases, suggests that the error was
introduced manually.
* add 3 more int guides
* Apply suggestion from @dominic-r
Signed-off-by: Dominic R <dominic@sdko.org>
* is github's suggestion thingy usually this buggy
---------
Signed-off-by: Dominic R <dominic@sdko.org>
Co-authored-by: Tana M Berry <tana@goauthentik.io>
Co-authored-by: Dominic R <dominic@sdko.org>
authentik-automation[bot]
Simonyi Gergő
Dewi Roberts
Jens L.
Marcelo Elizeche Landó
Teffen Ellis
Dominic R
Marc 'risson' Schmitt
Tana M Berry
Ken Sternberg
Connor Peshek
Marco Lecheler