authentik

mirror of https://github.com/goauthentik/authentik.git synced 2026-06-17 19:09:11 +03:00

T

Dominic R 899994027d core: support hashed password in users API + automated install (#18686 )

* core: add hash_password command and password_hash bootstrap support

* core: prevent hash format exposure in validation error

* core: remove redundant password length check

* core: remove extra blank lines from hash_password command

* core: add password_hash serializer tests, refine validation and imports

* core: add null password fields test, add hash warning to docs

* core: move hash validation to User.set_password_from_hash method

* core: emit password_changed signal in set_password_from_hash

* website: remove redundant hash security warning

* core: wrap conflict error message for translation

* core: wrap invalid hash error message for translation

* web, core: add set_password_hash API endpoint and admin UI

* core: simplify password_hash check to None comparison

* core: use None check for password conflict validation

* website: clarify Docker Compose $ escaping for .env vs compose.yml

* website: lint

* web: lint

* core: add nosec comment for empty password string in signal

* core: lint

* web: Fix Password Hash help text

* sources/kerberos,ldap: Gergo's review

* add testing for ^^ and type fix

* more general signal tests; not provider specific

* only used in tests

* add warning

* we can do this

* signals fix????

* core, web, website: review fixes

* style(docs): format automated install guide

* web: restore modal invoker import after rebase

Co-authored-by: Codex <codex@openai.com>

* fix generated clients

* core: trim hash password command tests

* core: add password hash permission

* core: cover service account password hashes

* web: remove password hash form

* core: regenerate password hash migration

* core: reuse password serializer for hashes

* docs: clarify hashed password imports

* Regenerate

* core: deduplicate user serializer writes

* core: deduplicate password update actions

* core: deduplicate password change signaling

* tests: reuse password hash API helper

* tests: reuse SSF credential assertions

* docs: centralize hashed password caveat

* core: name password hash signal source

* core: centralize password hash validation

* core: deduplicate serializer password saves

* docs: link source writeback caveats

* api: clarify password hash request field

* tests: deduplicate password hash API assertions

* web: reuse user display-name helper

* web: use existing user display formatter

* core: reuse reset password permission for hash endpoint

* core: keep separate password hash serializer

* tests: remove redundant password hash permission test

* 21745

Co-authored-by: Gergo <gergo@goauthentik.io>

* core: preserve empty password handling in user serializer

* core: inline blueprint user serializer fields

* Use password hash constant

* Simplify user serializer flow

* Inline password update handling

* Apply serializer cleanup

* Clean blueprint password handling

* Drop extra returns

* Split password hash signal

* Align hash signal receivers

* Remove stale password guards

* Inline password signal

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: Gergo <gergo@goauthentik.io>

2026-04-29 06:27:59 +02:00

.cargo

root: init rust worker (#21324 )

2026-04-27 01:08:32 +02:00

.github

ci: bump taiki-e/install-action from 2.75.21 to 2.75.22 in /.github/actions/setup (#21877 )

2026-04-28 14:08:44 +02:00

.vscode

core, web: Vendored client follow-ups (#21174 )

2026-03-26 18:33:24 +01:00

authentik

core: support hashed password in users API + automated install (#18686 )

2026-04-29 06:27:59 +02:00

blueprints

core: support hashed password in users API + automated install (#18686 )

2026-04-29 06:27:59 +02:00

cmd

root: init rust worker (#21324 )

2026-04-27 01:08:32 +02:00

internal

providers/radius: fix message authenticator validation (#21824 )

2026-04-25 20:53:29 +02:00

lifecycle

root: fix rust build with uv-installed Python (#21858 )

2026-04-28 18:11:22 +02:00

locale

core, web: update translations (#21952 )

2026-04-29 04:08:12 +02:00

packages

core: support hashed password in users API + automated install (#18686 )

2026-04-29 06:27:59 +02:00

schemas

enterprise/providers: WS-Federation (#19583 )

2026-01-28 17:43:16 +01:00

scripts

scripts/api_filter_schema: fix authentication (#21644 )

2026-04-16 16:19:32 +00:00

src

root: init rust worker (#21324 )

2026-04-27 01:08:32 +02:00

tests

providers/saml: generate issuer url when provider is set on app (#18022 )

2026-04-28 17:31:12 -05:00

web

core: support hashed password in users API + automated install (#18686 )

2026-04-29 06:27:59 +02:00

website

core: support hashed password in users API + automated install (#18686 )

2026-04-29 06:27:59 +02:00

.dockerignore

packages/ak-lib: init (#21257 )

2026-03-31 11:33:46 +02:00

.editorconfig

website: add netlify cache plugin (#15113 )

2025-06-18 15:07:15 +02:00

.gitattributes

packages/django-dramatiq-postgres: fix default value for HTTPServerThread (#21216 )

2026-03-28 20:57:46 +01:00

.gitignore

root: cleanup API generation (#21172 )

2026-03-26 13:48:01 +00:00

.prettierignore

core, web: Vendored client follow-ups (#21174 )

2026-03-26 18:33:24 +01:00

build.rs

root: fix rust build with uv-installed Python (#21858 )

2026-04-28 18:11:22 +02:00

Cargo.lock

root: fix rust build with uv-installed Python (#21858 )

2026-04-28 18:11:22 +02:00

Cargo.toml

root: fix rust build with uv-installed Python (#21858 )

2026-04-28 18:11:22 +02:00

CODE_OF_CONDUCT.md

website: remove the last updated option from footer (#13493 )

2025-03-12 18:59:21 +00:00

CODEOWNERS

root: fix rust build with uv-installed Python (#21858 )

2026-04-28 18:11:22 +02:00

CONTRIBUTING.md

root: clean up README (#16286 )

2025-09-02 21:38:53 +00:00

cspell.config.jsonc

policies/event_matcher: Add query option to filter events (#21618 )

2026-04-16 01:52:11 +02:00

go.mod

core: bump github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1 in the go_modules group across 1 directory (#21807 )

2026-04-24 11:39:57 +01:00

go.sum

core: bump github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1 in the go_modules group across 1 directory (#21807 )

2026-04-24 11:39:57 +01:00

LICENSE

…

Makefile

root: init rust worker (#21324 )

2026-04-27 01:08:32 +02:00

manage.py

root: init rust worker (#21324 )

2026-04-27 01:08:32 +02:00

package-lock.json

web: bump brace-expansion from 1.1.13 to 1.1.14 (#21820 )

2026-04-25 11:27:27 +02:00

package.json

web: bump cspell from 9.7.0 to 10.0.0 (#21427 )

2026-04-07 15:15:53 +01:00

pyproject.toml

core: bump ruff from 0.15.11 to 0.15.12 (#21871 )

2026-04-28 16:36:23 +02:00

README.md

root: Fix transifex link (#17696 )

2025-10-24 19:01:42 +02:00

rust-toolchain.toml

core: bump rust-toolchain from 1.94.1 to 1.95.0 (#21660 )

2026-04-17 23:48:49 +01:00

schema.yml

core: support hashed password in users API + automated install (#18686 )

2026-04-29 06:27:59 +02:00

SECURITY.md

security: add item to intended behavior section of security policy (#21430 )

2026-04-07 13:00:26 +02:00

tsconfig.json

core, web: Vendored client follow-ups (#21174 )

2026-03-26 18:33:24 +01:00

uv.lock

core: bump ruff from 0.15.11 to 0.15.12 (#21871 )

2026-04-28 16:36:23 +02:00

README.md

What is authentik?

authentik is an open-source Identity Provider (IdP) for modern SSO. It supports SAML, OAuth2/OIDC, LDAP, RADIUS, and more, designed for self-hosting from small labs to large production clusters.

Our enterprise offering is available for organizations to securely replace existing IdPs such as Okta, Auth0, Entra ID, and Ping Identity for robust, large-scale identity management.

Installation

Docker Compose: recommended for small/test setups. See the documentation.
Kubernetes (Helm Chart): recommended for larger setups. See the documentation and the Helm chart repository.
AWS CloudFormation: deploy on AWS using our official templates. See the documentation.
DigitalOcean Marketplace: one-click deployment via the official Marketplace app. See the app listing.