From 59e13e802683f8752f1b7f6501ddea662a4883a9 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Mon, 30 May 2022 21:26:22 +0200 Subject: [PATCH] website/docs: update docs Signed-off-by: Jens Langhammer --- website/docs/events/notifications.md | 2 ++ .../docs/flow/stages/authenticator_webauthn/index.md | 4 ---- website/docs/releases/v2022.6.md | 12 ++++++++++++ 3 files changed, 14 insertions(+), 4 deletions(-) diff --git a/website/docs/events/notifications.md b/website/docs/events/notifications.md index 723a6aa82..b11da9014 100644 --- a/website/docs/events/notifications.md +++ b/website/docs/events/notifications.md @@ -33,3 +33,5 @@ You have to select which group the generated notification should be sent to. If You also have to select which transports should be used to send the notification. A transport with the name "default-email-transport" is created by default. This transport will use the [global email configuration](../installation/docker-compose#email-configuration-optional-but-recommended). + +Starting with authentik 2022.6, a new default transport will be created. This is because notifications are no longer created by default, they are now a transport method instead. This allows for better customization of the notification before it is created. diff --git a/website/docs/flow/stages/authenticator_webauthn/index.md b/website/docs/flow/stages/authenticator_webauthn/index.md index f29530231..a08bd3a1f 100644 --- a/website/docs/flow/stages/authenticator_webauthn/index.md +++ b/website/docs/flow/stages/authenticator_webauthn/index.md @@ -5,7 +5,3 @@ title: WebAuthn authenticator setup stage This stage configures a WebAuthn-based Authenticator. This can either be a browser, biometrics or a Security stick like a YubiKey. There are no stage-specific settings. - -:::warning -Currently, the WebAuthn stage does NOT support Apple FaceID and Android Fingerprint/SafetyNet. -::: diff --git a/website/docs/releases/v2022.6.md b/website/docs/releases/v2022.6.md index 9f0bbd5f1..44b4d60ee 100644 --- a/website/docs/releases/v2022.6.md +++ b/website/docs/releases/v2022.6.md @@ -11,6 +11,18 @@ slug: "2022.6" These fields can be used to automatically configure OAuth Sources based on the [OpenID Connect Discovery Spec](https://openid.net/specs/openid-connect-discovery-1_0.html). Additionally, you can manually define a JWKS URL or raw JWKS data, and this can be used for Machine-to-machine authentication for OAuth2 Providers. +- Notifications are no longer created by default + + Instead of creating a Notification with each transport, there is now a new Transport mode called "Local", which locally creates the Notifications. This also adds the ability to customize the notification using a mapping. + +- Database-based sessions + + Sessions have been migrated from the database, where as they previously were stored in the cache. This has a slight performance hit, however fixes random issues cause by non-atomic session changes. + +- MFA Validation threshold has been migrated to signed cookies + + Last MFA validation is now saved in a signed cookie, which changes the behavior so that only the current browser is affected by MFA validation, and an attacker cannot exploit the fact that a user has recently authenticated with MFA. + ## Minor changes/fixes ## Upgrading