diff --git a/website/docs/releases/2023/v2023.2.md b/website/docs/releases/2023/v2023.2.md
index fcb5a77fe..d1926bd46 100644
--- a/website/docs/releases/2023/v2023.2.md
+++ b/website/docs/releases/2023/v2023.2.md
@@ -9,6 +9,10 @@ slug: "/releases/2023.2"
 
     In previous versions, logging out of a single proxied application would only invalidate that application's session. Starting with this release, when logging out of a proxied application (via the _/outpost.goauthentik.io/sign_out_ URL), all the users session within the outpost are terminated. Sessions in other outposts and with other protocols are unaffected.
 
+-   UX Improvements
+
+    As with the previous improvements, we've made a lot of minor improvements to the general authentik UX to make your life easier.
+
 ## Upgrading
 
 This release does not introduce any new requirements.
@@ -29,6 +33,368 @@ image:
 
 ## Minor changes/fixes
 
+-   \*/saml: disable pretty_print, add signature tests
+-   blueprints: don't update default tenant
+-   blueprints: handle error when blueprint entry identifier field does not exist
+-   core: delete session when user is set to inactive
+-   core: fix inconsistent branding in end_session view
+-   core: fix token's set_key accessing data incorrectly
+-   events: improve sanitising for tuples and sets
+-   events: prevent error when request fails without response
+-   internal: fix cache-control header
+-   providers/ldap: add unbind flow execution (#4484)
+-   providers/ldap: fix error not being checked correctly when fetching users
+-   providers/oauth2: add user id as "sub" mode
+-   providers/oauth2: only set auth_time in ID token when a login event is stored in the session
+-   providers/oauth2: optimise client credentials JWT database lookup (#4606)
+-   providers/proxy: outpost wide logout implementation (#4605)
+-   stages/authenticator_validate: fix error with passwordless webauthn login
+-   stages/prompt: field name (#4497)
+-   stages/prompt: fix mismatched name field in migration
+-   stages/user_write: fix migration setting wrong value, fix form
+-   web/admin: fix certificate filtering for SAML verification certificate
+-   web/admin: fix dark theme for hover on tables
+-   web/admin: fix token edit button
+-   web/admin: rework event info page to show all event infos
+-   web/elements: add dropdown css to DOM directly instead of including
+-   web/elements: fix ak-expand not using correct font
+-   web/elements: fix clashing page url param
+-   web/elements: fix click propagation from modal into table
+-   web/elements: improve codemirror contrast in dark theme
+-   web/elements: make table rows clickable to select items
+-   web/elements: persist table page in URL parameters
+-   web/flows: improve handling of flow info
+-   web/user: filter tokens by username
+-   web/user: refactor loading of data in userinterface
+
 ## API Changes
 
-_Insert output of `make gen-diff` here_
+#### What's New
+
+---
+
+##### `POST` /admin/system/
+
+#### What's Changed
+
+---
+
+##### `POST` /core/tokens/{identifier}/set_key/
+
+##### `GET` /providers/oauth2/{id}/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    -   Changed property `sub_mode` (string)
+
+        > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+        Added enum value:
+
+        -   `user_id`
+
+##### `PUT` /providers/oauth2/{id}/
+
+###### Request:
+
+Changed content type : `application/json`
+
+-   Changed property `sub_mode` (string)
+
+    > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+    Added enum value:
+
+    -   `user_id`
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    -   Changed property `sub_mode` (string)
+
+        > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+        Added enum value:
+
+        -   `user_id`
+
+##### `PATCH` /providers/oauth2/{id}/
+
+###### Request:
+
+Changed content type : `application/json`
+
+-   Changed property `sub_mode` (string)
+
+    > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+    Added enum value:
+
+    -   `user_id`
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    -   Changed property `sub_mode` (string)
+
+        > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+        Added enum value:
+
+        -   `user_id`
+
+##### `POST` /providers/oauth2/
+
+###### Request:
+
+Changed content type : `application/json`
+
+-   Changed property `sub_mode` (string)
+
+    > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+    Added enum value:
+
+    -   `user_id`
+
+###### Return Type:
+
+Changed response : **201 Created**
+
+-   Changed content type : `application/json`
+
+    -   Changed property `sub_mode` (string)
+
+        > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+        Added enum value:
+
+        -   `user_id`
+
+##### `GET` /providers/oauth2/
+
+###### Parameters:
+
+Changed: `sub_mode` in `query`
+
+> Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    -   Changed property `results` (array)
+
+        Changed items (object): > OAuth2Provider Serializer
+
+        -   Changed property `sub_mode` (string)
+
+            > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+            Added enum value:
+
+            -   `user_id`
+
+##### `GET` /oauth2/authorization_codes/{id}/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    -   Changed property `provider` (object)
+
+        > OAuth2Provider Serializer
+
+        -   Changed property `sub_mode` (string)
+
+            > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+            Added enum value:
+
+            -   `user_id`
+
+##### `GET` /oauth2/refresh_tokens/{id}/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    -   Changed property `provider` (object)
+
+        > OAuth2Provider Serializer
+
+        -   Changed property `sub_mode` (string)
+
+            > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+            Added enum value:
+
+            -   `user_id`
+
+##### `GET` /oauth2/authorization_codes/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    -   Changed property `results` (array)
+
+        Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant
+
+        -   Changed property `provider` (object)
+
+            > OAuth2Provider Serializer
+
+            -   Changed property `sub_mode` (string)
+
+                > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+                Added enum value:
+
+                -   `user_id`
+
+##### `GET` /oauth2/refresh_tokens/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    -   Changed property `results` (array)
+
+        Changed items (object): > Serializer for BaseGrantModel and RefreshToken
+
+        -   Changed property `provider` (object)
+
+            > OAuth2Provider Serializer
+
+            -   Changed property `sub_mode` (string)
+
+                > Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
+
+                Added enum value:
+
+                -   `user_id`
+
+##### `GET` /stages/prompt/prompts/{prompt_uuid}/
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    New required properties:
+
+    -   `name`
+
+    *   Added property `name` (string)
+
+##### `PUT` /stages/prompt/prompts/{prompt_uuid}/
+
+###### Request:
+
+Changed content type : `application/json`
+
+New required properties:
+
+-   `name`
+
+*   Added property `name` (string)
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    New required properties:
+
+    -   `name`
+
+    *   Added property `name` (string)
+
+##### `PATCH` /stages/prompt/prompts/{prompt_uuid}/
+
+###### Request:
+
+Changed content type : `application/json`
+
+-   Added property `name` (string)
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    New required properties:
+
+    -   `name`
+
+    *   Added property `name` (string)
+
+##### `POST` /stages/prompt/prompts/
+
+###### Request:
+
+Changed content type : `application/json`
+
+New required properties:
+
+-   `name`
+
+*   Added property `name` (string)
+
+###### Return Type:
+
+Changed response : **201 Created**
+
+-   Changed content type : `application/json`
+
+    New required properties:
+
+    -   `name`
+
+    *   Added property `name` (string)
+
+##### `GET` /stages/prompt/prompts/
+
+###### Parameters:
+
+Added: `name` in `query`
+
+###### Return Type:
+
+Changed response : **200 OK**
+
+-   Changed content type : `application/json`
+
+    -   Changed property `results` (array)
+
+        Changed items (object): > Prompt Serializer
+
+        New required properties:
+
+        -   `name`
+
+        *   Added property `name` (string)