This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/docs/releases/v2022.6.md

1.6 KiB

title slug
Release 2022.6 2022.6

Breaking changes

New features

  • Added well-known and JWKS URL in OAuth Source

    These fields can be used to automatically configure OAuth Sources based on the OpenID Connect Discovery Spec. Additionally, you can manually define a JWKS URL or raw JWKS data, and this can be used for Machine-to-machine authentication for OAuth2 Providers.

  • Notifications are no longer created by default

    Instead of creating a Notification with each transport, there is now a new Transport mode called "Local", which locally creates the Notifications. This also adds the ability to customize the notification using a mapping.

  • Database-based sessions

    Sessions have been migrated from the database, where as they previously were stored in the cache. This has a slight performance hit, however fixes random issues cause by non-atomic session changes.

  • MFA Validation threshold has been migrated to signed cookies

    Last MFA validation is now saved in a signed cookie, which changes the behavior so that only the current browser is affected by MFA validation, and an attacker cannot exploit the fact that a user has recently authenticated with MFA.

Minor changes/fixes

Upgrading

This release does not introduce any new requirements.

docker-compose

Download the docker-compose file for 2022.6 from here. Afterwards, simply run docker-compose up -d.

Kubernetes

Update your values to use the new images:

image:
    repository: ghcr.io/goauthentik/server
    tag: 2022.6.1