github goauthentik/authentik version/2026.2.2-rc1
Release 2026.2.2-rc1
on GitHub

pre-release6 hours ago

See https://docs.goauthentik.io/docs/releases/2026.2#fixed-in-202622

What's Changed

  • ci: fix reason change in versions repo bump (cherry-pick #20696 to version-2026.2) by @gergosimonyi in #20709
  • web/admin: bad width on policy test results (cherry-pick #20668 to version-2026.2) by @authentik-automation[bot] in #20697
  • web/flows: continuous login (cherry-pick #19862 to version-2026.2) by @authentik-automation[bot] in #20712
  • core: bump django from 5.2.11 to 5.2.12 (cherry-pick #20719 to version-2026.2) by @authentik-automation[bot] in #20738
  • lifecycle: make gunicorn --max-requests configurable (cherry-pick #20736 to version-2026.2) by @authentik-automation[bot] in #20744
  • packages/django-channels-postgres: provide sync API for group_send (cherry-pick #20740 to version-2026.2) by @authentik-automation[bot] in #20741
  • website/docs: remove potatoes card sigh (cherry-pick #20767 to version-2026.2) by @authentik-automation[bot] in #20768
  • website: override DocSearch button colors in light mode (cherry-pick #20770 to version-2026.2) by @authentik-automation[bot] in #20773
  • providers/scim: fix out-of-scope users and groups not being deleted from destination application (cherry-pick #20742 to version-2026.2) by @authentik-automation[bot] in #20780
  • providers/oauth2: decode percent-encoded basic auth (cherry-pick #20779 to version-2026.2) by @authentik-automation[bot] in #20781
  • web/rbac: disambiguate duplicate permission names in initial permissions (cherry-pick #20786 to version-2026.2) by @authentik-automation[bot] in #20805
  • endpoints: prevent selection of incompatible connector (cherry-pick #20806 to version-2026.2) by @authentik-automation[bot] in #20807
  • website/docs: update agent docs (cherry-pick #20782 to version-2026.2) by @authentik-automation[bot] in #20826
  • providers/proxy: remove redundant logout event (cherry-pick #20860 to version-2026.2) by @authentik-automation[bot] in #20866
  • core: bump orjson from 3.11.5 to 3.11.6 (cherry-pick #20870 to version-2026.2) by @authentik-automation[bot] in #20889
  • core: expiring model: ignore DoesNotExist error (cherry-pick #20922 to version-2026.2) by @authentik-automation[bot] in #20925
  • web/admin: Fix SCIM page_size UI issue (cherry-pick #20890 to version-2026.2) by @authentik-automation[bot] in #20929
  • docs: Add note on skipping object syncing (cherry-pick #20882 to version-2026.2) by @authentik-automation[bot] in #20894
  • lifecycle/migrate: add flag to skip migrations (cherry-pick #20863 to version-2026.2) by @authentik-automation[bot] in #20932
  • outposts: only dispatch logout task if any outpost exists (cherry-pick #20920 to version-2026.2) by @authentik-automation[bot] in #20949
  • packages/django-dramatiq-postgres: scheduler: only dispatch tasks if they're not running yet (cherry-pick #20921 to version-2026.2) by @rissson in #20950
  • website/docs: use full path for sysd on windows (cherry-pick #20951 to version-2026.2) by @authentik-automation[bot] in #20952
  • core: bump pyasn1 from 0.6.2 to 0.6.3 (cherry-pick #20956 to version-2026.2) by @authentik-automation[bot] in #20957
  • web/admin: fix missing OSM referrerPolicy header (cherry-pick #20984 to version-2026.2) by @authentik-automation[bot] in #20990
  • website/docs: fix notification transport etc (cherry-pick #20982 to version-2026.2) by @authentik-automation[bot] in #20992
  • website/docs: update kubernetes install guide for Gateway API (cherry-pick #20961 to version-2026.2) by @authentik-automation[bot] in #20997
  • website/docs: fix swapped sidebar label (cherry-pick #21011 to version-2026.2) by @authentik-automation[bot] in #21012
  • website: switch docs analytics to gtag (cherry-pick #20993 to version-2026.2) by @authentik-automation[bot] in #21015
  • sources/ldap: fix incorrect error response for invalid sync_users_password (cherry-pick #21016 to version-2026.2) by @authentik-automation[bot] in #21039
  • enterprise/endpoints/connectors/agent: add login_hint support for interactive auth (cherry-pick #20647 to version-2026.2) by @authentik-automation[bot] in #21047
  • web/admin: handle non-string values in formatUUID to prevent Event Log crash (cherry-pick #20804 to version-2026.2) by @authentik-automation[bot] in #21052
  • events: avoid implicitly setting context from login_failed event (cherry-pick #21045 to version-2026.2) by @authentik-automation[bot] in #21050
  • events: prevent exception when events contains incompatible unicode (cherry-pick #21048 to version-2026.2) by @authentik-automation[bot] in #21053
  • ci: fix escaping in cherry-pick action (#21082) by @BeryJu in #21083
  • ci: rotate GH App private key (version-2026.2) by @BeryJu in #21087
  • ci: fix cherry-pick action generating empty title (#21091) by @BeryJu in #21092
  • flows: continous login debug (cherry-pick #21044 to version-2026.2) by @authentik-automation[bot] in #21090
  • website/docs: add missing dependencies for linux dev environment (cherry-pick #21020 to version-2026.2) by @authentik-automation[bot] in #21093
  • core: bump cbor2 from 5.8.0 to 5.9.0 (cherry-pick #21094 to version-2026.2) by @authentik-automation[bot] in #21096
  • providers/proxy: Add a default maxResponseBodySize to Traefik Middleware (cherry-pick #21111 to version-2026.2) by @authentik-automation[bot] in #21140
  • endpoints/connectors: fix enabled flag not respected (cherry-pick #21144 to version-2026.2) by @authentik-automation[bot] in #21145
  • web/flow: reset stale authenticator selection between consecutive validate stages (cherry-pick #20802 to version-2026.2) by @authentik-automation[bot] in #21014
  • web/applications: add wsfed to app wizard (cherry-pick #20880 to version-2026.2) by @authentik-automation[bot] in #21184
  • sources/oauth: Allow patching without provider type (cherry-pick #21211 to version-2026.2) by @authentik-automation[bot] in #21213
  • sources/ldap: fix exception in ldap debug endpoint (cherry-pick #21219 to version-2026.2) by @authentik-automation[bot] in #21222
  • proviers/ldap: avoid concurrent header writes in API Client (cherry-pick #21223 to version-2026.2) by @authentik-automation[bot] in #21228
  • website/docs: document group_uuid as a property for group object (cherry-pick #20865 to version-2026.2) by @authentik-automation[bot] in #21271
  • website/docs: ad source: add note about ldap signing (cherry-pick #21274 to version-2026.2) by @authentik-automation[bot] in #21279
  • core: fix provider not nullable (cherry-pick #21275 to version-2026.2) by @authentik-automation[bot] in #21282

Full Changelog: version/2026.2.1...version/2026.2.2-rc1

Check out latest releases or
releases around goauthentik/authentik version/2026.2.2-rc1

Don't miss a new authentik release

NewReleases is sending notifications on new releases.

Get notifications