From 821e296c7e05403921544f338320703862ab6d7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simonyi=20Gerg=C5=91?= <28359278+gergosimonyi@users.noreply.github.com> Date: Tue, 5 Nov 2024 18:04:14 +0100 Subject: [PATCH] website/docs: `2024.10.1` Release Notes (#11926) * fix API Changes in `2024.10` changelog * add `2024.10.1` API Changes to changelog * add changes in `2024.10.1` to changelog * change `details` to `h3` in changelog --- website/docs/releases/2024/v2024.10.md | 1313 ++++++++++++++++++++++-- 1 file changed, 1238 insertions(+), 75 deletions(-) diff --git a/website/docs/releases/2024/v2024.10.md b/website/docs/releases/2024/v2024.10.md index 2020557d39c2..9623c3979186 100644 --- a/website/docs/releases/2024/v2024.10.md +++ b/website/docs/releases/2024/v2024.10.md @@ -143,15 +143,112 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.10 - web: revert lockfile lint, re-add integrity (#11380) - web: small fixes for elements and forms (#11546) +## Fixed in 2024.10.1 + +- core: add `None` check to a device's `extra_description` (cherry-pick #11904) (#11906) +- enterprise/rac: fix API Schema for invalidation_flow (cherry-pick #11907) (#11908) +- providers/oauth2: fix size limited index for tokens (cherry-pick #11879) (#11905) +- web: fix missing status code on failed build (#11903) + ## API Changes +### API Changes in 2024.10.0 + #### What's New --- ##### `GET` /admin/version/history/ -##### `GET` /admin/version/history/{#123;id}#125;/ +##### `GET` /admin/version/history/{id}/ + +##### `GET` /authenticators/admin/endpoint/ + +##### `POST` /authenticators/admin/endpoint/ + +##### `GET` /authenticators/admin/endpoint/{uuid}/ + +##### `PUT` /authenticators/admin/endpoint/{uuid}/ + +##### `DELETE` /authenticators/admin/endpoint/{uuid}/ + +##### `PATCH` /authenticators/admin/endpoint/{uuid}/ + +##### `GET` /authenticators/endpoint/ + +##### `GET` /authenticators/endpoint/{uuid}/ + +##### `GET` /authenticators/endpoint/{uuid}/used_by/ + +##### `GET` /propertymappings/source/kerberos/ + +##### `POST` /propertymappings/source/kerberos/ + +##### `GET` /propertymappings/source/kerberos/{pm_uuid}/ + +##### `PUT` /propertymappings/source/kerberos/{pm_uuid}/ + +##### `DELETE` /propertymappings/source/kerberos/{pm_uuid}/ + +##### `PATCH` /propertymappings/source/kerberos/{pm_uuid}/ + +##### `GET` /propertymappings/source/kerberos/{pm_uuid}/used_by/ + +##### `GET` /sources/group_connections/kerberos/ + +##### `GET` /sources/group_connections/kerberos/{id}/ + +##### `PUT` /sources/group_connections/kerberos/{id}/ + +##### `DELETE` /sources/group_connections/kerberos/{id}/ + +##### `PATCH` /sources/group_connections/kerberos/{id}/ + +##### `GET` /sources/group_connections/kerberos/{id}/used_by/ + +##### `GET` /sources/kerberos/ + +##### `POST` /sources/kerberos/ + +##### `GET` /sources/kerberos/{slug}/ + +##### `PUT` /sources/kerberos/{slug}/ + +##### `DELETE` /sources/kerberos/{slug}/ + +##### `PATCH` /sources/kerberos/{slug}/ + +##### `GET` /sources/kerberos/{slug}/sync/status/ + +##### `GET` /sources/kerberos/{slug}/used_by/ + +##### `GET` /sources/user_connections/kerberos/ + +##### `POST` /sources/user_connections/kerberos/ + +##### `GET` /sources/user_connections/kerberos/{id}/ + +##### `PUT` /sources/user_connections/kerberos/{id}/ + +##### `DELETE` /sources/user_connections/kerberos/{id}/ + +##### `PATCH` /sources/user_connections/kerberos/{id}/ + +##### `GET` /sources/user_connections/kerberos/{id}/used_by/ + +##### `GET` /stages/authenticator/endpoint_gdtc/ + +##### `POST` /stages/authenticator/endpoint_gdtc/ + +##### `GET` /stages/authenticator/endpoint_gdtc/{stage_uuid}/ + +##### `PUT` /stages/authenticator/endpoint_gdtc/{stage_uuid}/ + +##### `DELETE` /stages/authenticator/endpoint_gdtc/{stage_uuid}/ + +##### `PATCH` /stages/authenticator/endpoint_gdtc/{stage_uuid}/ + +##### `GET` /stages/authenticator/endpoint_gdtc/{stage_uuid}/used_by/ #### What's Changed @@ -172,8 +269,11 @@ Changed response : **200 OK** - `extra_description` * Added property `extra_description` (string) + > Get extra description + * Changed property `pk` (integer -> string) + ##### `GET` /authenticators/all/ ###### Return Type: @@ -189,9 +289,149 @@ Changed response : **200 OK** - `extra_description` * Added property `extra_description` (string) + > Get extra description -##### `GET` /providers/all/{#123;id}#125;/ + * Changed property `pk` (integer -> string) + +##### `GET` /policies/event_matcher/{policy_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.kerberos` + - `authentik.enterprise.stages.authenticator_endpoint_gdtc` + + - Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + +##### `PUT` /policies/event_matcher/{policy_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.kerberos` + - `authentik.enterprise.stages.authenticator_endpoint_gdtc` + +- Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.kerberos` + - `authentik.enterprise.stages.authenticator_endpoint_gdtc` + + - Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + +##### `PATCH` /policies/event_matcher/{policy_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.kerberos` + - `authentik.enterprise.stages.authenticator_endpoint_gdtc` + +- Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.kerberos` + - `authentik.enterprise.stages.authenticator_endpoint_gdtc` + + - Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + +##### `GET` /providers/all/{id}/ ###### Return Type: @@ -206,7 +446,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `GET` /providers/oauth2/{#123;id}#125;/ +##### `GET` /providers/oauth2/{id}/ ###### Return Type: @@ -229,7 +469,7 @@ Changed response : **200 OK** * Changed property `signing_key` (string) > Key used to sign the tokens. -##### `PUT` /providers/oauth2/{#123;id}#125;/ +##### `PUT` /providers/oauth2/{id}/ ###### Request: @@ -271,7 +511,7 @@ Changed response : **200 OK** * Changed property `signing_key` (string) > Key used to sign the tokens. -##### `PATCH` /providers/oauth2/{#123;id}#125;/ +##### `PATCH` /providers/oauth2/{id}/ ###### Request: @@ -309,7 +549,7 @@ Changed response : **200 OK** * Changed property `signing_key` (string) > Key used to sign the tokens. -##### `GET` /providers/proxy/{#123;id}#125;/ +##### `GET` /providers/proxy/{id}/ ###### Return Type: @@ -324,7 +564,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PUT` /providers/proxy/{#123;id}#125;/ +##### `PUT` /providers/proxy/{id}/ ###### Request: @@ -350,7 +590,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PATCH` /providers/proxy/{#123;id}#125;/ +##### `PATCH` /providers/proxy/{id}/ ###### Request: @@ -372,7 +612,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `GET` /providers/rac/{#123;id}#125;/ +##### `GET` /providers/rac/{id}/ ###### Return Type: @@ -387,7 +627,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PUT` /providers/rac/{#123;id}#125;/ +##### `PUT` /providers/rac/{id}/ ###### Request: @@ -413,7 +653,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PATCH` /providers/rac/{#123;id}#125;/ +##### `PATCH` /providers/rac/{id}/ ###### Request: @@ -435,7 +675,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `GET` /providers/radius/{#123;id}#125;/ +##### `GET` /providers/radius/{id}/ ###### Return Type: @@ -450,7 +690,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PUT` /providers/radius/{#123;id}#125;/ +##### `PUT` /providers/radius/{id}/ ###### Request: @@ -476,7 +716,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PATCH` /providers/radius/{#123;id}#125;/ +##### `PATCH` /providers/radius/{id}/ ###### Request: @@ -510,7 +750,7 @@ New required properties: * Added property `invalidation_flow` (string) -##### `GET` /providers/scim/{#123;id}#125;/ +##### `GET` /providers/scim/{id}/ ###### Return Type: @@ -520,7 +760,7 @@ Changed response : **200 OK** - Added property `verify_certificates` (boolean) -##### `PUT` /providers/scim/{#123;id}#125;/ +##### `PUT` /providers/scim/{id}/ ###### Request: @@ -536,7 +776,7 @@ Changed response : **200 OK** - Added property `verify_certificates` (boolean) -##### `PATCH` /providers/scim/{#123;id}#125;/ +##### `PATCH` /providers/scim/{id}/ ###### Request: @@ -552,7 +792,7 @@ Changed response : **200 OK** - Added property `verify_certificates` (boolean) -##### `GET` /core/applications/{#123;slug}#125;/ +##### `GET` /core/applications/{slug}/ ###### Return Type: @@ -582,7 +822,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PUT` /core/applications/{#123;slug}#125;/ +##### `PUT` /core/applications/{slug}/ ###### Return Type: @@ -612,7 +852,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PATCH` /core/applications/{#123;slug}#125;/ +##### `PATCH` /core/applications/{slug}/ ###### Return Type: @@ -642,7 +882,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `GET` /outposts/instances/{#123;uuid}#125;/ +##### `GET` /outposts/instances/{uuid}/ ###### Return Type: @@ -661,7 +901,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PUT` /outposts/instances/{#123;uuid}#125;/ +##### `PUT` /outposts/instances/{uuid}/ ###### Return Type: @@ -680,7 +920,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PATCH` /outposts/instances/{#123;uuid}#125;/ +##### `PATCH` /outposts/instances/{uuid}/ ###### Return Type: @@ -699,6 +939,93 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. +##### `POST` /policies/event_matcher/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.kerberos` + - `authentik.enterprise.stages.authenticator_endpoint_gdtc` + +- Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.kerberos` + - `authentik.enterprise.stages.authenticator_endpoint_gdtc` + + - Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + +##### `GET` /policies/event_matcher/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Event Matcher Policy Serializer + + - Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.kerberos` + - `authentik.enterprise.stages.authenticator_endpoint_gdtc` + + - Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + ##### `GET` /providers/all/ ###### Return Type: @@ -718,7 +1045,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `GET` /providers/ldap/{#123;id}#125;/ +##### `GET` /providers/ldap/{id}/ ###### Return Type: @@ -733,7 +1060,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PUT` /providers/ldap/{#123;id}#125;/ +##### `PUT` /providers/ldap/{id}/ ###### Request: @@ -759,7 +1086,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PATCH` /providers/ldap/{#123;id}#125;/ +##### `PATCH` /providers/ldap/{id}/ ###### Request: @@ -985,7 +1312,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `GET` /providers/saml/{#123;id}#125;/ +##### `GET` /providers/saml/{id}/ ###### Return Type: @@ -1000,7 +1327,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PUT` /providers/saml/{#123;id}#125;/ +##### `PUT` /providers/saml/{id}/ ###### Request: @@ -1026,7 +1353,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PATCH` /providers/saml/{#123;id}#125;/ +##### `PATCH` /providers/saml/{id}/ ###### Request: @@ -1078,7 +1405,7 @@ Changed response : **200 OK** - Added property `verify_certificates` (boolean) -##### `GET` /rac/connection_tokens/{#123;connection_token_uuid}#125;/ +##### `GET` /rac/connection_tokens/{connection_token_uuid}/ ###### Return Type: @@ -1112,7 +1439,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PUT` /rac/connection_tokens/{#123;connection_token_uuid}#125;/ +##### `PUT` /rac/connection_tokens/{connection_token_uuid}/ ###### Return Type: @@ -1146,7 +1473,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PATCH` /rac/connection_tokens/{#123;connection_token_uuid}#125;/ +##### `PATCH` /rac/connection_tokens/{connection_token_uuid}/ ###### Return Type: @@ -1180,7 +1507,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `GET` /rac/endpoints/{#123;pbm_uuid}#125;/ +##### `GET` /rac/endpoints/{pbm_uuid}/ ###### Return Type: @@ -1199,7 +1526,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PUT` /rac/endpoints/{#123;pbm_uuid}#125;/ +##### `PUT` /rac/endpoints/{pbm_uuid}/ ###### Return Type: @@ -1218,7 +1545,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `PATCH` /rac/endpoints/{#123;pbm_uuid}#125;/ +##### `PATCH` /rac/endpoints/{pbm_uuid}/ ###### Return Type: @@ -1237,7 +1564,71 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `GET` /sources/saml/{#123;slug}#125;/ +##### `POST` /rbac/permissions/assigned_by_roles/{uuid}/assign/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `model` (string) + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + +##### `PATCH` /rbac/permissions/assigned_by_roles/{uuid}/unassign/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `model` (string) + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + +##### `POST` /rbac/permissions/assigned_by_users/{id}/assign/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `model` (string) + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + +##### `PATCH` /rbac/permissions/assigned_by_users/{id}/unassign/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `model` (string) + + Added enum values: + + - `authentik_sources_kerberos.kerberossource` + - `authentik_sources_kerberos.kerberossourcepropertymapping` + - `authentik_sources_kerberos.userkerberossourceconnection` + - `authentik_sources_kerberos.groupkerberossourceconnection` + - `authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage` + +##### `GET` /sources/saml/{slug}/ ###### Return Type: @@ -1256,7 +1647,7 @@ Changed response : **200 OK** - `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` -##### `PUT` /sources/saml/{#123;slug}#125;/ +##### `PUT` /sources/saml/{slug}/ ###### Request: @@ -1290,7 +1681,7 @@ Changed response : **200 OK** - `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` -##### `PATCH` /sources/saml/{#123;slug}#125;/ +##### `PATCH` /sources/saml/{slug}/ ###### Request: @@ -1388,7 +1779,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `GET` /core/user_consent/{#123;id}#125;/ +##### `GET` /core/user_consent/{id}/ ###### Return Type: @@ -1422,7 +1813,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `GET` /oauth2/access_tokens/{#123;id}#125;/ +##### `GET` /oauth2/access_tokens/{id}/ ###### Return Type: @@ -1449,7 +1840,7 @@ Changed response : **200 OK** * Changed property `signing_key` (string) > Key used to sign the tokens. -##### `GET` /oauth2/authorization_codes/{#123;id}#125;/ +##### `GET` /oauth2/authorization_codes/{id}/ ###### Return Type: @@ -1476,7 +1867,7 @@ Changed response : **200 OK** * Changed property `signing_key` (string) > Key used to sign the tokens. -##### `GET` /oauth2/refresh_tokens/{#123;id}#125;/ +##### `GET` /oauth2/refresh_tokens/{id}/ ###### Return Type: @@ -1738,6 +2129,18 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. +##### `GET` /rbac/permissions/assigned_by_roles/ + +###### Parameters: + +Changed: `model` in `query` + +##### `GET` /rbac/permissions/assigned_by_users/ + +###### Parameters: + +Changed: `model` in `query` + ##### `POST` /sources/saml/ ###### Request: @@ -1801,62 +2204,191 @@ Changed response : **200 OK** - `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` -##### `PUT` /core/transactional/applications/ +##### `GET` /stages/identification/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Added property `captcha_stage` (string) + > When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. + +##### `PUT` /stages/identification/{stage_uuid}/ ###### Request: Changed content type : `application/json` -- Changed property `provider` (object) +- Added property `captcha_stage` (string) + > When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. - Updated `authentik_providers_oauth2.oauth2provider` provider_model: - New required properties: +###### Return Type: - - `invalidation_flow` +Changed response : **200 OK** - * Added property `invalidation_flow` (string) +- Changed content type : `application/json` - > Flow used ending the session from a provider. + - Added property `captcha_stage` (string) + > When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. - * Added property `encryption_key` (string) +##### `PATCH` /stages/identification/{stage_uuid}/ - > Key used to encrypt the tokens. When set, tokens will be encrypted and returned as JWEs. +###### Request: - * Changed property `signing_key` (string) - > Key used to sign the tokens. +Changed content type : `application/json` - Updated `authentik_providers_radius.radiusprovider` provider_model: - New required properties: +- Added property `captcha_stage` (string) + > When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. - - `invalidation_flow` +###### Return Type: - * Added property `invalidation_flow` (string) - > Flow used ending the session from a provider. +Changed response : **200 OK** - Updated `authentik_providers_scim.scimprovider` provider_model: +- Changed content type : `application/json` - - Added property `verify_certificates` (boolean) + - Added property `captcha_stage` (string) + > When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. - Updated `authentik_providers_proxy.proxyprovider` provider_model: - New required properties: +##### `GET` /stages/password/{stage_uuid}/ - - `invalidation_flow` +###### Return Type: - * Added property `invalidation_flow` (string) - > Flow used ending the session from a provider. +Changed response : **200 OK** - Updated `authentik_providers_rac.racprovider` provider_model: - New required properties: +- Changed content type : `application/json` - - `invalidation_flow` + - Changed property `backends` (array) - * Added property `invalidation_flow` (string) - > Flow used ending the session from a provider. + > Selection of backends to test the password against. - Updated `authentik_providers_saml.samlprovider` provider_model: - New required properties: + Changed items (string): - - `invalidation_flow` + Added enum value: + + - `authentik.sources.kerberos.auth.KerberosBackend` + +##### `PUT` /stages/password/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + Added enum value: + + - `authentik.sources.kerberos.auth.KerberosBackend` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + Added enum value: + + - `authentik.sources.kerberos.auth.KerberosBackend` + +##### `PATCH` /stages/password/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + Added enum value: + + - `authentik.sources.kerberos.auth.KerberosBackend` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + Added enum value: + + - `authentik.sources.kerberos.auth.KerberosBackend` + +##### `PUT` /core/transactional/applications/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `provider` (object) + + Updated `authentik_providers_oauth2.oauth2provider` provider_model: + New required properties: + + - `invalidation_flow` + + * Added property `invalidation_flow` (string) + + > Flow used ending the session from a provider. + + * Added property `encryption_key` (string) + + > Key used to encrypt the tokens. When set, tokens will be encrypted and returned as JWEs. + + * Changed property `signing_key` (string) + > Key used to sign the tokens. + + Updated `authentik_providers_radius.radiusprovider` provider_model: + New required properties: + + - `invalidation_flow` + + * Added property `invalidation_flow` (string) + > Flow used ending the session from a provider. + + Updated `authentik_providers_scim.scimprovider` provider_model: + + - Added property `verify_certificates` (boolean) + + Updated `authentik_providers_proxy.proxyprovider` provider_model: + New required properties: + + - `invalidation_flow` + + * Added property `invalidation_flow` (string) + > Flow used ending the session from a provider. + + Updated `authentik_providers_rac.racprovider` provider_model: + New required properties: + + - `invalidation_flow` + + * Added property `invalidation_flow` (string) + > Flow used ending the session from a provider. + + Updated `authentik_providers_saml.samlprovider` provider_model: + New required properties: + + - `invalidation_flow` * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. @@ -1907,7 +2439,7 @@ Changed response : **200 OK** * Added property `invalidation_flow` (string) > Flow used ending the session from a provider. -##### `GET` /flows/executor/{#123;flow_slug}#125;/ +##### `GET` /flows/executor/{flow_slug}/ ###### Return Type: @@ -1953,7 +2485,81 @@ Changed response : **200 OK** - Property `brand_name` (string) -##### `POST` /flows/executor/{#123;flow_slug}#125;/ + Added 'xak-flow-frame' component: + + - Property `flow_info` (object) + + > Contextual flow information for a challenge + + - Property `component` (string) + + - Property `response_errors` (object) + + - Property `url` (string) + + - Property `loading_overlay` (boolean) + + - Property `loading_text` (string) + + Updated `ak-stage-authenticator-validate` component: + + - Changed property `device_challenges` (array) + + Changed items (object): > Single device challenge + + New required properties: + + - `last_used` + + * Added property `last_used` (string) + + Updated `ak-stage-identification` component: + + - Added property `captcha_stage` (object) + + > Site public key + + - Property `flow_info` (object) + + > Contextual flow information for a challenge + + - Property `component` (string) + + - Property `response_errors` (object) + + - Property `pending_user` (string) + + - Property `pending_user_avatar` (string) + + - Property `site_key` (string) + + - Property `js_url` (string) + +##### `POST` /flows/executor/{flow_slug}/ + +###### Request: + +Changed content type : `application/json` + +Added 'xak-flow-frame' component: + +- Property `component` (string) + +Updated `ak-stage-identification` component: + +- Added property `captcha_token` (string) + +Updated `ak-stage-authenticator-validate` component: + +- Changed property `selected_challenge` (object) + + > Single device challenge + + New required properties: + + - `last_used` + + * Added property `last_used` (string) ###### Return Type: @@ -1962,6 +2568,23 @@ Changed response : **200 OK** - Changed content type : `application/json` Added 'ak-stage-session-end' component: + Added 'xak-flow-frame' component: + Updated `ak-stage-authenticator-validate` component: + + - Changed property `device_challenges` (array) + + Changed items (object): > Single device challenge + + New required properties: + + - `last_used` + + * Added property `last_used` (string) + + Updated `ak-stage-identification` component: + + - Added property `captcha_stage` (object) + > Site public key ##### `GET` /oauth2/access_tokens/ @@ -2055,3 +2678,543 @@ Changed response : **200 OK** * Changed property `signing_key` (string) > Key used to sign the tokens. + +##### `POST` /stages/identification/ + +###### Request: + +Changed content type : `application/json` + +- Added property `captcha_stage` (string) + > When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Added property `captcha_stage` (string) + > When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. + +##### `GET` /stages/identification/ + +###### Parameters: + +Added: `captcha_stage` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > IdentificationStage Serializer + + - Added property `captcha_stage` (string) + > When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. + +##### `POST` /stages/password/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + Added enum value: + + - `authentik.sources.kerberos.auth.KerberosBackend` + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + Added enum value: + + - `authentik.sources.kerberos.auth.KerberosBackend` + +##### `GET` /stages/password/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > PasswordStage Serializer + + - Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + Added enum value: + + - `authentik.sources.kerberos.auth.KerberosBackend` + +### API Changes in 2024.10.1 + +#### What's Changed + +--- + +##### `GET` /providers/rac/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `PUT` /providers/rac/{id}/ + +###### Request: + +Changed content type : `application/json` + +New optional properties: + +- `invalidation_flow` + +* Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `PATCH` /providers/rac/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `POST` /providers/rac/ + +###### Request: + +Changed content type : `application/json` + +New optional properties: + +- `invalidation_flow` + +* Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `GET` /providers/rac/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `GET` /rac/connection_tokens/{connection_token_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + + - Changed property `endpoint_obj` (object) + + > Endpoint Serializer + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `PUT` /rac/connection_tokens/{connection_token_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + + - Changed property `endpoint_obj` (object) + + > Endpoint Serializer + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `PATCH` /rac/connection_tokens/{connection_token_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + + - Changed property `endpoint_obj` (object) + + > Endpoint Serializer + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `GET` /rac/endpoints/{pbm_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `PUT` /rac/endpoints/{pbm_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `PATCH` /rac/endpoints/{pbm_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `GET` /sources/kerberos/{slug}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `spnego_server_name` (string) + > Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname + +##### `PUT` /sources/kerberos/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `spnego_server_name` (string) + > Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `spnego_server_name` (string) + > Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname + +##### `PATCH` /sources/kerberos/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `spnego_server_name` (string) + > Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `spnego_server_name` (string) + > Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname + +##### `GET` /rac/connection_tokens/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > ConnectionToken Serializer + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + + - Changed property `endpoint_obj` (object) + + > Endpoint Serializer + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `POST` /rac/endpoints/ + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `GET` /rac/endpoints/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Endpoint Serializer + + - Changed property `provider_obj` (object) + + > RACProvider Serializer + + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider. + +##### `POST` /sources/kerberos/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `spnego_server_name` (string) + > Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `spnego_server_name` (string) + > Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname + +##### `GET` /sources/kerberos/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Kerberos Source Serializer + + - Changed property `spnego_server_name` (string) + > Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname + +##### `PUT` /core/transactional/applications/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `provider` (object) + + Updated `authentik_providers_rac.racprovider` provider_model: + New optional properties: + + - `invalidation_flow` + + * Deleted property `invalidation_flow` (string) + > Flow used ending the session from a provider.