From 141cfe75d81fb81da9336a8d581e02bb0f8088c5 Mon Sep 17 00:00:00 2001 From: Tana M Berry Date: Thu, 29 Aug 2024 14:28:18 -0500 Subject: [PATCH] websites/docs: minor tweaks to rel notes (#11123) * minor tweaks to rel notes * tweak * again --------- Co-authored-by: Tana M Berry --- website/docs/core/brands.md | 2 +- website/docs/releases/2024/v2024.8.md | 26 +++++++++++++------------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/website/docs/core/brands.md b/website/docs/core/brands.md index 3fc29a352dab..925902b33dd4 100644 --- a/website/docs/core/brands.md +++ b/website/docs/core/brands.md @@ -27,4 +27,4 @@ Starting with authentik 2024.6.2, the placeholder `%(theme)s` can be used in the ## External user settings -The **Default application** configuration can be used to redirect external users to an application when they successfully authenticate without being sent from a specific application. +You can use the **Default application** configuration on the **System -> Brands** page of the Admin interface to redirect external users to a default application when they successfully authenticate without being sent from a specific application. diff --git a/website/docs/releases/2024/v2024.8.md b/website/docs/releases/2024/v2024.8.md index 9f9d4782a374..2f2608b645e3 100644 --- a/website/docs/releases/2024/v2024.8.md +++ b/website/docs/releases/2024/v2024.8.md @@ -6,15 +6,15 @@ slug: "/releases/2024.8" :::::note 2024.8 has not been released yet! We're publishing these release notes as a preview of what's to come, and for our awesome beta testers trying out release candidates. -To try out the release candidate, replace your Docker image tag with the latest release candidate number, such as 2024.8.0-rc1. You can find the latest one in [the latest releases on GitHub](https://github.com/goauthentik/authentik/releases). If you don't find any, it means we haven't released one yet. +To try out the release candidate, replace your Docker image tag with the latest release candidate number, such as 2024.8.0-rc2. You can find the latest one in [the latest releases on GitHub](https://github.com/goauthentik/authentik/releases). If you don't find any, it means we haven't released one yet. ::::: ## Highlights -- **Source property mappings for SCIM, OAuth, SAML and Plex sources**: All sources now support property mappings to configure how authentik interprets the incoming source's data. Additionally, groups can be synced from all sources that provide group info. +- **Source property mappings for SCIM, OAuth, SAML, and Plex sources**: All sources now support property mappings to configure how authentik interprets the incoming source's data. Additionally, groups can be synced from all sources that provide group info. - **RADIUS provider custom attribute support**: Integrate RADIUS better into network infrastructure by sending vendor-specific attributes based on the user authenticating. -- **SAML encryption support**: SAML source and provider support encryption now, which prevents anyone from viewing the information of Assertions in-flight. -- **RBAC support for Blueprints and Terraform**: Permissions can now be assigned and automated using both Blueprints and Terraform. +- **SAML encryption support**: SAML source and provider support encryption now, which prevents anyone from viewing the information of in-flight assertions. +- **RBAC support for blueprints and Terraform**: Permissions can now be assigned and automated using both blueprints and Terraform. ## Breaking changes @@ -35,9 +35,9 @@ To try out the release candidate, replace your Docker image tag with the latest This property mapping populates the `username` and `attributes.phone` attributes of a user at the same time, reducing the number of mappings that are run and thus improving performance. Additionally, they are more straightforward to read, and this change allowed us to implement property mappings for OAuth and SAML sources as well. - authentik will automatically migrate existing property mappings to this new format, by generating some Python code for each of the existing property mappings expressions. authentik-managed property mappings will automatically get updated to the new format. + authentik will automatically convert existing property mappings to this new format, by generating some Python code for each of the existing property mappings expressions. Property mappings that are managed by authentik will automatically get updated to the new format. - **If you have any custom property mappings, we recommend migrating them to this new format.** + **If you have any custom property mappings, we recommend converting them to this new format.** - **OAuth and SAML sources now sync groups by default** @@ -53,7 +53,7 @@ To try out the release candidate, replace your Docker image tag with the latest } ``` -### Manual action may be required +### Manual action _may_ be required - **Changes to the external user type** @@ -61,7 +61,7 @@ To try out the release candidate, replace your Docker image tag with the latest With this release, authentik improves support for B2C use-cases, which external users are intended for. It is now possible to configure a default application. External users _not_ attempting to access a specific application will always be redirected to this default application. - As part of this, external users will no longer have access to the User and Admin interfaces. If you're using the open-source version and you require this workflow, you can change users to be Internal, which will have no side-effects. For enterprise customers, please reach out to us with any questions. + As part of this, external users will no longer have access to the User and Admin interfaces. If you're using the open-source version and you require this workflow, you can change users to be Internal, which will have no side-effects. For Enterprise customers, please reach out to us with any questions.
Bulk changing the user typeIn the container, run the command `ak change_user_type --all --type internal` to change all users to Internal. Instead of using `--all` you can also pass usernames to the command to only change individual users to internal.
@@ -77,11 +77,11 @@ To try out the release candidate, replace your Docker image tag with the latest - **RADIUS provider custom attribute support** - With 2024.8 it is possible to define custom attributes for the RADIUS provider, for example vendor specific attributes like Cisco's `AV-Pair` attribute. These attributes are defined in property mappings which means they can be dynamically defined based on the user authenticating. See [RADIUS Provider](../../providers/radius/index.mdx#radius-attributes) + With 2024.8 it is possible to define custom attributes for the RADIUS provider, for example vendor-specific attributes like Cisco's `AV-Pair` attribute. These attributes are defined in property mappings which means they can be dynamically defined based on the user authenticating. See [RADIUS Provider](../../providers/radius/index.mdx#radius-attributes) - **SAML encryption support** - It is now possible to configure a SAML sources and providers to decrypt and validate encrypted assertions. This can be configured by creating a [Certificate-keypair](../../core/certificates.md) and selecting it in the SAML source or provider. + It is now possible to configure SAML sources and providers to decrypt and validate encrypted assertions. This can be configured by creating a [Certificate-keypair](../../core/certificates.md) and selecting it in the SAML source or provider. - **GeoIP Policy** @@ -89,13 +89,13 @@ To try out the release candidate, replace your Docker image tag with the latest - **Simplification of LDAP Provider permissions** - The LDAP provider now uses RBAC to assign the permission to search the full directory instead of requiring a dedicated group to be created. As part of the upgrade, existing search groups' users are migrated to grant the required permission to search the full directory. + The LDAP provider now uses RBAC to assign the appropriate permission to search the full directory instead of requiring a dedicated group to be created. As part of the upgrade, existing search groups' users are migrated to grant the required permission to search the full directory. -- **RBAC support for Blueprints and Terraform** +- **RBAC support for blueprints and Terraform** RBAC permissions for global/object level permissions for users/roles can now be managed via blueprints and Terraform. This allows for the automatic configuration of permissions. -- **UX Improvements** +- **UX improvements** In previous versions of authentik, there were several places in the Admin interface where you could not select more than 100 items. With this change, it is now possible to search for items and select more than 100 items.