2021-07-13 17:47:32 +01:00
---
title: Release 2021.7
slug: "2021.7"
---
## Headline Changes
2021-07-21 08:41:49 +01:00
- SSL Support for LDAP Providers
2021-07-13 17:47:32 +01:00
You can now configure certificates for your LDAP Providers, meaning that all communication will be done encrypted.
2021-07-21 08:41:49 +01:00
Currently, only SSL on port 636 is supported, not StartTLS.
2021-10-19 14:45:15 +01:00
- Add bundled docs
2021-07-13 17:47:32 +01:00
You can now browse the authentik docs for your version by browsing to `/help` . This means you don't have to rely on an
2021-07-21 08:41:49 +01:00
internet connection to check the docs, and you also have the correct docs for your currently running version.
2021-07-13 17:47:32 +01:00
## Minor changes
2021-07-21 08:41:49 +01:00
- api: Tunnel Sentry requests through authentik to prevent them being blocked by ad-blockers
2021-07-13 17:47:32 +01:00
- core: fix error when setting icon/background to url longer than 100 chars
- events: fix error when slack notification request failed without a response
- flows: allow variable substitution in flow titles
2021-07-21 08:41:49 +01:00
- outposts/ldap: Fix LDAP outpost missing a `member` field on groups with all member DNs
- outposts/ldap: Fix LDAP outpost not parsing arrays from user and group attributes correctly
2021-07-13 17:47:32 +01:00
- providers/oauth2: allow blank redirect_uris to allow any redirect_uri
- providers/saml: fix parsing of POST bindings
2021-07-21 08:41:49 +01:00
- root: add PROXY protocol support for http, https, ldap and ldaps servers
- root: Allow configuration of Redis port
2021-07-13 17:47:32 +01:00
- root: set samesite to None for SAML POST flows
- root: subclass SessionMiddleware to set Secure and SameSite flag depending on context
- web: fix error when showing error message of request
2021-07-23 17:38:47 +01:00
## Fixed in 2021.7.1-rc2
2021-07-23 20:30:15 +01:00
- core: add email filter for user
- core: add group filter by member username and pk
- core: broaden error catching for propertymappings
- lib: fix outpost fake-ip not working, add tests
2021-07-23 17:38:47 +01:00
- outpost: fix 100% CPU Usage when not connected to websocket
2021-07-23 20:30:15 +01:00
- outposts: ensure outpost SAs always have permissions to fake IP
- outposts: fix git hash not being set in outposts
- outposts: save certificate fingerprint and check before re-fetching to cleanup logs
- outposts/ldap: add tracing for LDAP bind and search
- outposts/ldap: improve parsing of LDAP filters
- outposts/ldap: optimise backend Search API requests
- outposts/proxy: add X-Auth-Groups header to pass groups
- providers/oauth2: handler PropertyMapping exceptions and create event
- providers/saml: improve error handling for property mappings
- sources/ldap: improve error handling for property mappings
- web: fix icon flashing in header, fix notification header icon in dark mode
- web: separate websocket connection from messages
- web/admin: fix missing dark theme for notifications
- web/admin: fix negative count for policies when more cached than total policies
- web/admin: improve UI for notification toggle
- website/docs: clear up outpost uuids
- website/docs: remove duplicate proxy docs
2021-07-23 17:38:47 +01:00
2021-08-01 11:37:56 +01:00
## Fixed in 2021.7.1
- core: add tests for flow_manager
- core: fix CheckApplication's for_user flag not being checked correctly
- core: fix pagination not working correctly with applications API
- providers/oauth2: fix blank redirect_uri not working with TokenView
- root: add code of conduct and PR template
- root: add contributing file
- tenants: make event retention configurable on tenant level
- tenants: set tenant uuid in sentry
- web/admin: add notice for event_retention
- web/admin: add status card for https and timedrift
- web/admin: default to authentication flow for LDAP provider
- web/admin: fix ApplicationView's CheckAccess not sending UserID correctly
- website/docs: add go requirement
- website/docs: update terminology for dark mode
## Fixed in 2021.7.2
- ci: fix sentry sourcemap path
- e2e: fix broken selenium by locking images
- events: ensure fallback result is set for on_failure
- events: remove default result for MonitoredTasks, only save when result was set
2021-08-01 14:24:59 +01:00
- flows: don't check redirect URL when set from flow plan (set from authentik or policy)
- flows: fix unhandled error in stage execution not being logged as SYSTEM_EXCEPTION event
2021-08-01 11:37:56 +01:00
- outpost: bump timer for periodic config reloads
- outposts: catch invalid ServiceConnection error in outpost controller
- providers/oauth2: fix error when requesting jwks keys with no rs256 aet
- providers/proxy: fix hosts for ingress not being compared correctly
2021-08-01 14:24:59 +01:00
- providers/saml: fix Error when getting metadata for invalid ID
- providers/saml: fix metadata being inaccessible without authentication
2021-08-01 11:37:56 +01:00
- sources/ldap: improve ms-ad password complexity checking
- sources/plex: add background task to monitor validity of plex token
- stages/email: fix error when re-requesting email after token has expired
2021-08-01 12:24:04 +01:00
- stages/invitation: delete invite only after full enrollment flow is completed
2021-08-01 11:37:56 +01:00
- web/admin: add re-authenticate button for plex
- web/admin: add UI to copy invitation link
2021-08-01 12:24:04 +01:00
- web/admin: fix empty column when no invitation expiry was set
2021-08-01 11:37:56 +01:00
- web/admin: fix LDAP Provider bind flow list being empty
- web/admin: fully remove response cloning due to errors
2021-08-05 18:26:22 +01:00
## Fixed in 2021.7.3
- core: fix users not being able to update their profile
- lifecycle: decrease default worker count on compose
- providers/saml: fix error when WantAssertionsSigned is missing
- providers/saml: fix error when PropertyMapping return value isn't string
- web/admin: fix user's email field being required
- web/admin: fix source form's userMatchingMode being swapped
2021-07-13 17:47:32 +01:00
## Upgrading
This release does not introduce any new requirements.
### docker-compose
2021-10-13 16:51:54 +01:00
Download the docker-compose file for 2021.7 from [here ](https://goauthentik.io/version/2021.7/docker-compose.yml ). Afterwards, simply run `docker-compose up -d` .
2021-07-13 17:47:32 +01:00
### Kubernetes
Upgrade to the latest chart version to get the new images.