website/docs: add 2025.10 release notes

[BeryJu]

Details

REPLACE ME

---

Checklist

• Local tests pass (ak test authentik/)
• The code has been formatted (make lint-fix)

If an API change has been made

• The API schema has been updated (make gen-build)

If changes to the frontend have been made

• The code has been formatted (make web)

If applicable

• The documentation has been updated
• The documentation has been formatted (make docs)

[netlify]

❌ Deploy Preview for authentik-docs failed. Why did it fail? →

Name	Link
🔨 Latest commit	225f6c4
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-docs/deploys/68e5098e1cd18000088e8009

[netlify]

✅ Deploy Preview for authentik-integrations ready!

Name	Link
🔨 Latest commit	225f6c4
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-integrations/deploys/68e5098e2729660007587203
😎 Deploy Preview	https://deploy-preview-17296--authentik-integrations.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[netlify]

✅ Deploy Preview for authentik-storybook ready!

Name	Link
🔨 Latest commit	225f6c4
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-storybook/deploys/68e5098e568b4700082976af
😎 Deploy Preview	https://deploy-preview-17296--authentik-storybook.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.86%. Comparing base (b5cf264) to head (225f6c4).
⚠️ Report is 118 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #17296      +/-   ##
==========================================
- Coverage   92.90%   92.86%   -0.04%     
==========================================
  Files         856      855       -1     
  Lines       46485    46499      +14     
==========================================
- Hits        43185    43182       -3     
- Misses       3300     3317      +17     

Flag	Coverage Δ
e2e	45.98% <ø> (-0.06%)	⬇️
integration	23.05% <ø> (-0.14%)	⬇️
unit	91.04% <ø> (+0.01%)	⬆️
unit-migrate	91.09% <ø> (+0.02%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-225f6c42e74f59f754b4883ec8503b34964c0eb5
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-225f6c42e74f59f754b4883ec8503b34964c0eb5

Afterwards, run the upgrade commands from the latest release notes.

[tanberry]

Suggested change

	## New integration guides
	An integration is how authentik connects to third-party applications, directories, and other identity providers. The following integration guides were recently added.
	- [Cloudflare](https://integrations.goauthentik.io/platforms/cloudflare/)
	- [Termix](https://integrations.goauthentik.io/infrastructure/termix/)
	- [Digital Ocean](https://integrations.goauthentik.io/cloud-providers/digitalocean/)
	- [osTicket](https://integrations.goauthentik.io/infrastructure/osticket/)
	- [AppFlowy](https://integrations.goauthentik.io/documentation/appflowy/) Thanks to contributor [rayanbzd](https://github.com/rayanbzd)

[dominic-r]

can't we directly link with /integrations/thing/file.md now?

[dewi-tik]

Wondering if it might be a good idea to add the Entra ID SCIM doc too. Although it's not an integration. It would be a good doc to raise awareness of.

[dominic-r]

good idea. was hesitating to mention it as well. i'd add it personally

[rissson]

    "redis.cache_timeout": "cache.timeout",
    "redis.cache_timeout_flows": "cache.timeout_flows",
    "redis.cache_timeout_policies": "cache.timeout_policies",

those settings aliases were removed

[BeryJu]

cca5771

[BeryJu]

Used to be true by default, but has potential security implications and we don't have a single explicit boolean for whether an email is verified or not, hence the default changed.

Might break certain applications that rely on this being true, such as OIDC in kubernetes

[dominic-r]

mabye a note for those not using the exact compose file or helm chart thingy to remove redis env vars and container config?

[dominic-r]

there's breaking changes section, but mabye just a note to be sure?