Authelia | v4.39.16

Authelia v4.39.16 released on 14-03-2026


Authelia v4.39.16 is out now. It resolves several authentication edge cases and backend compatibility issues so discovery flows and LDAP lookups are less likely to fail.

See the project’s GitHub release for the full changelog and downloadable images, including Docker pulls for authelia/authelia:4.39.16 and ghcr.io/authelia/authelia:4.39.16.

What’s in this release

  • Authentication fixes: discovery check relaxed and excessive LDAP filter escaping removed to reduce false negatives and broken lookups.
  • Middleware, OIDC and web/server polish: corrected strip-path match criteria, fixed OIDC JWT/profile claims policy hydration, sanitised the language cookie and resolved a web UI stuck state when enrolling 2FA.
  • Configuration and tooling tweaks plus Docker images: default max-retries adjusted, Docker dev builds disable npm scripts, Vite watchers ignore node_modules, improved root directory discovery; images available via the provided Docker pulls.

Upgrade notes

  • No breaking changes are listed in the release notes; review the linked GitHub issues and test the upgrade in a staging environment before rolling out to production.
  • If you need to roll back, redeploy the previous image tag you were running from your registry.

Share any issues or your upgrade experience on the project’s GitHub so the maintainers and community can follow up.

Related posts

Agentic AI still needs domain judgement

Agentic AI can write the thing, but it still cannot tell you whether the thing is right. That is where domain expertise matters, because a clean config or neat bit of glue logic can still be wrong in...

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto feature can cost more than the message itself, and there...