Authelia | v4.39.16

Authelia v4.39.16 released on 14-03-2026


Authelia v4.39.16 is out now. It’s a small patch release of bug fixes and developer tooling tweaks that addresses authentication, middleware, OIDC and web UI edge cases so administrators and self-hosters see more reliable logins and 2FA flows.

See the release on Authelia’s GitHub for the full notes and the updated Docker images.

What’s in this release

  • Authentication fixes: corrected an overly strict discovery check and excessive LDAP filter escaping that could block valid authentication flows.
  • Web UI and 2FA stability: resolved a UI stuck state when enrolling 2FA so users can complete setup reliably.
  • OIDC and developer tooling: ensured JWT/profile claims policies are properly hydrated for OIDC flows; developer improvements include a change to the max retries default, disabling npm scripts in the Docker dev build, ignoring node_modules in Vite watchers and improved root directory detection.

Upgrade notes

  • No breaking changes are reported, but review the changed max retries default in your configuration and adjust it if required.
  • Docker images for this release are available: docker pull authelia/authelia:4.39.16 and docker pull ghcr.io/authelia/authelia:4.39.16. If you must roll back, use your previous image and restart your service.

Share how the upgrade goes or raise any issues on the Authelia GitHub so the community and maintainers can follow up.

Related posts

Agentic AI still needs domain judgement

Agentic AI can write the thing, but it still cannot tell you whether the thing is right. That is where domain expertise matters, because a clean config or neat bit of glue logic can still be wrong in...

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto feature can cost more than the message itself, and there...