Authelia v4.39.17 released on 09-04-2026
Authelia v4.39.17 is out now. It fixes authentication edge cases (including a cache miss and an LDAP v3 version check), improves AMR consistency and adds configurable OIDC rate limits, and patches handler and middleware crashes to improve reliability and compatibility.
See the full release notes on the Authelia GitHub for details and guidance, and pull the published Docker images if you run containers.
What’s in this release
- Authentication fixes: resolved a cache miss in an edge case and corrected the ldapv3 version check to improve authentication reliability and LDAP compatibility.
- Authorization and OIDC: ensured AMR (authentication method reference) consistency for authorization decisions and introduced configurable rate limits for OIDC endpoints to allow operators to tune throughput and protection.
- Handlers, middleware and runtime: recovered a dereference panic in the one-time code (OTC) handler, tightened domain matching in middlewares, improved NTP latency calculation using full precision, and published official Docker images (docker pull authelia/authelia:4.39.17 or ghcr.io/authelia/authelia:4.39.17).
Upgrade notes
- No breaking changes are listed in the release notes — review the GitHub release before upgrading for any environment-specific notes.
- If you need to roll back, redeploy the previous image tag using your container tooling; the current images are authelia/authelia:4.39.17 and ghcr.io/authelia/authelia:4.39.17.
Tell us how the update behaved in your environment — report regressions or confirm fixes on the project’s issue tracker so others can benefit from your experience.
