Authelia | v4.39.17

Authelia v4.39.17 released on 09-04-2026


Authelia v4.39.17 is out now. It fixes authentication edge cases (including a cache miss and an LDAP v3 version check), improves AMR consistency and adds configurable OIDC rate limits, and patches handler and middleware crashes to improve reliability and compatibility.

See the full release notes on the Authelia GitHub for details and guidance, and pull the published Docker images if you run containers.

What’s in this release

  • Authentication fixes: resolved a cache miss in an edge case and corrected the ldapv3 version check to improve authentication reliability and LDAP compatibility.
  • Authorization and OIDC: ensured AMR (authentication method reference) consistency for authorization decisions and introduced configurable rate limits for OIDC endpoints to allow operators to tune throughput and protection.
  • Handlers, middleware and runtime: recovered a dereference panic in the one-time code (OTC) handler, tightened domain matching in middlewares, improved NTP latency calculation using full precision, and published official Docker images (docker pull authelia/authelia:4.39.17 or ghcr.io/authelia/authelia:4.39.17).

Upgrade notes

  • No breaking changes are listed in the release notes — review the GitHub release before upgrading for any environment-specific notes.
  • If you need to roll back, redeploy the previous image tag using your container tooling; the current images are authelia/authelia:4.39.17 and ghcr.io/authelia/authelia:4.39.17.

Tell us how the update behaved in your environment — report regressions or confirm fixes on the project’s issue tracker so others can benefit from your experience.

Related posts

Agentic AI still needs domain judgement

Agentic AI can write the thing, but it still cannot tell you whether the thing is right. That is where domain expertise matters, because a clean config or neat bit of glue logic can still be wrong in...

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto feature can cost more than the message itself, and there...