Tana Berry

authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and Auth0. Authentik Security is a public benefit company building on top of the open source authentik project.

Over a year ago we changed our release cadence to be around every two months, to optimize the rapid delivery of new features without waiting too long and having massively large releases. Version 2025.6 is a strong indicator that this cadence works well; it’s a short, sweet bundle of new features, performance enhancements, and a few minor improvements.

Let’s take a closer look at what’s in the 2025.6 release of authentik, your favorite identity provider.

authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and Auth0. Authentik Security is a public benefit company building on top of the open source project.

With every authentik release, we highlight our commitment to delivering new features that focus on providing solutions for all of our users and the identity management challenges that they face.

Our 2025.4 release of authentik contains new features around increased configuration options for authentik Admins, with a new password history policy, the ability to pre-define a bundled set of permissions, setting reputation score limits to further harden access control, and a new "remember me" option.

This release also provides support for PostgreSQL connection pools, the Kubernetes Gateway API, and the ability to do lookups of LDAP group memberships based on user attributes.

Let's take a closer look at a few of these features.

The first ever authentik hackathon just wrapped on Sunday, and we had a great time!

A huge thanks to our persistent hackers, who hacked from Wednesday through Sunday, and made some fantastic contributions to authentik. We are already looking forward to the next one (winter 2023, maybe?), and to another round of intense fun with our community members.

Here at Authentik Security, we are serious about your online security and our work… and we are also serious about our first ever authentik hackathon!

We described our upcoming inaugural hackathon in an earlier blog, and even built a dedicated web page for it, but now I want to break down some of the key reasons you should consider joining us on July 26 through July 30!

Even though JWTs (JSON Web Tokens, pronounced “jots”) have been around since 2010, it’s worth examining their more recent rise to become the dominant standard for managing authentication requests for application access.

When JWTs were first introduced, it was immediately clear that they were already an improvement on using a single string to represent the user information needed for authentication. The single string credential method was simple, but not as secure. There was no way to provide additional data or internal checks about the validity of the string or its issuer. With JWTs, there are expanded capabilities with more parts; there is a header, JSON-encoded payloads (called “claims”, which hold data about the user and about the token itself, such as an expiration date), and a signature (either a private key or a private/public key combination).

Let’s look a bit more closely at what a JWT is, review a short history of JWT evolutions and adoption, then discuss how JWTs are used in authentik.

In a blog from last November 2022, titled “Next steps for authentik”, I wrote about the launch of Authentik Security, our open core company built around the open source project authentik.

In this post, we’d like to provide updates on our progress in building out Authentik Security the company, ramping up the feature set in our open source identity provider, and taking the first steps in developing and offering an enterprise-level feature set for the Cloud or self-hosting. We are enthusiastic about our path forward and our plans to take authentik from a project to a product.