Release notes

All notable changes to this project will be documented in there.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[0.0.77] - Unreleased

Warning

This version comes with a configuration breaking change.

The authentication factors configuration part have been reworked:

• CANAILLE.EMAIL_OTP and CANAILLE.SMS_OTP have been removed.

• CANAILLE.AUTHENTICATION_FACTORS has been introduced as a replacement.

Changed

• The configuration parameter AUTHENTICATION_FACTORS is added. The configuration parameters EMAIL_OTP and SMS_OTP are removed. #279

[0.0.76] - 2025-06-06

Fixed

• bs4 is not required for test mode.

[0.0.75] - 2025-06-06

Warning

This version comes with a configuration breaking change.

The OIDC configuration part have been reworked:

• CANAILLE_OIDC.JWT.MAPPING becomes CANAILLE_OIDC.USERINFO_MAPPING

• CANAILLE.JWT is removed. You can migrate your keys with this script:

import tomlkit
from joserfc import jwk

with open("canaille.toml") as fd:
    config = tomlkit.load(fd)

key = jwk.RSAKey.import_key(config["CANAILLE_OIDC"]["JWT"]["PRIVATE_KEY"])
config["CANAILLE_OIDC"]["ACTIVE_JWKS"] = [key.as_dict()]

with open("canaille.toml", "w") as fd:
    config = tomlkit.dump(config, fd)

Warning

This version comes with a schema breaking change. The LDAP schema has evolved. If you use the LDAP schema, please follow the Schema update section.

Changed

• Reworked the JWK configuration. #119

• OIDC UserInfo endpoint is managed with Authlib. #244

• The default behavior of canaille config dump is to write the configuration in the standard output.

Added

• Support for RFC9101 JWT-Secured Authorization Request (JAR) #254

• Adds a docker image on hubdocker #262

• Update the doc to use and update the docker image #260

Fixed

• The email field was losing focus when updated with HTMX. #279

[0.0.74] - 2025-04-24

Added

• Mock gettext when flask-babel dependency is not installed.

[0.0.73] - 2025-04-23

Warning

This version comes with a schema breaking change. The LDAP schema has evolved. If you use the LDAP schema, please follow the Schema update section.

Added

• Support for OIDC authorization endpoint login and consent prompt parameters. #187

Fixed

• Return errors as redirection parameters in the authorization endpoint.

• Clients without scope defined don’t restrict scopes for token emission. #264

• Userinfo address claim was not a JSON object. #269

[0.0.72] - 2025-04-07

Warning

This version comes with a schema breaking change. The LDAP schema has evolved. If you use the LDAP schema, please follow the Schema update section.

Added

• updated_at claim in id_token and userinfo endpoint.

• Support for POST method in OIDC authorization endpoint. #263

Fixed

• Client JWT authentication for OIDC refresh_token and password grants. #233

• Ensure id_token has a kid header. #245

• id_token session authentication time.

• Configuration exception when a feature is configured but its dependencies are missing.

[0.0.71] - 2025-03-31

Fixed

• Remove config dump in about page.

[0.0.70] - 2025-03-28

Added

• Add a FORCE_HTTPS configuration parameter to allow to disable https forced redirections.

[0.0.69] - 2025-03-28

Added

• Configuration automatically discovers local SMTP server when available. #216

• ENABLE_OIDC configuration parameter.

• Content Security Policy. #266

Fixed

• Locked account cannot reset their password. #250

• Canaille has default admin ACLs. #253

• Phone number edition raising 400 with HTMX. #259

[0.0.68] - 2025-03-18

Fixed

• LDAP partial restore. #257

[0.0.67] - 2025-03-18

Warning

This version comes with a schema breaking change. The LDAP schema has evolved. If you use the LDAP schema, please follow the Schema update section.

Added

• Full OIDC Dynamic Client Registration implementation. #231

[0.0.66] - 2025-03-18

Warning

This version comes with a CLI breaking change. The delete command don’t take arguments anymore. canaille delete user XXX becomes canaille delete user --id XXX.

Added

• The delete command can use filter parameters.

[0.0.65] - 2025-03-18

Important

This version comes with security fix. It is strongly advised to update to this version as soon as possible.

Added

• Instructions in CONTRIBUTING.rst to update the docker image #59

• Instructions in README.md to discover Canaille interface with a docker image #59

• The cli dump command can dump only some given models.

• Implement the TRUSTED_HOSTS configuration parameter, to secure password reset e-mails.

• restore command implementation. #212 #215

Fixed

• Prevent clients from registering with fragment components in their redirect uri #235

• Ensure there is a redirect_uri in authorization requests from clients. #232

• Display client TOS uri and policy uri in authorization page if set during client registration

• User group membership is ordered with the SQL backend. #169

[0.0.64] - 2025-02-12

Warning

This version comes with a configuration breaking change. The configuration parameter CANAILLE_LDAP.USER_FILTER is removed in favor of LOGIN_ATTRIBUTES.

Added

• Implement RFC7523. #112

• Implement the LOGIN_ATTRIBUTES configuration parameter, to tweak the login attributes. #196

Fixed

• Client dynamic registration with the jwks parameter. #228

• Use a custom LDAP image in the demo environment. #136

[0.0.63] - 2025-02-06

Added

• Implement RFC9207. #227

[0.0.62] - 2025-02-05

Fixed

• Canaille executable did not support i18n. #227

• Dynamic kid parameter for JWKs. #222

[0.0.61] - 2025-02-04

Added

• Improve canaille config check output.

Fixed

• Fix SQL install command. #221

[0.0.60] - 2025-02-03

Added

• Add screenshots in the documentation. #210

• Implement a canaille run command that runs a production server with Hypercorn. #219

• Implement a canaille config dump command that create a commented config file. #223

• Load configuration from local canaille.toml files. #225

Changed

• Avoid displaying password strength progress bar in login form.

• Mysql extra depends on pymysql instead of mysql-connector.

• SECRET_KEY is not mandatory anymore, but displays warnings when unset. #221

• Move the canaille check command under canaille config.

Fixed

• Dynamic client registration with missing scope parameter. #221 #222

[0.0.59] - 2025-01-10

Fixed

• Fix password fields auto-refilling when input is reset. #218 #215

• Fix HTMX integration with the email confirmation form. #216

Changed

• Bump to HTMX 2.0.4

[0.0.58] - 2025-01-10

Added

• --version option to the CLI. #209

• Password hashing scheme customization with the PASSWORD_SCHEMES parameter. #175

• canaille dump command option to perform full database dumps.

• Automatic SQL database migrations. #217 #214

Changed

• CLI commands dump hashed passwords. #214

Fixed

• A bug on updating user’s settings. #206

[0.0.57] - 2024-12-31

Added

• Intruder lockout, controlled by the ENABLE_INTRUDER_LOCKOUT configuration setting. #173

• Multi-factor authentication, controlled by the OTP_METHOD, EMAIL_OTP, SMS_OTP configuration settings. #47

• Password compromission check, controlled by the ENABLE_PASSWORD_COMPROMISSION_CHECK and PASSWORD_COMPROMISSION_CHECK_API_URL settings. #179

• ADMIN_EMAIL configuration setting.

• OIDC client_credentials flow implementation. #207

• Button in the client admin page to create client tokens.

• Basic SCIM implementation. #116 #197

• Password expiry policy, controlled by the PASSWORD_LIFETIME configuration setting. #176

Changed

• PostgreSQL and MySQL extras does not rely on libraries that need to be compiled.

• .env files are not loaded by default. The ENV_FILE env var must be passed so .env files are loaded.

[0.0.56] - 2024-11-07

Fixed

• With LDAP backend, updating another user groups could result in a permission lost for the editor. #202

Added

• MAX_PASSWORD_LENGTH and MIN_PASSWORD_LENGTH configuration options #174

• Password strength visual indicator. #174

• Security events logs. #177

• Support for Python 3.13. #186

Changed

• Update to HTMX 2.0.3. #184

• Migrate the Python project management tool from poetry to uv. #187

• The sql package extra is now split between sqlite, postgresql and mysql.

Removed

• End support for Python 3.9. #179

[0.0.55] - 2024-08-30

Changed

• Use poetry-core build backend. #178

[0.0.54] - 2024-07-25

Added

• Group member removal can be achieved from the group edition page. #192

• Model management commands. #117 #54

Changed

• Model identifier_attributes are fixed.

• Bump to HTMX 1.9.12. #172

Fixed

• Dark theme colors for better readability.

• Crash for passwordless users at login when no SMTP server was configured.

[0.0.53] - 2024-04-22

Added

• env_prefix create_app` variable can select the environment var prefix.

[0.0.52] - 2024-04-22

Added

• env_file create_app variable can customize/disable the .env file.

Changed

• Locked users cannot be impersonated anymore.

• Minimum Python requirement is 3.9.

[0.0.51] - 2024-04-09

Changed

• Display the menu bar on error pages.

[0.0.50] - 2024-04-09

Added

• Sign in/out events are logged in. #177

Fixed

• HTMX and JAVASCRIPT configuration settings.

• Compatibility with old sessions IDs.

[0.0.49] - 2024-04-08

Fixed

• LDAP user group removal.

• Display an error message when trying to remove the last user from a group.

[0.0.48] - 2024-04-08

Fixed

• LDAP objectClass guessing exception.

[0.0.47] - 2024-04-08

Fixed

• Lazy permission loading exception.

[0.0.46] - 2024-04-08

Fixed

• Saving an object with the LDAP backend keeps the objectClass un-managed by Canaille. #171

[0.0.45] - 2024-04-04

Changed

• Internal indexation mechanism of MemoryModel.

[0.0.44] - 2024-03-29

Fixed

• Fix the default LDAP USER_FILTER value.

• Fix the OIDC feature detection.

[0.0.43] - 2024-03-29

Warning

Configuration files must be updated.

Added

• Add created and last_modified datetime for all models.

• Sitemap to the documentation. #169

• Configuration management with pydantic-settings. #138 #170

Changed

• Use default Python logging configuration format. #188 #165

• Bump to HTMX 1.99.11. #166

• Use the standard tomllib Python module instead of toml starting from Python 3.11. #167

• Use shibuya as the documentation theme #168

[0.0.42] - 2023-12-29

Fixed

• Avoid to fail on imports if cryptography is missing.

[0.0.41] - 2023-12-25

Added

• OIDC support for the create value of the prompt parameter. #185 #164

Fixed

• Correctly set up audience during OIDC dynamic registration.

• post_logout_redirect_uris was ignored during OIDC dynamic registration.

• Group field error prevented the registration form validation.

[0.0.40] - 2023-12-22

Added

• The THEME setting can be a relative path.

[0.0.39] - 2023-12-15

Fixed

• Crash when no ACL were defined.

• OIDC Userinfo endpoint is also available in POST.

• Fix redirection after password reset. #159

[0.0.38] - 2023-12-15

Changed

• Convert all the PNG pictures in Webp. #162

• Update to Flask 3. #161 #163

[0.0.37] - 2023-12-01

Fixed

• Handle 4xx and 5xx error codes with HTMX. #171 #161

[0.0.36] - 2023-12-01

Fixed

• Avoid crashing when LDAP groups references unexisting users.

• Password reset and initialization mails were only sent to the preferred user email address.

• Password reset and initialization mails were not sent at all the user addresses if one email address could not be reached.

• Password comparison was too permissive on login.

• Encrypt passwords in the SQL backend.

[0.0.35] - 2023-11-25

Added

• Refresh token grant supports other client authentication methods. #157

• Implement a SQLAlchemy backend. #30 #158

Changed

• Model attributes cardinality is closer to SCIM model. #155

• Bump to HTMX 1.9.9. #159

Fixed

• Disable HTMX boosting during the OIDC dance. #160

[0.0.34] - 2023-10-02

Fixed

• Canaille installations without account lockabilty could not delete users. #153

Added

• If users register or authenticate during a OAuth Authorization phase, they get redirected back to that page afterwards. #168 #151

• The flask-babel and pytz libraries are now part of the front packaging extras.

• Bump to fomantic-ui 2.9.3. #152

• Bump to HTMX 1.9.6. #154

• Support for Python 3.12. #155

[0.0.33] - 2023-08-26

Fixed

• OIDC jwks endpoint do not return empty kid claim.

Added

• Documentation details on the Canaille models.

[0.0.32] - 2023-08-17

Added

• Additional inmemory backend. #30 #149

• Installation extras. #167 #150

[0.0.31] - 2023-08-15

Added

• Configuration option to disable the forced usage of OIDC nonce parameter. #143

• Validate phone numbers with a regex. #146

• Email verification. #41 #147

• Account registration. #55 #133 #148

Fixed

• The check command uses the default configuration values.

Changed

• Modals do not need use Javascript at the moment. #158 #144

[0.0.30] - 2023-07-06

Warning

Configuration files must be updated. Check the new format with git diff 0.0.29 0.0.30 canaille/conf/config.sample.toml

Added

• Configuration option to disable Javascript. #141

Changed

• The configuration parameter USER_FILTER is parsed with Jinja.

• Configuration use PRIVATE_KEY_FILE instead of PRIVATE_KEY and PUBLIC_KEY_FILE instead of PUBLIC_KEY.

[0.0.29] - 2023-06-30

Fixed

• Disabled HTMX boosting on OIDC forms to avoid errors.

[0.0.28] - 2023-06-30

Fixed

• A template variable was misnamed.

[0.0.27] - 2023-06-29

Warning

Configuration files must be updated. Check the new format with git diff 0.0.26 0.0.27 canaille/conf/config.sample.toml

Added

• Configuration entries can be loaded from files if the entry key has a _FILE suffix and the entry value is the path to the file. #134 #134

• Field list support. #115 #136

• Pages are boosted with HTMX. #144 #145 #137

Changed

• Bump to jquery 3.7.0. #138

Fixed

• Profile edition when the user RDN was not uid. #148 #139

Removed

• Stop support for Python 3.7. #131

[0.0.26] - 2023-06-03

Added

• Implemented account expiration based on OpenLDAP ppolicy overlay. Needs OpenLDAP 2.5+. #13 #118

• Timezone configuration entry. #137 #130

Fixed

• Avoid setting None in JWT claims when they have no value.

• Display password recovery button on OIDC login page. #129

[0.0.25] - 2023-05-05

Warning

Configuration files must be updated.

Check the new format with git diff 0.0.25 0.0.24 canaille/conf/config.sample.toml

Changed

• Renamed user model attributes to match SCIM naming convention. #123

• Moved OIDC related configuration entries in OIDC.

• Moved LDAP configuration entry to BACKENDS.LDAP.

• Bumped to HTMX 1.9.0. #124

• ACL filters are no more LDAP filters but user attribute mappings. #125

• Bumped to HTMX 1.9.2. #127

Fixed

• OIDC.JWT.MAPPING configuration entry is really optional now.

• Fixed empty model attributes registration. #125

• Password initialization mails were not correctly sent. #128

[0.0.24] - 2023-04-07

Fixed

• Fixed avatar update. #122

[0.0.23] - 2023-04-05

Added

• Organization field. #116

• ETag and Last-Modified headers on user photos. #116

• Dynamic form validation. #120

Changed

• UX rework. Submenu addition. #114

• Properly handle LDAP date timezones. #117

Fixed

• CSRF protection on every forms. #119

[0.0.22] - 2023-03-13

Fixed

• The Faker library is not imported anymore when the clean command is called.

[0.0.21] - 2023-03-12

Added

• Display TOS and policy URI on the consent list page. #102

• Admin token deletion. #100 #101

• Revoked consents can be restored. #103

• Trusted clients are displayed in the user consent list, and their consents can be revoked. #69 #103

• A populate command can be used to fill the database with random users generated with faker. #105

• SMTP SSL support. #108

• Server side pagination. #114 #111

• Department number support. #129

• Address edition support (but not in the OIDC claims yet). #112

• Title edition support. #113

Fixed

• Client deletion also deletes related Consent, Token and AuthorizationCode objects. #126 #98

Changed

• Removed the DataTables Javascript library.

[0.0.20] - 2023-01-28

Added

• Spanish translation. #85 #88

• Dedicated connectivity test email. #89

• Update to jquery 3.6.3. #90

• Update to fomantic-ui 2.9.1. #90

• Update to DataTables 1.13.1. #90

Fixed

• Fix typos and grammar errors. #84

• Fix wording and punctuation. #86

• Fix HTML lang tag. #122 #87

• Automatically trims the HTML translated strings. #91

• Fixed dynamic registration scope management. #123 #93

[0.0.19] - 2023-01-14

Fixed

• Ensures the token expires_in claim and the access_token exp claim have the same value. #83

[0.0.18] - 2022-12-28

Fixed

• OIDC end_session was not returning the state parameter in the post_logout_redirect_uri. #82

[0.0.17] - 2022-12-26

Fixed

• Fixed group deletion button. #80

• Fixed post requests in oidc clients views. #81

[0.0.16] - 2022-12-15

Fixed

• Fixed LDAP operational attributes handling.

[0.0.15] - 2022-12-15

Added

• User can chose their display name. #77

• Bumped to Authlib 1.2. #78

• Implemented RFC7592 OAuth 2.0 Dynamic Client Registration Management Protocol. #79

• Add the nonce parameter to the claims_supported server metadata list.

[0.0.14] - 2022-11-29

Fixed

• Fixed translation catalogs packaging.

[0.0.13] - 2022-11-21

Fixed

• Fixed a bug on the contacts field in the admin client form following the LDAP schema update of 0.0.12.

• Fixed a bug happening during RP initiated logout on clients without post_logout_redirect_uri defined.

• Gitlab CI fix. #64

• Fixed client_secret display on the client administration page. #65

• Fixed non-square logo CSS. #67

• Fixed schema path on installation. #68

• Fixed RFC7591 software_statement claim support. #70

• Fixed client preconsent disabling. #72

Added

• Python 3.11 support. #61

• apparmor slapd configuration instructions in the documentation page for contributions. #66

• preferredLanguage attribute support. #75

Changed

• Replaced the use of the deprecated FLASK_ENV environment variable by FLASK_DEBUG.

• Dynamically generate the server metadata. Users won’t have to copy and manually edit oauth-authorizationserver.json and openid-configuration.json. #71

• The FROM_ADDR configuration option is not mandatory anymore. #73

• The JWT.ISS configuration option is not mandatory anymore. #74

[0.0.12] - 2022-10-24

Added

• Basic WebFinger endpoint. #59

• Bumped to FomanticUI 2.9.0.

• Implemented Dynamic Client Registration. #60

[0.0.11] - 2022-08-11

Added

• Default theme has a dark variant. #57

Fixed

• Fixed missing canaille binary. #58

[0.0.10] - 2022-07-07

Fixed

• Online demo. #55

• The consent page was displaying scopes not supported by clients. #56

• Fixed end session when user are already disconnected.

[0.0.9] - 2022-06-05

Added

• DISABLE_PASSWORD_RESET configuration option to disable password recovery. #46

• edit_self ACL permission to control user self edition. #47

• RP-initiated logout implementation. #54

Changed

• Bumped to Authlib 1. #48

• Various documentation improvements. #50

• Use poetry instead of setuptools as project management tool. #51

• Additional tests for the OIDC nonce parameter. #52

Fixed

• HIDE_INVALID_LOGIN behavior and default value.

• Compiled translation catalogs are not versioned anymore. #49 #53

[0.0.8] - 2022-03-15

Fixed

• Fixed dependencies.

[0.0.7] - 2022-03-15

Fixed

• Fixed spaces and escaped special char in LDAP cn/dn attributes. #43

[0.0.6] - 2022-03-08

Changed

• Access token are JWT. #38

Fixed

• Default groups on invitations. #41

• LDAP schemas are shipped within the Canaille package. #42

[0.0.5] - 2022-02-17

Changed

• LDAP model objects have new identifiers. #37

Fixed

• Admin menu dropdown display. #39

• GROUP_ID_ATTRIBUTE configuration typo. #40

[0.0.4] - 2022-02-16

Added

• Client pre-authorization. #11

• LDAP permissions check with the check command. #12

• Update consents when a scope required is larger than the scope of an already given consent. #13

• Theme customization. #15

• Logging configuration. #16

• Installation command. #17

• Invitation links. #18

• Advanced permissions. #20

• An option to not use OIDC. #23

• Disable some features when no SMTP server is configured. #24

• Login placeholder dynamically generated according to the configuration. #25

• Added an option to tune object IDs. #26

• Avatar support. #27

• Dynamical and configurable JWT claims. #28

• UI improvements. #29

• Invitation links expiration. #30

• Invitees can choose their IDs. #31

• LDAP backend refactoring. #35

Fixed

• Fixed ghost members in a group. #14

• Fixed email sender names. #19

• Fixed filter being not escaped. #21

• Demo script good practices. #32

• Binary path for Debian. #33

• Last name was not mandatory in the forms while this was mandatory in the LDAP server. #34

• Spelling typos. #36

[0.0.3] - 2021-10-13

Added

• Two-steps sign-in. #49

• Tokens can have several audiences. #62 #9

• Configuration check command. #66 #8

• Groups management. #12 #6

Fixed

• Introspection access bugfix. #63 #10

• Introspection sub claim. #64 #7

[0.0.2] - 2021-01-06

Added

• Login page is responsive. #1

• Adapt mobile keyboards to login page fields. #2

• Password recovery interface. #3

• User profile interface. #4

• Renamed the project Canaille. #5

• Command to remove old tokens. #17

• Improved password recovery email. #14 #26

• Use Flask SERVER_NAME configuration variable instead of URL. #24

• Improved consents page. #27

• Admin user page. #8

• Project logo. #29

• User account self-deletion can be enabled in the configuration with SELF_DELETION. #35

• Admins can impersonate users. #39

• Forgotten page UX improvement. #43

• Admins can remove clients. #45

• Option HIDE_INVALID_LOGIN that can be unactivated to let the user know if the login he attempt to sign in with exists or not. #48

• Password initialization mail. #51

Fixed

• Form translations. #19 #23

• Avoid to use Google Fonts. #21

Removed

• ‘My tokens’ page. #22

[0.0.1] - 2020-10-21

Added

• Initial release.