GitHub 0

Changelog

Release notes for pocket-id

v2.5.0 - 2026-03-26

Release

Bug Fixes

  • better error messages when there's another instance of Pocket ID running (#1370 by @ItalyPaleAle)
  • move tooltip inside of form input to prevent shifting (#1369 by @GameTec-live)
  • derive LDAP admin access from group membership (#1374 by @kmendell)
  • avoid fmt.Sprintf on custom GeoLiteDBUrl without %s placeholder (#1384 by @choyri)
  • show a warning when SQLite DB is stored on NFS/SMB/FUSE (#1381 by @ItalyPaleAle)
  • empty background restore after reboot (#1379 by @taoso)
  • allow one-char username on signup (#1378 by @taoso)
  • separate querying LDAP and updating DB during sync (#1371 by @ItalyPaleAle)

Features

  • allow use of svg, png, and ico images types for favicon (#1289 by @taoso)
  • allow clearing background image (#1290 by @taoso)
  • add token_endpoint_auth_methods_supported to .well-known (#1388 by @owenvoke)
  • add TRUSTED_PLATFORM environment variable for gin (#1372 by @choyri)

Other

  • add pr quality action (e3905cf by @stonith404)
  • bump google.golang.org/grpc from 1.79.1 to 1.79.3 in /backend in the go_modules group across 1 directory (#1391 by @dependabot[bot])
  • Improve Latvian translations in lv.json (#1382 by @Raito00)
  • ignore linter on app image bootstrap (5251cd9 by @kmendell)
  • upgrade dependencies (e7e0176 by @kmendell)
  • upgrade dependencies (3c42a71 by @kmendell)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v2.4.0...v2.5.0

v2.4.0 - 2026-03-07

Release

Bug Fixes

  • improve wildcard matching by using go-urlpattern (#1332 by @stonith404)
  • federated client credentials not working if sub ≠ client_id (#1342 by @ItalyPaleAle)
  • handle IPv6 addresses in callback URLs (#1355 by @ItalyPaleAle)
  • wildcard callback URLs blocked by browser-native URL validation (#1359 by @Copilot)
  • one-time-access-token route should get user ID from URL only (#1358 by @ItalyPaleAle)
  • various fixes in background jobs (#1362 by @ItalyPaleAle)
  • use URL keyboard type for callback URL inputs (a675d07 by @stonith404)

Features

  • allow first name and display name to be optional (#1288 by @taoso)

Other

  • bump svelte from 5.53.2 to 5.53.5 in the npm_and_yarn group across 1 directory (#1348 by @dependabot[bot])
  • bump @sveltejs/kit from 2.53.0 to 2.53.3 in the npm_and_yarn group across 1 directory (#1349 by @dependabot[bot])
  • update AAGUIDs (#1354 by @github-actions[bot])
  • add Português files (01141b8 by @kmendell)
  • add Latvian files (e0fc4cc by @kmendell)
  • fix wrong seed data (e7bd66d by @stonith404)
  • fix wrong seed data in database.json (f4eb8db by @stonith404)

Performance Improvements

  • frontend performance optimizations (#1344 by @ItalyPaleAle)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v2.3.0...v2.4.0

v2.3.0 - 2026-02-23

Release

Bug Fixes

  • ENCRYPTION_KEY needed for version and help commands (#1256 by @kmendell)
  • prevent deletion of OIDC provider logo for non admin/anonymous users (#1267 by @HiMoritz)
  • add type="url" to url inputs (bb7b0d5 by @stonith404)
  • increase rate limit for frontend and api requests (aab7e36 by @stonith404)
  • decode URL-encoded client ID and secret in Basic auth (#1263 by @ypomortsev)
  • token endpoint must not accept params as query string args (#1321 by @ItalyPaleAle)
  • left align input error messages (b3fe143 by @stonith404)
  • disallow API key renewal and creation with API key authentication (#1334 by @stonith404)

Features

  • add VERSION_CHECK_DISABLED environment variable (#1254 by @dihmandrake)
  • add support for HTTP/2 (56afebc by @stonith404)
  • manageability of uncompressed geolite db file (#1234 by @gucheen)
  • add JWT ID for generated tokens (#1322 by @imnotjames)
  • current version api endpoint (#1310 by @kmendell)

Other

  • bump @sveltejs/kit from 2.49.2 to 2.49.5 in the npm_and_yarn group across 1 directory (#1240 by @dependabot[bot])
  • bump svelte from 5.46.1 to 5.46.4 in the npm_and_yarn group across 1 directory (#1242 by @dependabot[bot])
  • bump devalue to 5.6.2 (9dbc02e by @kmendell)
  • upgrade deps (4811625 by @kmendell)
  • add Estonian files (53ef61a by @kmendell)
  • update AAGUIDs (#1257 by @github-actions[bot])
  • add Norwegian language files (80558c5 by @stonith404)
  • run formatter (60825c5 by @kmendell)
  • bump axios from 1.13.2 to 1.13.5 in the npm_and_yarn group across 1 directory (#1309 by @dependabot[bot])
  • update dependenicies (94a4897 by @kmendell)
  • update AAGUIDs (#1316 by @github-actions[bot])
  • bump svelte from 5.46.4 to 5.51.5 in the npm_and_yarn group across 1 directory (#1324 by @dependabot[bot])
  • bump @sveltejs/kit from 2.49.5 to 2.52.2 in the npm_and_yarn group across 1 directory (#1327 by @dependabot[bot])
  • upgrade dependencies (0678699 by @stonith404)
  • upgrade to node 24 and go 1.26.0 (#1328 by @kmendell)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v2.2.0...v2.3.0

v2.2.0 - 2026-01-11

Release

Bug Fixes

  • allow changing "require email address" if no SMTP credentials present (8c68b08 by @stonith404)
  • data import from sqlite to postgres fails because of wrong datatype (1a032a8 by @stonith404)
  • user can't update account if email is empty (5828fa5 by @stonith404)
  • login codes sent by an admin incorrectly requires a device token (03f9be0 by @stonith404)
  • allow exchanging logic code if already authenticated (0e2cdc3 by @stonith404)
  • db version downgrades don't downgrade db schema (4df4bcb by @stonith404)

Features

  • add CLI command for encryption key rotation (#1209 by @stonith404)
  • improve passkey error messages (2f25861 by @stonith404)
  • make home page URL configurable (#1215 by @stonith404)
  • add option to renew API key (#1214 by @stonith404)
  • add support for email verification (#1223 by @stonith404)
  • add environment variable to disable built-in rate limiting (9ca3d33 by @stonith404)
  • add static api key env variable (#1229 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v2.1.0...v2.2.0

v2.1.0 - 2026-01-04

Release

Bug Fixes

  • invalid cookie name for email login code device token (d6a7b50 by @stonith404)

Features

  • add issuer url to oidc client details list (#1197 by @kmendell)
  • process nonce within device authorization flow (#1185 by @justincmoy)

Other

  • run SCIM jobs in context of gocron instead of custom implementation (4881130 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v2.0.2...v2.1.0

v2.0.2 - 2026-01-03

Release

Bug Fixes

  • migration fails if users exist with no email address (2f651ad by @stonith404)
  • allow version downgrade if database is dirty (ba00f40 by @stonith404)
  • localhost callback URLs with port don't match correctly (7c34501 by @stonith404)

Other

  • add no-op migration to postgres (a24b2af by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v2.0.1...v2.0.2

v2.0.1 - 2026-01-02

Release

Bug Fixes

  • admins imported from LDAP lose admin privileges (2cce200 by @stonith404)
  • restore old input input field size (2341da9 by @stonith404)

Other

  • bump image tag to v2 (cd2e9f3 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v2.0.0...v2.0.1

v2.0.0 - 2026-01-02

Release

[!WARNING]
This is a major release which includes some breaking changes, please follow the migration guide to upgrade to v2.

Features

  • add support for SCIM provisioning (#1182 by @stonith404)
  • add CLI command for importing and exporting Pocket ID data (3420a00 by @stonith404)
  • add HTTP HEAD method support (#1135 by @stonith404)
  • add email logo customization (#1150 by @MelvinSnijders)
  • add ability define user groups for sign up tokens (#1155 by @stonith404)
  • minor redesign of auth pages (08e4ffe by @stonith404)
  • allow audit log retention to be controlled by env variable (#1158 by @jenic)
  • restrict oidc clients by user groups per default (#1164 by @stonith404)
  • add "restricted" column to oidc client table (1bc9f5f by @stonith404)
  • drop support for storing JWK on the filesystem (f014458 by @stonith404)
  • remove DbProvider env variable and calculate it dynamically (ba2f0f1 by @kmendell)

Bug Fixes

  • update image format message to include WEBP (#1133 by @sebdanielsson)
  • add Japanese locale to inlang settings (#1142 by @tai-ga)
  • restrict email one time sign in token to same browser (#1144 by @stonith404)
  • rename LDAP_ATTRIBUTE_ADMIN_GROUP env variable to LDAP_ADMIN_GROUP_NAME (e1c5021 by @stonith404)
  • make wildcard matching in callback URLs more stricter (078152d by @stonith404)
  • remove ambiguous characters from login code (d9e7bf9 by @stonith404)
  • add missing translations to date picker (894eaf3 by @stonith404)

Other

  • update AAGUIDs (#1128 by @github-actions[bot])
  • fix api key e2e test (25f67bd by @stonith404)
  • update AAGUIDs (#1140 by @github-actions[bot])
  • upgrade dependencies (90f555f by @stonith404)
  • fix type error after version bump (edb32d8 by @stonith404)
  • remove breaking/** push trigger from actions (461293b by @stonith404)
  • update AAGUIDs (#1177 by @github-actions[bot])
  • preparation for merge into main branch (#1113 by @stonith404)
  • bump pnpm to version 10.27.0 (#1183 by @kmendell)
  • update forms and other areas to use new shadcn components (#1115 by @kmendell)
  • run formatter (e4a8ca4 by @stonith404)
  • upgrade dependencies (4776b70 by @stonith404)
  • change translation string in e2e tests (ffb2ef9 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.16.0...v2.0.0

v1.16.0 - 2025-11-30

Release

Bug Fixes

  • use quoted-printable encoding for mails to prevent line limitation (5cf73e9 by @stonith404)
  • automatically create parent directory of Sqlite db (cfc9e46 by @stonith404)
  • global audit log user filter not working (d98c0a3 by @stonith404)
  • theme mode not correctly applied if selected manually (a1cd325 by @stonith404)
  • hide theme switcher on auth pages because of dynamic background (5d6a7fd by @stonith404)

Documentation

  • add ENCRYPTION_KEY to .env.example for breaking change preparation (4eeb06f by @stonith404)

Features

  • light/dark/system mode switcher (#1081 by @kmendell)
  • add support for S3 storage backend (#1080 by @stonith404)
  • add support for WEBP profile pictures (#1090 by @stonith404)
  • add database storage backend (#1091 by @ItalyPaleAle)
  • adding/removing passkeys creates an entry in audit logs (#1099 by @ItalyPaleAle)
  • add option to disable S3 integrity check (a3c9687 by @stonith404)
  • add Cache-Control: private, no-store to all API routes per default (#1126 by @stonith404)

Other

  • update pnpm to 10.20 (#1082 by @kmendell)
  • run checks on PR to breaking/** branches (ab9c0f9 by @stonith404)
  • use constants for AppEnv values (#1098 by @ItalyPaleAle)
  • bump golang.org/x/crypto from 0.43.0 to 0.45.0 in /backend in the go_modules group across 1 directory (#1107 by @dependabot[bot])
  • add Finish files (ca888b3 by @stonith404)
  • upgrade dependencies (4bde271 by @stonith404)
  • fix Dutch validation message (f523f39 by @stonith404)
  • fix package vulnerabilities (3d46bad by @stonith404)
  • update vscode launch.json (#1117 by @mnestor)
  • rename file backend value fs to filesystem (8d30346 by @stonith404)
  • fix wrong storage value (b2c718d by @stonith404)
  • run formatter (14c7471 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.15.0...v1.16.0

v1.15.0 - 2025-11-06

Release

Bug Fixes

  • sorting by PKCE and re-auth of OIDC clients (e03270e by @stonith404)
  • replace %lang% placeholder in html lang (#1071 by @daimond113)
  • disabled property gets ignored when creating an user (76e0192 by @stonith404)
  • remove redundant indexes in Postgres (6a038fc by @stonith404)

Features

  • open edit page on table row click (f184120 by @stonith404)
  • add ability to set default profile picture (#1061 by @stonith404)

Other

  • add support for OpenBSD binaries (d683d18 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.14.2...v1.15.0

v1.14.2 - 2025-10-29

Release

Bug Fixes

  • dark oidc client icons not saved on client creation (#1057 by @mufeedali)

Other

  • add Turkish language files (a190529 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.14.1...v1.14.2

v1.14.1 - 2025-10-27

Release

Bug Fixes

  • Prevent blinding FOUC in dark mode (#1054 by @mufeedali)
  • use credProps to save passkey on firefox android (#1055 by @lhoursquentin)
  • ignore trailing slashes in APP_URL (65616f6 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.14.0...v1.14.1

v1.14.0 - 2025-10-24

Release

Bug Fixes

  • ignore trailing slash in URL (9f0aa55 by @stonith404)
  • use constant time comparisons when validating PKCE challenges (#1047 by @ItalyPaleAle)
  • only animate login background on initial page load (b356cef by @stonith404)
  • make pkce requirement visible in the oidc form if client is public (47927d1 by @stonith404)
  • prevent page flickering on redirection based on auth state (10d6403 by @stonith404)

Features

  • add various improvements to the table component (#961 by @stonith404)
  • add support for dark mode oidc client icons (#1039 by @kmendell)

Other

  • add Japanese files (068fcc6 by @kmendell)
  • bump sveltekit-superforms from 2.27.1 to 2.27.4 in the npm_and_yarn group across 1 directory (#1031 by @dependabot[bot])
  • update AAGUIDs (#1041 by @github-actions[bot])
  • bump vite from 7.0.7 to 7.0.8 in the npm_and_yarn group across 1 directory (#1042 by @dependabot[bot])
  • upgrade dependencies (6362ff9 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.13.1...v1.14.0

v1.13.1 - 2025-10-07

Release

Bug Fixes

  • uploading a client logo with an URL fails (#1008 by @CzBiX)
  • mark any callback url as valid if they contain a wildcard (#1006 by @stonith404)

Other

  • cleanup root of repo, update workflow actions (#1003 by @kmendell)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.13.0...v1.13.1

v1.13.0 - 2025-10-05

Release

Bug Fixes

  • uploading a client logo with an URL fails if folder doesn't exist (ad8a90c by @stonith404)

Features

  • add link to API docs on API key page (2c74865 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.12.0...v1.13.0

v1.12.0 - 2025-10-03

Release

Bug Fixes

  • do not use cache=shared for in-memory SQLite (#971 by @ItalyPaleAle)
  • show only country in audit log location if no city instead of Unknown (#977 by @vilisseranen)
  • display login location correctly if country or city is not present (79989fb by @stonith404)
  • remove previous socket file to prevent bind error (#979 by @Caian)
  • tokens issued with refresh token flow don't contain groups (#989 by @ItalyPaleAle)
  • make logo and oidc client images sizes consistent (01db8c0 by @stonith404)
  • include port in OIDC client details (2c1c67b by @stonith404)
  • prevent endless effect loop in login wrapper (fc9939d by @stonith404)
  • improve back button handling on auth pages (d47b203 by @stonith404)
  • allow any image source but disallow base64 (22f4254 by @stonith404)
  • date locale can't be loaded if locale is en (b81de45 by @stonith404)

Features

  • support for url based icons (#840 by @kmendell)
  • hide alternative sign in methods page if email login disabled (d010be4 by @stonith404)
  • add required indicator for required inputs (#993 by @stonith404)
  • add the ability to make email optional (#994 by @stonith404)

Other

  • fix whitespace after commit message (e8b172f by @stonith404)
  • update AAGUIDs (#972 by @github-actions[bot])
  • remove unnecessary logo fallback (b746ac0 by @stonith404)

Sponsors

Thanks @paradosi for your tip ❤️

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.11.2...v1.12.0

v1.11.2 - 2025-09-20

Release

Bug Fixes

  • embedded paths not found on windows (c55143d by @stonith404)
  • do not treat certain failures in app images bootstrap as fatal (#966 by @ItalyPaleAle)
  • decouple images from app config service (#965 by @stonith404)

Other

  • use git cliff for release notes (fde4e9b by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.11.1...v1.11.2

v1.11.1 - 2025-09-18

Release

[!NOTE]
This release adds missing translations for v1.11.0 because I forgot to merge the PR before creating the release. See the release notes for v1.11.0 here.

Bug Fixes

v1.11.0 - 2025-09-18

Release

Features

  • add CSP header (#908) (6215e1a)
  • add INTERNAL_APP_URL env variable (#858 by @DerSteph)
  • add info box to app settings if UI config is disabled (a1d8538)
  • add PWA support (#938) (5367463)
  • add support for LOG_LEVEL env variable (#942) (2d6d5df)
  • add user display name field (#898) (6837360)
  • allow uppercase usernames (#958) (0224949)
  • client_credentials flow support (#901 by @savely-krasovsky)
  • return new id_token when using refresh token (#925) (307caaa)

Bug Fixes

  • add validation for callback URLs (#929) (6c91474)
  • disable sign up options in UI if UI_CONFIG_DISABLED (1d7cbc2)
  • ensure users imported from LDAP have fields validated (#923) (4215523)
  • key-rotate doesn't work with database storage (#940) (c018f29)
  • list items on previous page get unselected if other items selected on next page (6c696b4)
  • make environment variables case insensitive where necessary (#954) (99f31a7)
  • my apps card shouldn't take full width if only one item exists (e7e53a8)
  • update localized name and description of ldap group name attribute (#892) (e88be7e)

Sponsors

Thank you @Felitendo very much for your tip!

v1.10.0 - 2025-08-27

Release

Features

  • redesigned sidebar with administrative dropdown (#881) (096d214)

Bug Fixes

  • apps showed multiple times if user is in multiple groups (641bbc9)

v1.9.1 - 2025-08-24

Release

[!WARNING]
A bug was introduced in v1.8.0 that caused the deletion of all allowed user groups on OIDC clients. It is highly recommended to check if the allowed user groups are still in place. If they are not, unfortunately, the deleted relations cannot be restored automatically. You will need to either restore them from a backup or recreate them manually. You can learn more about the cause in this comment.

Bug Fixes

  • sqlite migration drops allowed user groups (d6d1a4c)

v1.9.0 - 2025-08-24

Release

Features

  • support automatic db migration rollbacks (#874) (c114a2e)

Bug Fixes

  • don't force uuid for client id in postgres (2ffc6ba)
  • ensure SQLite has a writable temporary directory (#876) (1f3550c)
  • sort order incorrect for apps when using postgres (d0392d2)

v1.8.1 - 2025-08-24

Release

Bug Fixes

  • migration clears allowed users groups (5971bfb)
  • wrong column type for reauthentication tokens in Postgres (#869) (1283314)

v1.8.0 - 2025-08-23

Release

Features

  • add option to OIDC client to require re-authentication (#747 by @MorrisMorrison) (0cb039d)
  • allow custom client IDs (#864 thanks to @James18232) (a5efb95)
  • display all accessible oidc clients in the dashboard (#832) (3188e92)
  • login code font change (#851 by @James18232) (d28bfac)
  • signup: add default user groups and claims for new users (#812 by @zeedif) (182d809)

Bug Fixes

  • authorization can't be revoked (0aab3f3)
  • delete webauthn session after login to prevent replay attacks (fe003b9)
  • deps: bump rollup from 4.45.3 to 4.46.3 (#845 by @gepbird) (b5e6371)
  • enable foreign key check for sqlite (#863) (625f235)
  • ferated identities can't be cleared (24e2742)
  • for one-time access tokens and signup tokens, pass TTLs instead of absolute expiration date (#855) (7ab0fd3)
  • ignore client secret if client is public (#836 by @James18232) (7b1f6b8)
  • move audit log call before TX is committed (#854) (9339e88)
  • non admin users can't revoke oidc client but see edit link (0e44f24)
  • oidc client advanced options color (fc0c99a)

Sponsors

Thanks Brandon Butler (@Starttoaster) for your support!

v1.7.0 - 2025-08-10

Release

Features

  • add robots.txt to block indexing (#806 by @Etienne-bdt) (06e1656)
  • add support for code_challenge_methods_supported (#794) (d479817)
  • Support OTel and JSON for logs (via log/slog) (#760) (78266e3)
  • support reading secret env vars from _FILE (#799) (0a3b1c6)
  • user application dashboard (#727) (484c2f6)

Bug Fixes

  • admins can not delete or disable their own account (f0c144c)
  • authorization animation not working (9ac5d51)
  • custom claims input suggestions instantly close after opening (4d59e72)
  • delete WebAuthn registration session after use (#783) (c8478d7)
  • set input type 'email' for email-based login (#776) (d541c9a)

v1.6.4 - 2025-07-21

Release

Bug Fixes

v1.6.3 - 2025-07-21

Release

Bug Fixes

  • allow passkey names up to 50 characters (b03e91b)
  • ensure user inputs are normalized (#724) (7b4ccd1)
  • show rename and delete buttons for passkeys without hovering over the row (2952b15)
  • use object-contain for images on oidc-client list (d3bc179)
  • use user-agent for identifying known device signins (ef1d599)

v1.6.2 - 2025-07-09

Release

Bug Fixes

  • ensure confirmation dialog shows on top of other components (f103a54)
  • login failures on Postgres when IP is null (#737) (e1de593)

v1.6.1 - 2025-07-06

Release

[!NOTE]
This release is the same as v1.6.0 but the images are now tagged correctly. There was an issue that the latest tag was added to the distroless image instead of the regular one.

v1.6.0 - 2025-07-06

Release

Features

  • add support for OAuth 2.0 Authorization Server Issuer Identification (bf04256)
  • add distroless container additional variant + healthcheck command (#716)
  • encrypt private keys saved on disk and in database (#682)
  • enhance language selection message and add translation contribution link (be52660)
  • add "key-rotate" command (#709)

Bug Fixes

  • allow profile picture update even if "allow own account edit" enabled (9872608)
  • app config forms not updating with latest values (#696)
  • auth fails when client IP is empty on Postgres (#695)
  • custom claims input suggestions flickering (49f1ab2)
  • keep sidebar in settings sticky (e46f60a)
  • show friendly name in user group selection (5c9e504)
  • support non UTF-8 LDAP IDs (#714)
  • token introspection authentication not handled correctly (#704)

v1.5.0 - 2025-06-27

Release

Features

  • add self-service signup with token and open registration modes (#672)
  • improve initial admin creation workflow (287314f)
  • redact sensitive app config variables if set with env variable (ba61cdb)

Bug Fixes

  • error page flickering after sign out (1a77bd9)
  • improve accent color picker disabled state (d976bf5)
  • less noisy logging for certain GET requests (#681 by @11notes)
  • margin of user sign up description (052ac00)
  • remove duplicate request logging (#678 by @ryankask)
  • users can't be updated by admin if self account editing is disabled (29cb551)

v1.4.1 - 2025-06-22

Release

Bug Fixes

  • app not starting if UI config is disabled and Postgres is used (7d36bda)

v1.4.0 - 2025-06-19

Release

Features

  • allow setting unix socket mode (#661 by @CnTeng) (7677a3d)
  • auto-focus on the login buttons (#647 By @ItalyPaleAle) (d679530)
  • configurable local ipv6 ranges for audit log (#657) (d548523)
  • location filter for global audit log (#662) (ac5a121)
  • ui accent colors (#643) (883877a)
  • use icon instead of text on application image update hover state (215531d)

Bug Fixes

  • allow images with uppercase file extension (1bcb50e)
  • center oidc client images if they are smaller than the box (946c534)
  • explicitly cache images to prevent unexpected behavior (2e5d268)
  • reduce duration of animations on login and signin page (#648 By @ItalyPaleAle) (d770448)

v1.3.1 - 2025-06-09

Release

Bug Fixes

  • change timestamp of client_credentials.sql migration (2935236)

v1.3.0 - 2025-06-09

Release

Features

  • add API endpoint for user authorized clients (d217083)
  • add unix socket support (#615 by @CnTeng)
  • JWT bearer assertions for client authentication (#566 by @ItalyPaleAle)
  • new color theme for the UI (97f7326)
  • oidc client data preview (#624)

Bug Fixes

  • don't load app config and user on every route change (bdcef60)
  • misleading text for disable animations option (657a51f)
  • OIDC client image can't be deleted (61b62d4)
  • UI config overridden by env variables don't apply on first start (5e9096e)

v1.2.0 - 2025-06-03

Release

Features

  • auto detect callback url (#583)

Bug Fixes

  • allow users to update their locale even when own account update disabled (6c00aaa)
  • clear default app config variables from database (decf8ec)
  • fallback to primary language if no translation available for specific country (2440379)
  • improve spacing on auth screens (04fcf11)
  • page scrolls up on form submission (31ad904)
  • run jobs at interval instead of specific time (#585 by @ItalyPaleAle)
  • show LAN for auditlog location for internal networks (b874681)
  • small fixes in analytics_job (#582 by @ItalyPaleAle)
  • whitelist authorization header for CORS (b9489b5)

v1.1.0 - 2025-05-28

Release

[!NOTE]
This version introduces a heartbeat request that gets sent once everyday to the Pocket ID analytics server to count how many instances of Pocket ID exist. The heartbeat request only contains a random instance ID, the version of Pocket ID and when it was first/last seen. Seeing how many active Pocket ID instances are out there genuinely motivates us to keep developing and maintaining the project. Of course this heartbeat can also be disabled by setting ANALYTICS_DISABLED to true. For more information visit the docs page.

Features

  • add daily heartbeat request for counting Pocket ID instances (#578)
  • require user verification for passkey sign in (68e4b67)
  • show allowed group count on oidc client list (#567) (38d7ee4)

Bug Fixes

  • use ldapAttributeUserUsername for finding group members (#565)

v1.0.0 - 2025-05-24

Release

[!WARNING]
This release contains breaking changes and Pocket ID won't work correctly if you don't follow the migration steps.  → Please follow the migration guide.

Features

  • serve the static frontend trough the backend (#520)

Bug Fixes

  • animation speed set to max of 300ms (c726c16)
  • custom logo not correctly loaded if UI configuration is disabled (bf710ae)
  • show correct app name on sign out page (131f470)
  • trim whitespaces from string inputs (059073d)

v0.53.0 - 2025-05-08

Release

Features

  • add support for TZ environment variable (5e2e947)

Bug Fixes

  • handle CORS correctly for endpoints that SPAs need (#513)

v0.52.0 - 2025-05-06

Release

Features

  • add healthz endpoint (#494 by @ItalyPaleAle)
  • add OpenTelemetry tracing and metrics (#495 by @daenney)

Bug Fixes

  • correctly set script permissions inside Docker container (c55fef0)

v0.51.1 - 2025-05-03

Release

Bug Fixes

  • allow LDAP users to update their locale (0b9cbf4)
  • last name still showing as required on account form (#492)
  • non admin users weren't able to call the end session endpoint (6bd6cef)

v0.51.0 - 2025-04-28

Release

Features

  • new login code card position for mobile devices (#452 by @James18232)

Bug Fixes

  • do not require PKCE for public clients (ce24372)
  • hide global audit log switch for non admin users (1efd1d1)
  • return correct error message if user isn't authorized (86d2b5f)
  • updating scopes of an authorized client fails with Postgres (0a24ab8)

v0.50.0 - 2025-04-27

Release

Features

  • device authorization endpoint (#270)
  • make family name optional (#476)

Bug Fixes

  • incorrectly swapped refreshToken and accessToken (#490 by @j-baker)
  • do not override XDG_DATA_HOME/XDG_CONFIG_HOME if they are already set (#472 by @it)
  • pass context to methods that were missing it (#487 by @ItalyPaleAle)
  • prevent deadlock when trying to delete LDAP users (#471 by @ItalyPaleAle)
  • rootless Caddy data and configuration (#470 by @eiqnepm)