Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Regression 2024.12 breaks recovery flow #12445

Open
spacemule opened this issue Dec 21, 2024 · 3 comments · May be fixed by #12591
Open

Regression 2024.12 breaks recovery flow #12445

spacemule opened this issue Dec 21, 2024 · 3 comments · May be fixed by #12591
Labels
bug Something isn't working

Comments

@spacemule
Copy link

Describe the bug
Since upgrading to 2024.12, I am unable to create recovery links or send recovery emails. The endpoints

https://authentik.spacemule.net/api/v3/core/users/XX/recovery/
https://authentik.spacemule.net/api/v3/core/users/XX/recovery_email/?email_stage=XXXXX

return 400 with the following error:

Recovery flow not applicable to user

In the UI, there is a message that no recovery flow is set for the brand only when using the create recovery link button.

My brand does have a recovery flow set. I have tried unsetting and resetting it, but the behavior persists.

To Reproduce

  1. Go to Directory->Users->Specific user
  2. Click on "Create Recovery Link" or "Email recovery link" and choose an email stage
  3. See error

Expected behavior
The email should send, or the link should be copied to the keyboard

Logs
I could not find any relevant ones

Version and Deployment (please complete the following information):

  • authentik version: 2024.12
  • Deployment: helm

Additional context
When reverting to version 2024.10.5, authentik acts as expected.
@spacemule spacemule added the bug Something isn't working label Dec 21, 2024
@Bytelake
Copy link

Bytelake commented Jan 4, 2025

I'm having the same issue, also on 2024.12.1 deployed via docker compose. The admin UI states that no recovery flow is assigned, but it definitely is assigned and works when resetting the password in the login UI.

@ht-danielgo
Copy link

Changing the the password recovery flow's authentication requirements to "No Requirement" "fixes" this in that it allows the link to be created, since the Flow Planner is failing due to I guess confusion about the target user vs the user requesting the recovery link, I havent got further into it.

@ht-danielgo
Copy link

Ok, I see it - ff504a3 - might do a PR

@ht-danielgo ht-danielgo linked a pull request Jan 8, 2025 that will close this issue
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

flow: fix regression in flow planner ht-danielgo/authentik
3 participants
@spacemule @Bytelake @ht-danielgo