coop-cloud/authentik
coop-cloud/authentik
1
2
Fork 4
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity

After upgrading from 6.x to 7.x "The current brand must have a recovery flow configured to use a recovery link" #14

New Issue
Open
opened 2025-03-22 22:14:27 +00:00 by marlon · 5 comments
marlon commented 2025-03-22 22:14:27 +00:00
Owner
Copy Link

After upgrading an authentik instance from 6.11.0+2024.10.5 to versions after that (6.12.0+2024.12.3 or 7.0.1+2025.2.0), functions to reset a user's password like "Create Recovery Link" or "Email Recovery Link" fail, with the message "The current brand must have a recovery flow configured to use a recovery link"

Rolling back to 6.11.0+2024.10.5 fixes the problem.

After upgrading an authentik instance from 6.11.0+2024.10.5 to versions after that (6.12.0+2024.12.3 or 7.0.1+2025.2.0), functions to reset a user's password like "Create Recovery Link" or "Email Recovery Link" fail, with the message "The current brand must have a recovery flow configured to use a recovery link" Rolling back to 6.11.0+2024.10.5 fixes the problem.
iexos commented 2025-03-23 11:10:23 +00:00
Owner
Copy Link

Its a bug in authentik that is fixed in 2025.2.1. I updated the recipe to 2025.2.2, for me it works again.

Its a bug in authentik that is fixed in 2025.2.1. I updated the recipe to 2025.2.2, for me it works again.
❤️ 1 🎉 1
iexos closed this issue 2025-03-23 11:10:24 +00:00
marlon commented 2025-03-24 04:08:53 +00:00
Author
Owner
Copy Link

Thanks for taking a look! But I still get the same bug after upgrading to the 7.0.2+2025.2.2 tag.
I've tested two deployments and get the same behavior on both...

Thanks for taking a look! But I still get the same bug after upgrading to the 7.0.2+2025.2.2 tag. I've tested two deployments and get the same behavior on both...
marlon reopened this issue 2025-03-24 04:08:53 +00:00
marlon commented 2025-04-19 04:56:39 +00:00
Author
Owner
Copy Link

Just updating this to note that 7.1.0+2025.2.4 has this problem too on all servers I've tested. Next I want to try deploying a fresh one to compare against, to understand if it's an upgrade path issue...

Just updating this to note that 7.1.0+2025.2.4 has this problem too on all servers I've tested. Next I want to try deploying a fresh one to compare against, to understand if it's an upgrade path issue...
👍 1
moritz commented 2025-05-13 12:13:56 +00:00
Owner
Copy Link

I haven't dug deeper yet, but in this line

system_brand.yaml.tmpl Line 34 in efd67032cf
flow_recovery: !Find [authentik_flows.flow, [slug, default-recovery-flow]]
the recovery flow is set for the default brand. Did you changed or added any brand?

I haven't dug deeper yet, but in this line https://git.coopcloud.tech/coop-cloud/authentik/src/commit/efd67032cf378b5f51910083a049d4d667905acf/system_brand.yaml.tmpl#L34 the recovery flow is set for the default brand. Did you changed or added any brand?
marlon commented 2025-05-13 15:07:01 +00:00
Author
Owner
Copy Link

No, I didn't make any changes to brands. The only changes I made to the default deployment was creating users, groups, providers and apps.

When I look at the brand config, I see only one brand called authentik-default which is set as default, and which has Recovery Flow set to default-recovery-flow (Default recovery flow)
That all seems correct...

No, I didn't make any changes to brands. The only changes I made to the default deployment was creating users, groups, providers and apps. When I look at the brand config, I see only one brand called `authentik-default` which is set as default, and which has Recovery Flow set to `default-recovery-flow (Default recovery flow)` That all seems correct...
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
3wordchant aadil abra-bot ammaratef45 Apfelwurm appletalk arjan basebuilder Brooke carla cas codegod100 coopcloud decentral1se fauno flancian Frando iexos javielico kawaiipunk knoflook lambdabundesverband mac-chaffee marlon mayel mirsal moritz nicksellen notplants p4u1 pau renovate-bot rix sef simon stevensting tobias trav val virtualboys wolcen wykwit xynosis yksflip
No Assignees
3 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: coop-cloud/authentik#14
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?