News In 2025
django-allauth 65.10.0 released
Posted by Raymond Penners on 2025-07-10
Note worthy changes IdP: Added support for the device authorization grant. Headless: custom user payloads can now be properly reflected in the OpenAPI specification by provider a user dataclass. See the newly introduced get_user_dataclass() and user_as_dataclass() adapter methods. Added a new signal (authentication_step_completed) that is emitted when an individual authentication step is completed.
Read moredjango-allauth 65.9.0 released
Posted by Raymond Penners on 2025-06-01
Note worthy changes Added allauth.idp to the project, offering out of the box OpenID Connect provider support, as well as integration with Django REST framework and Django Ninja. Headless: the OpenAPI specification now more accurately reflects single client configurations set via HEADLESS_CLIENTS.
Read moredjango-allauth 65.8.1 released
Posted by Raymond Penners on 2025-05-21
Fixes Fixed a compatibility issue with the newly released fido2 2.0.0 package. Security notice After a successful login, the rate limits for that login were cleared, allowing a succesful login on a specific IP address to be used as a means to clear the login failed rate limit for that IP address.
Read moredjango-allauth 65.8.0 released
Posted by Raymond Penners on 2025-05-08
Note worthy changes Fixed VK (a.k.a VK ID) social account provider. Improved its documentation. Added optional support for requesting new email/phone verification codes during signup. See ACCOUNT_EMAIL_VERIFICATION_SUPPORTS_RESEND and ACCOUNT_PHONE_VERIFICATION_SUPPORTS_RESEND. Added optional support for changing your email or phone at the verification stage while signing up.
Read moredjango-allauth 65.7.0 released
Posted by Raymond Penners on 2025-04-03
Note worthy changes Officially support Django 5.2. Headless: the URL to the OpenID configuration of the provider is now exposed in the provider config. Fixes Headless: when multiple login methods were enabled (e.g. both username and email), the login endpoint would incorrectly return a 400 invalid_login.
Read more