django-allauth 65.17.0 released

Posted by Raymond Penners on 2026-05-20

Note worthy changes

Added new socialaccount provider: Klaviyo.
Rate limiting now truncates IPv6 addresses to their network prefix (default /64) to prevent bypass via address rotation. Configurable via ALLAUTH_RATE_LIMIT_IPV6_PREFIX.
Added authenticate_by_email hook to DefaultSocialAccountAdapter, allowing customization of user lookup and email matching during social login.

Fixes

BitBucket: When using the BitBucket API, the token is passed in the headers instead of the query parameters, which no longer works since May 4th, 2026 (deprecation notice).

Next: django-allauth 65.18.0 released Previous: django-allauth 65.16.1 released

Archives

2025 16
2024 27
2023 13
2022 5
2021 3
2020 3
2019 4
2018 5
2017 5
2016 8
2015 8
2014 4
2013 11
2012 9