diff --git a/website/.prettierignore b/website/.prettierignore
index dae74e0f7409..48d5f92c5fde 100644
--- a/website/.prettierignore
+++ b/website/.prettierignore
@@ -6,6 +6,3 @@ coverage
 node_modules
 help
 static
-# TODO: Enable after monorepo formatting is cleaned up.
-**/*.md
-**/*.mdx
diff --git a/website/docs/add-secure-apps/flows-stages/stages/authenticator_email/index.md b/website/docs/add-secure-apps/flows-stages/stages/authenticator_email/index.md
index 9db811a933c7..c719f487b13f 100644
--- a/website/docs/add-secure-apps/flows-stages/stages/authenticator_email/index.md
+++ b/website/docs/add-secure-apps/flows-stages/stages/authenticator_email/index.md
@@ -1,9 +1,8 @@
 ---
 title: Email Authenticator Setup stage
+authentik_version: "2025.2"
 ---
 
-<span class="badge badge--version">authentik 2025.2+</span>
-
 This stage configures an email-based authenticator that sends a one-time code to a user's email address for authentication.
 
 When a user goes through a flow that includes this stage, they are prompted for their email address (if not already set). The user then receives an email with a one-time code, which they enter into the authentik Login panel.
diff --git a/website/docs/add-secure-apps/flows-stages/stages/authenticator_webauthn/index.mdx b/website/docs/add-secure-apps/flows-stages/stages/authenticator_webauthn/index.mdx
index 8e1c6cb682b6..246111bd06d5 100644
--- a/website/docs/add-secure-apps/flows-stages/stages/authenticator_webauthn/index.mdx
+++ b/website/docs/add-secure-apps/flows-stages/stages/authenticator_webauthn/index.mdx
@@ -2,8 +2,6 @@
 title: WebAuthn / Passkeys Authenticator setup stage
 ---
 
-<span class="badge badge--version">authentik 2021.3.1+</span>
-
 This stage configures a WebAuthn-based Authenticator. This can either be a browser, biometrics or a Security stick like a YubiKey.
 
 ### Options
diff --git a/website/docs/add-secure-apps/flows-stages/stages/email/index.mdx b/website/docs/add-secure-apps/flows-stages/stages/email/index.mdx
index 2ab71f72f041..024fe36508b4 100644
--- a/website/docs/add-secure-apps/flows-stages/stages/email/index.mdx
+++ b/website/docs/add-secure-apps/flows-stages/stages/email/index.mdx
@@ -29,8 +29,8 @@ You can also use custom email templates, to use your own design or layout.
 Starting with authentik 2024.2, it is possible to create `.txt` files with the same name as the `.html` template. If a matching `.txt` file exists, the email sent will be a multipart email with both the text and HTML template.
 :::
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
   defaultValue="docker-compose"
diff --git a/website/docs/add-secure-apps/providers/proxy/server_caddy.mdx b/website/docs/add-secure-apps/providers/proxy/server_caddy.mdx
index c4c5968f1f59..9c09669f13da 100644
--- a/website/docs/add-secure-apps/providers/proxy/server_caddy.mdx
+++ b/website/docs/add-secure-apps/providers/proxy/server_caddy.mdx
@@ -2,8 +2,9 @@
 title: Caddy
 ---
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
+
 import Placeholders from "./__placeholders.md";
 import CaddyStandalone from "./_caddy_standalone.md";
 
diff --git a/website/docs/add-secure-apps/providers/proxy/server_envoy.mdx b/website/docs/add-secure-apps/providers/proxy/server_envoy.mdx
index fe2d4373d391..0183f1e8ad15 100644
--- a/website/docs/add-secure-apps/providers/proxy/server_envoy.mdx
+++ b/website/docs/add-secure-apps/providers/proxy/server_envoy.mdx
@@ -2,13 +2,12 @@
 title: Envoy
 ---
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
+
 import Placeholders from "./__placeholders.md";
 import EnvoyIstio from "./_envoy_istio.md";
 
-# Envoy
-
 The configuration template shown below apply to both single-application and domain-level forward auth.
 
 :::info
diff --git a/website/docs/add-secure-apps/providers/proxy/server_nginx.mdx b/website/docs/add-secure-apps/providers/proxy/server_nginx.mdx
index bebd8027656f..b3dcf6fa085b 100644
--- a/website/docs/add-secure-apps/providers/proxy/server_nginx.mdx
+++ b/website/docs/add-secure-apps/providers/proxy/server_nginx.mdx
@@ -1,5 +1,5 @@
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 # nginx
 
diff --git a/website/docs/add-secure-apps/providers/proxy/server_traefik.mdx b/website/docs/add-secure-apps/providers/proxy/server_traefik.mdx
index e11f3dca1483..6f2d726aa546 100644
--- a/website/docs/add-secure-apps/providers/proxy/server_traefik.mdx
+++ b/website/docs/add-secure-apps/providers/proxy/server_traefik.mdx
@@ -1,5 +1,5 @@
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 # Traefik
 
diff --git a/website/docs/customize/blueprints/v1/example.md b/website/docs/customize/blueprints/v1/example.md
index 3501f52dc651..bab74bd46f21 100644
--- a/website/docs/customize/blueprints/v1/example.md
+++ b/website/docs/customize/blueprints/v1/example.md
@@ -4,6 +4,7 @@ title: Example
 
 This is one of the default packaged blueprints to create the default authentication flow.
 
+<!-- prettier-ignore-start -->
 ```yaml
 version: 1
 metadata:
@@ -64,3 +65,4 @@ entries:
           target: !KeyOf flow
       model: authentik_flows.flowstagebinding
 ```
+<!-- prettier-ignore-end -->
diff --git a/website/docs/customize/blueprints/v1/tags.mdx b/website/docs/customize/blueprints/v1/tags.mdx
index 0be95dbdf1dc..57bc65eabe7f 100644
--- a/website/docs/customize/blueprints/v1/tags.mdx
+++ b/website/docs/customize/blueprints/v1/tags.mdx
@@ -48,6 +48,8 @@ Returns the value of the given environment variable. Can be used as a scalar wit
 
 Examples:
 
+{/* prettier-ignore-start */}
+
 ```yaml
 configure_flow: !Find [authentik_flows.flow, [slug, default-password-change]]
 ```
@@ -60,6 +62,8 @@ configure_flow:
     ]
 ```
 
+{/* prettier-ignore-end */}
+
 Looks up any model and resolves to the the matches' primary key.
 First argument is the model to be queried, remaining arguments are expected to be pairs of key=value pairs to query for.
 
@@ -67,10 +71,15 @@ First argument is the model to be queried, remaining arguments are expected to b
 
 Example:
 
+{/* prettier-ignore-start */}
+
+
 ```yaml
 configure_flow: !Context foo
 ```
 
+{/* prettier-ignore-end */}
+
 Find values from the context. Can optionally be called with a default like `!Context [foo, default-value]`.
 
 #### `!Format`
@@ -209,6 +218,8 @@ For example, given a sequence like this - `["a", "b", "c"]`, this tag will resol
 
 Minimal examples:
 
+{/* prettier-ignore-start */}
+
 ```yaml
 configuration_stages: !Enumerate [
         !Context map_of_totp_stage_names_and_types,
@@ -224,6 +235,8 @@ configuration_stages: !Enumerate [
     ]
 ```
 
+{/* prettier-ignore-end */}
+
 The above example will resolve to something like this:
 
 ```yaml
@@ -265,6 +278,8 @@ Full example:
 Note that an `!Enumeration` tag's iterable can never be an `!Item` or `!Value` tag with a depth of `0`. Minimum depth allowed is `1`. This is because a depth of `0` refers to the `!Enumeration` tag the `!Item` or `!Value` tag is in, and an `!Enumeration` tag cannot iterate over itself.
 :::
 
+{/* prettier-ignore-start */}
+
 ```yaml
 example: !Enumerate [
         !Context sequence, # ["foo", "bar"]
@@ -288,6 +303,8 @@ example: !Enumerate [
     ]
 ```
 
+{/* prettier-ignore-end */}
+
 The above example will resolve to something like this:
 
 ```yaml
diff --git a/website/docs/customize/interfaces/_global/customcss.mdx b/website/docs/customize/interfaces/_global/customcss.mdx
index af3168eaa203..020a14dca933 100644
--- a/website/docs/customize/interfaces/_global/customcss.mdx
+++ b/website/docs/customize/interfaces/_global/customcss.mdx
@@ -2,8 +2,8 @@
 
 To further modify the look of authentik, a custom CSS file can be created. Creating such a file is outside the scope of this document.
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
   defaultValue="docker-compose"
diff --git a/website/docs/developer-docs/docs/style-guide.mdx b/website/docs/developer-docs/docs/style-guide.mdx
index 8f0e34e5a8b0..5e9f7080865f 100644
--- a/website/docs/developer-docs/docs/style-guide.mdx
+++ b/website/docs/developer-docs/docs/style-guide.mdx
@@ -255,8 +255,8 @@ This section covers the usage of React components within our documentation. File
 Use **Tabs** to display different configurations (e.g., setting up authentication with OIDC vs. SAML) to help users navigate between options. Default to the easier or more common option. Insert the following lines wherever you want the code block to appear:
 
 ```jsx
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
     defaultValue="oidc"
diff --git a/website/docs/developer-docs/setup/full-dev-environment.mdx b/website/docs/developer-docs/setup/full-dev-environment.mdx
index 48bcc6184d29..438b76d21841 100644
--- a/website/docs/developer-docs/setup/full-dev-environment.mdx
+++ b/website/docs/developer-docs/setup/full-dev-environment.mdx
@@ -9,9 +9,9 @@ tags:
     - docker
 ---
 
-import Tabs from "@theme/Tabs";
-import TabItem from "@theme/TabItem";
 import ExecutionEnvironment from "@docusaurus/ExecutionEnvironment";
+import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 ## Requirements
 
diff --git a/website/docs/index.mdx b/website/docs/index.mdx
index f5566ee0a098..1e12d3122d1e 100755
--- a/website/docs/index.mdx
+++ b/website/docs/index.mdx
@@ -24,39 +24,34 @@ The authentik product provides the following consoles:
 
 In authentik, you can use Light or Dark mode for the Admin interface, User interface, and the Flow interface.
 
-import "react-before-after-slider-component/dist/build.css";
-import ReactBeforeSliderComponent from "react-before-after-slider-component";
 import useBaseUrl from "@docusaurus/useBaseUrl";
+import ReactBeforeSliderComponent from "react-before-after-slider-component";
+
+import "react-before-after-slider-component/dist/build.css";
 
 <ReactBeforeSliderComponent
     firstImage={{
-        id: 1,
         imageUrl: useBaseUrl("img/screen_flow_dark.jpg"),
     }}
     secondImage={{
-        id: 2,
         imageUrl: useBaseUrl("img/screen_flow_light.jpg"),
     }}
 />
 
 <ReactBeforeSliderComponent
     firstImage={{
-        id: 1,
         imageUrl: useBaseUrl("img/screen_apps_dark.jpg"),
     }}
     secondImage={{
-        id: 2,
         imageUrl: useBaseUrl("img/screen_apps_light.jpg"),
     }}
 />
 
 <ReactBeforeSliderComponent
     firstImage={{
-        id: 1,
         imageUrl: useBaseUrl("img/screen_admin_dark.jpg"),
     }}
     secondImage={{
-        id: 2,
         imageUrl: useBaseUrl("img/screen_admin_light.jpg"),
     }}
 />
diff --git a/website/docs/install-config/air-gapped.mdx b/website/docs/install-config/air-gapped.mdx
index dd5a55475c24..983c59573ec8 100644
--- a/website/docs/install-config/air-gapped.mdx
+++ b/website/docs/install-config/air-gapped.mdx
@@ -17,8 +17,8 @@ To disable these outbound connections, adjust the settings as follows:
 
 To view a list of all configuration options, refer to the [Configuration](./configuration/configuration.mdx) documentation.
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
   defaultValue="docker-compose"
diff --git a/website/docs/install-config/beta.mdx b/website/docs/install-config/beta.mdx
index 85b49922c7d8..2e5c21f1a2d3 100644
--- a/website/docs/install-config/beta.mdx
+++ b/website/docs/install-config/beta.mdx
@@ -8,8 +8,8 @@ You can test upcoming authentik versions, including major new features that are
 Downgrading from the Beta is not supported. It is recommended to take a backup before upgrading, or test Beta versions on a separate install. Upgrading from Beta versions to the next release is usually possible, however also not supported.
 :::
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
   defaultValue="docker-compose"
diff --git a/website/docs/install-config/configuration/configuration.mdx b/website/docs/install-config/configuration/configuration.mdx
index 9380e6ddf89c..6f6b9513cc32 100644
--- a/website/docs/install-config/configuration/configuration.mdx
+++ b/website/docs/install-config/configuration/configuration.mdx
@@ -17,8 +17,8 @@ All of these variables can be set to values, but you can also use a URI-like for
 
 ## Set your environment variables
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs groupId="platform">
   <TabItem value="docker-compose" label="Docker Compose" default>
diff --git a/website/docs/install-config/install/docker-compose.mdx b/website/docs/install-config/install/docker-compose.mdx
index 8f6137c971ef..0077e9b6c061 100644
--- a/website/docs/install-config/install/docker-compose.mdx
+++ b/website/docs/install-config/install/docker-compose.mdx
@@ -27,8 +27,8 @@ This installation method is for test setups and small-scale production setups.
 To download the latest `docker-compose.yml` open your terminal and navigate to the directory of your choice.
 Run the following command:
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 {/* prettier-ignore */}
 <Tabs groupId="OS">
diff --git a/website/docs/install-config/upgrade.mdx b/website/docs/install-config/upgrade.mdx
index 387023e16601..4f4cb54f7be0 100644
--- a/website/docs/install-config/upgrade.mdx
+++ b/website/docs/install-config/upgrade.mdx
@@ -20,8 +20,8 @@ authentik does not support downgrading. Make sure to back up your database in ca
 
 ## Upgrade authentik
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs groupId="platform">
   <TabItem value="docker-compose" label="Docker Compose" default>
diff --git a/website/docs/releases/2024/v2024.10.md b/website/docs/releases/2024/v2024.10.md
index 80a8aedf2930..11fc0eb2d110 100644
--- a/website/docs/releases/2024/v2024.10.md
+++ b/website/docs/releases/2024/v2024.10.md
@@ -5,8 +5,8 @@ slug: "/releases/2024.10"
 
 ## Highlights
 
-- **Chrome Device Trust** <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>: Verify that your users are logging in from managed devices and validate the devices' compliance with company policies.
-- **FIPS/FAL3 for FedRAMP "very high" compliance** <span class="badge badge--primary">Enterprise+</span>: with support for SAML encryption and now JWE (JSON Web Encryption) support, authentik can now be configured for FIPS compliance at Federation Assurance Level (FAL) 3.
+- **Chrome Device Trust** :ak-enterprise :ak-preview : Verify that your users are logging in from managed devices and validate the devices' compliance with company policies.
+- **FIPS/FAL3 for FedRAMP "very high" compliance** :ak-enterprise : with support for SAML encryption and now JWE (JSON Web Encryption) support, authentik can now be configured for FIPS compliance at Federation Assurance Level (FAL) 3.
 - **Captcha on Identification stage**: Run a CAPTCHA process in the background while the user is entering their identification.
 - **Kerberos source**: authentik can now integrate with existing Kerberos environments by allowing users to log in with their Kerberos credentials, SPNEGO, or syncing users into authentik.
 
@@ -16,7 +16,7 @@ We have no breaking changes this release!
 
 ## New features
 
-- **Chrome Device Trust** <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>
+- **Chrome Device Trust** :ak-enterprise :ak-preview
 
     This is a new stage for Enterprise clients that verifies the user through the Chrome Verified Access API. This stage only works with Google Chrome. You'll need to bring your own [Verified Access API instance](https://developers.google.com/chrome/verified-access/overview) via Google Cloud.
 
diff --git a/website/docs/releases/2024/v2024.12.md b/website/docs/releases/2024/v2024.12.md
index 1efb8700871d..39f1a9ee5556 100644
--- a/website/docs/releases/2024/v2024.12.md
+++ b/website/docs/releases/2024/v2024.12.md
@@ -6,8 +6,8 @@ slug: "/releases/2024.12"
 ## Highlights
 
 - **Redirect stage** Conditionally redirect users to other flows and URLs.
-- **Application entitlements** <span class="badge badge--info">Preview</span> Additional granular permission configuration on an application-level basis.
-- **CloudFormation** <span class="badge badge--info">Preview</span> One-click deploy on AWS.
+- **Application entitlements** :ak-preview Additional granular permission configuration on an application-level basis.
+- **CloudFormation** :ak-preview One-click deploy on AWS.
 - **Policies in the application wizard** Configure access restriction while creating an application.
 
 ## Breaking changes
@@ -32,7 +32,7 @@ slug: "/releases/2024.12"
 
     This new stage allows redirecting a user to another flow or external URL. This allows for dynamically choosing which flow runs depending on user attributes or other factors, or redirection to another URL.
 
-- **Application entitlements** <span class="badge badge--info">Preview</span>
+- **Application entitlements** :ak-preview
 
     Centrally configure permissions by granting entitlements to groups and users on an application-level basis.
 
@@ -40,7 +40,7 @@ slug: "/releases/2024.12"
 
     In the application creation wizard, administrators can now configure policies bindings along with the other application settings.
 
-- **CloudFormation** <span class="badge badge--info">Preview</span>
+- **CloudFormation** :ak-preview
 
     Deploy authentik in your own AWS environment with one click using our new [AWS CloudFormation template](../../install-config/install/aws.md).
 
diff --git a/website/docs/releases/2024/v2024.2.md b/website/docs/releases/2024/v2024.2.md
index de2eefd4aa24..7884b7bc2f09 100644
--- a/website/docs/releases/2024/v2024.2.md
+++ b/website/docs/releases/2024/v2024.2.md
@@ -5,9 +5,9 @@ slug: /releases/2024.2
 
 ## Highlights
 
-- **Remote Access Control** <span class="badge badge--primary">Enterprise</span> Access machines over RDP, SSH, and VNC from authentik
+- **Remote Access Control** :ak-enterprise Access machines over RDP, SSH, and VNC from authentik
 
-- **Audit logging** <span class="badge badge--primary">Enterprise</span> See what fields were changed when objects are updated
+- **Audit logging** :ak-enterprise See what fields were changed when objects are updated
 
 - **Session location and network binding** Increase security by preventing session theft
 
@@ -102,11 +102,11 @@ slug: /releases/2024.2
 
 ## New features
 
-- **New provider: Remote Access Control** <span class="badge badge--primary">Enterprise</span>
+- **New provider: Remote Access Control** :ak-enterprise
 
     The Remote Access Control provider allows you to remotely connect to remote machines over RDP, SSH and VNC through authentik. As such, you can use the same policy engine and customization options that are possible with other providers using the same user and admin interface.
 
-- **Audit logging** <span class="badge badge--primary">Enterprise</span>
+- **Audit logging** :ak-enterprise
 
     authentik instances that have a valid enterprise license installed will log any changes made to models, including which fields were changed with previous and new values of the fields. The values are censored if they are sensitive (for example a password hash), however a hash of the changed value will still be logged.
 
diff --git a/website/docs/releases/2024/v2024.4.md b/website/docs/releases/2024/v2024.4.md
index ad06d6269f44..ad0d61b97894 100644
--- a/website/docs/releases/2024/v2024.4.md
+++ b/website/docs/releases/2024/v2024.4.md
@@ -5,9 +5,9 @@ slug: /releases/2024.4
 
 ## Highlights
 
-- **OAuth/SAML as authentication factor** <span class="badge badge--primary">Enterprise</span> Use an external provider as part of an MFA authentication flow, including custom implementations
+- **OAuth/SAML as authentication factor** :ak-enterprise Use an external provider as part of an MFA authentication flow, including custom implementations
 
-- **SCIM Source** <span class="badge badge--info">Preview</span> Provision users and groups in authentik using an SCIM API
+- **SCIM Source** :ak-preview Provision users and groups in authentik using an SCIM API
 
 - **Configurable WebAuthn device restrictions** Configure which types of WebAuthn devices can be used to enroll and validate for different authorization levels.
 
@@ -27,13 +27,13 @@ slug: /releases/2024.4
 
 ## New features
 
-- **Source stage** <span class="badge badge--primary">Enterprise</span>
+- **Source stage** :ak-enterprise
 
     The source stage allows for an inclusion of a source as part of a flow. This can be used to link a user to a source as part of their authentication/enrollment, or it can be used as an external multi-factor to provide device health attestation for example.
 
     For details refer to [Source stage](../../add-secure-apps/flows-stages/stages/source/index.md)
 
-- **SCIM Source** <span class="badge badge--info">Preview</span>
+- **SCIM Source** :ak-preview
 
     Provision users and groups in authentik using an SCIM API.
 
diff --git a/website/docs/releases/2024/v2024.6.md b/website/docs/releases/2024/v2024.6.md
index 6a56b533daec..04f62ecee3dd 100644
--- a/website/docs/releases/2024/v2024.6.md
+++ b/website/docs/releases/2024/v2024.6.md
@@ -6,7 +6,7 @@ slug: /releases/2024.6
 ## Highlights
 
 - **PostgreSQL read replicas**: Optimize database query routing by using read replicas to balance the load
-- **New Enterprise providers**: <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span> Google Workspace and Microsoft Entra ID providers allow for user synchronization with authentik
+- **New Enterprise providers**: :ak-enterprise :ak-preview Google Workspace and Microsoft Entra ID providers allow for user synchronization with authentik
 - **Improved CAPTCHA stage**: Allows configurable dynamic use of CAPTCHAs
 
 ## Breaking changes
@@ -29,13 +29,13 @@ The `context["geoip"]` and `context["asn"]` objects available in expression poli
 
 ## New features
 
-- **Google Workspace Provider** <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>
+- **Google Workspace Provider** :ak-enterprise :ak-preview
 
     With the Google Workspace provider, authentik serves as the single source of truth for all users and groups, when using Google products like Gmail.
 
     For details refer to the [Google Workspace Provider documentation](../../add-secure-apps/providers/gws/index.md)
 
-- **Microsoft Entra ID Provider** <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>
+- **Microsoft Entra ID Provider** :ak-enterprise :ak-preview
 
     With the Microsoft Entra ID provider, authentik serves as the single source of truth for all users and groups. Configuring Entra ID as a provider allows for auto-discovery of user and group accounts, on-going synchronization of user data such as email address, name, and status, and integrated data mapping of field names and values.
 
diff --git a/website/docs/releases/2025/v2025.2.md b/website/docs/releases/2025/v2025.2.md
index 035b4817606d..348d6acd8eba 100644
--- a/website/docs/releases/2025/v2025.2.md
+++ b/website/docs/releases/2025/v2025.2.md
@@ -5,7 +5,7 @@ slug: "/releases/2025.2"
 
 ## Highlights
 
-- **SSF Provider <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>** Add support for Shared Signals Framework.
+- **SSF Provider :ak-enterprise :ak-preview** Add support for Shared Signals Framework.
 - **RAC moved open source** Remote access is now available to everyone!
 - **GeoIP distance and impossible travel checks** Add the ability to check for the distance a user has moved compared to a previous login, and if the user could have travelled the distance.
 - **Email OTP Stage** Allow users to use their email accounts as a one-time-password during authentication.
@@ -13,7 +13,7 @@ slug: "/releases/2025.2"
 
 ## Breaking changes
 
-- **Fixed behaviour in Source stage <span class="badge badge--primary">Enterprise</span>**
+- **Fixed behaviour in Source stage :ak-enterprise**
 
     In previous versions, the Source stage would incorrectly continue with the initial flow after returning from the source, which didn't match the documented behaviour.
 
@@ -29,7 +29,7 @@ slug: "/releases/2025.2"
 
 ## New features
 
-- **SSF Provider** <span class="badge badge--primary">Enterprise</span> <span class="badge badge--info">Preview</span>
+- **SSF Provider** :ak-enterprise :ak-preview
 
     [Shared Signals Framework](../../add-secure-apps/providers/ssf/index.md) allows applications to register a stream with authentik within which they can received events from authentik such as when a session was revoked or a credential was add/changed/deleted and execute actions based on these events.
 
diff --git a/website/docs/releases/2025/v2025.4.md b/website/docs/releases/2025/v2025.4.md
index f99efdf7cb54..e1ac2686d1f3 100644
--- a/website/docs/releases/2025/v2025.4.md
+++ b/website/docs/releases/2025/v2025.4.md
@@ -11,7 +11,7 @@ slug: "/releases/2025.4"
 
 - **RBAC: Initial Permissions** :ak-preview Provides more flexible access control by assigning permissions to the user/role creating a new object in authentik. Use **Initial Permissions** as a pragmatic way to implement the principle of least privilege.
 
-- **Password History Policy** <span class="badge badge--primary">Enterprise</span> A new policy (the Password Uniqueness policy) can be implemented to prevent users from reusing previous passwords; admins are able to configure how many previous password hashes the system will store and evaluate. This new policy makes it easier to enforce password reuse requirements, such as for FedRAMP compliance.
+- **Password History Policy** :ak-enterprise A new policy (the Password Uniqueness policy) can be implemented to prevent users from reusing previous passwords; admins are able to configure how many previous password hashes the system will store and evaluate. This new policy makes it easier to enforce password reuse requirements, such as for FedRAMP compliance.
 
 - **Provider Sync Dry Run** :ak-preview Add the option for dry-run syncs for SCIM, Google Workspace, and Microsoft Entra providers to preview the results of a sync without affecting live accounts.
 
diff --git a/website/docs/sys-mgmt/ops/geoip.mdx b/website/docs/sys-mgmt/ops/geoip.mdx
index 51af7304f39d..cdd4a5b62fde 100644
--- a/website/docs/sys-mgmt/ops/geoip.mdx
+++ b/website/docs/sys-mgmt/ops/geoip.mdx
@@ -14,8 +14,8 @@ By default, the GeoIP database is loaded from `/geoip/GeoLite2-City.mmdb`. If mo
 
 If you want to disable GeoIP, you can set the path to a non-existent path and authentik will skip the GeoIP.
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
   defaultValue="docker-compose"
diff --git a/website/docs/sys-mgmt/service-accounts.md b/website/docs/sys-mgmt/service-accounts.md
index 0e64ceb3cd75..ee902757d6a6 100644
--- a/website/docs/sys-mgmt/service-accounts.md
+++ b/website/docs/sys-mgmt/service-accounts.md
@@ -3,8 +3,6 @@ title: Service Accounts
 sidebar_label: Service Accounts
 ---
 
-# Service Accounts
-
 Service accounts are specialized user accounts designed for machine-to-machine authentication and automation purposes rather than interactive human use. They're ideal for integrating authentik with external systems, APIs, and services.
 
 ## Types of Service Accounts
diff --git a/website/docs/troubleshooting/forward_auth/general.mdx b/website/docs/troubleshooting/forward_auth/general.mdx
index e03feb27487b..aa22dd1f6692 100644
--- a/website/docs/troubleshooting/forward_auth/general.mdx
+++ b/website/docs/troubleshooting/forward_auth/general.mdx
@@ -2,8 +2,8 @@
 title: General troubleshooting steps
 ---
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 ## Set the log level to TRACE
 
diff --git a/website/docs/troubleshooting/logs.mdx b/website/docs/troubleshooting/logs.mdx
index f6ef34f342b9..a0e3cc46a6a7 100644
--- a/website/docs/troubleshooting/logs.mdx
+++ b/website/docs/troubleshooting/logs.mdx
@@ -10,8 +10,8 @@ The server and worker containers support multiple log levels: `debug`, `info`, `
 
 To modify the log level, follow the steps for your platform
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
   groupId="platform"
diff --git a/website/docs/users-sources/sources/protocols/scim/index.md b/website/docs/users-sources/sources/protocols/scim/index.md
index 19de695dc20b..ad8500c90dbf 100644
--- a/website/docs/users-sources/sources/protocols/scim/index.md
+++ b/website/docs/users-sources/sources/protocols/scim/index.md
@@ -32,6 +32,7 @@ See the [overview](../../property-mappings/index.md) for information on how prop
 
 Each top level SCIM attribute is available as a variable in the expression. For example given an SCIM request with the payload of
 
+<!-- prettier-ignore-start -->
 ```json
 {
     "schemas": [
@@ -57,6 +58,7 @@ Each top level SCIM attribute is available as a variable in the expression. For
     }
 }
 ```
+<!-- prettier-ignore-end -->
 
 The following variables are available in the expression:
 
diff --git a/website/docusaurus.config.cjs b/website/docusaurus.config.cjs
new file mode 100644
index 000000000000..3e3e3eba417f
--- /dev/null
+++ b/website/docusaurus.config.cjs
@@ -0,0 +1,12 @@
+/**
+ * @file CommonJS Docusaurus config adapter.
+ *
+ * This exists to allow an ESM Docusaurus configuration to be imported in a CommonJS.
+ *
+ * @import Config from "./docusaurus.config.esm.mjs"
+ */
+
+/**
+ * @see {@linkcode Config} for the Docusaurus configuration type.
+ */
+module.exports = import("./docusaurus.config.esm.mjs").then(($) => $.default);
diff --git a/website/docusaurus.config.esm.mjs b/website/docusaurus.config.esm.mjs
new file mode 100644
index 000000000000..8f6dc1caf1e5
--- /dev/null
+++ b/website/docusaurus.config.esm.mjs
@@ -0,0 +1,164 @@
+/**
+ * @file Docusaurus config.
+ *
+ * @import * as Preset from "@docusaurus/preset-classic";
+ * @import * as OpenApiPlugin from "docusaurus-plugin-openapi-docs";
+ * @import { BuildUrlValues } from "remark-github";
+ */
+import { createDocusaurusConfig } from "@goauthentik/docusaurus-config";
+import { createRequire } from "node:module";
+import remarkDirective from "remark-directive";
+import remarkGithub, { defaultBuildUrl } from "remark-github";
+
+import remarkEnterpriseDirective from "./remark/enterprise-directive.mjs";
+import remarkPreviewDirective from "./remark/preview-directive.mjs";
+import remarkSupportDirective from "./remark/support-directive.mjs";
+import remarkVersionDirective from "./remark/version-directive.mjs";
+
+const require = createRequire(import.meta.url);
+
+/**
+ * Documentation site configuration for Docusaurus.
+ */
+const config = createDocusaurusConfig({
+    url: "https://docs.goauthentik.io",
+    future: {
+        experimental_faster: true,
+    },
+    themes: ["@docusaurus/theme-mermaid", "docusaurus-theme-openapi-docs"],
+    themeConfig: {
+        image: "img/social.png",
+        navbar: {
+            logo: {
+                alt: "authentik logo",
+                src: "img/icon_left_brand.svg",
+                href: "https://goauthentik.io/",
+                target: "_self",
+            },
+            items: [
+                {
+                    to: "https://goauthentik.io/features",
+                    label: "Features",
+                    position: "left",
+                    target: "_self",
+                },
+                {
+                    to: "integrations/",
+                    label: "Integrations",
+                    position: "left",
+                },
+                {
+                    to: "docs/",
+                    label: "Documentation",
+                    position: "left",
+                },
+                {
+                    to: "https://goauthentik.io/pricing/",
+                    label: "Pricing",
+                    position: "left",
+                    target: "_self",
+                },
+                {
+                    to: "https://goauthentik.io/blog",
+                    label: "Blog",
+                    position: "left",
+                    target: "_self",
+                },
+                {
+                    "href": "https://github.com/goauthentik/authentik",
+                    "data-icon": "github",
+                    "aria-label": "GitHub",
+                    "position": "right",
+                },
+                {
+                    "href": "https://goauthentik.io/discord",
+                    "data-icon": "discord",
+                    "aria-label": "Discord",
+                    "position": "right",
+                },
+            ],
+        },
+        footer: {
+            links: [],
+            copyright: `Copyright © ${new Date().getFullYear()} Authentik Security Inc. Built with Docusaurus.`,
+        },
+        algolia: {
+            appId: "36ROD0O0FV",
+            apiKey: "727db511300ca9aec5425645bbbddfb5",
+            indexName: "goauthentik",
+        },
+    },
+    presets: [
+        [
+            "@docusaurus/preset-classic",
+            /** @type {Preset.Options} */ ({
+                docs: {
+                    id: "docs",
+                    sidebarPath: "./sidebars/docs.mjs",
+                    showLastUpdateTime: false,
+                    editUrl: "https://github.com/goauthentik/authentik/edit/main/website/",
+                    docItemComponent: "@theme/ApiItem",
+
+                    beforeDefaultRemarkPlugins: [
+                        remarkDirective,
+                        remarkVersionDirective,
+                        remarkEnterpriseDirective,
+                        remarkPreviewDirective,
+                        remarkSupportDirective,
+                    ],
+                    remarkPlugins: [
+                        [
+                            remarkGithub,
+                            {
+                                repository: "goauthentik/authentik",
+                                /**
+                                 * @param {BuildUrlValues} values
+                                 */
+                                buildUrl: (values) => {
+                                    // Only replace issues and PR links
+                                    return values.type === "issue" || values.type === "mention"
+                                        ? defaultBuildUrl(values)
+                                        : false;
+                                },
+                            },
+                        ],
+                    ],
+                },
+                theme: {
+                    customCss: require.resolve("@goauthentik/docusaurus-config/css/index.css"),
+                },
+            }),
+        ],
+    ],
+    plugins: [
+        [
+            "@docusaurus/plugin-content-docs",
+            {
+                id: "docsIntegrations",
+                path: "integrations",
+                routeBasePath: "integrations",
+                sidebarPath: "./sidebars/integrations.mjs",
+                editUrl: "https://github.com/goauthentik/authentik/edit/main/website/",
+            },
+        ],
+        [
+            "docusaurus-plugin-openapi-docs",
+            {
+                id: "api",
+                docsPluginId: "docs",
+                config: /** @type {OpenApiPlugin.Options} */ ({
+                    authentik: {
+                        specPath: "static/schema.yml",
+                        outputDir: "docs/developer-docs/api/reference/",
+                        hideSendButton: true,
+                        sidebarOptions: {
+                            groupPathsBy: "tag",
+                        },
+                    },
+                }),
+            },
+        ],
+    ],
+});
+
+export default config;
diff --git a/website/docusaurus.config.ts b/website/docusaurus.config.ts
deleted file mode 100644
index e77190a7b7a8..000000000000
--- a/website/docusaurus.config.ts
+++ /dev/null
@@ -1,184 +0,0 @@
-import type * as Preset from "@docusaurus/preset-classic";
-import type { Config } from "@docusaurus/types";
-import type * as OpenApiPlugin from "docusaurus-plugin-openapi-docs";
-import { themes as prismThemes } from "prism-react-renderer";
-import remarkDirective from "remark-directive";
-import remarkGithub, { BuildUrlValues } from "remark-github";
-import { defaultBuildUrl } from "remark-github";
-
-import remarkPreviewDirective from "./remark/preview-directive.js";
-import remarkSupportDirective from "./remark/support-directive.js";
-import remarkVersionDirective from "./remark/version-directive.js";
-
-const createConfig = (): Config => {
-    return {
-        title: "authentik",
-        tagline: "Bring all of your authentication into a unified platform.",
-        url: "https://docs.goauthentik.io",
-        baseUrl: "/",
-        onBrokenLinks: "throw",
-        onBrokenAnchors: "throw",
-        favicon: "img/icon.png",
-        organizationName: "Authentik Security Inc.",
-        projectName: "authentik",
-        themeConfig: {
-            image: "img/social.png",
-            navbar: {
-                logo: {
-                    alt: "authentik logo",
-                    src: "img/icon_left_brand.svg",
-                    href: "https://goauthentik.io/",
-                    target: "_self",
-                },
-                items: [
-                    {
-                        to: "https://goauthentik.io/features",
-                        label: "Features",
-                        position: "left",
-                        target: "_self",
-                    },
-                    {
-                        to: "integrations/",
-                        label: "Integrations",
-                        position: "left",
-                    },
-                    {
-                        to: "docs/",
-                        label: "Documentation",
-                        position: "left",
-                    },
-                    {
-                        to: "https://goauthentik.io/pricing/",
-                        label: "Pricing",
-                        position: "left",
-                        target: "_self",
-                    },
-                    {
-                        to: "https://goauthentik.io/blog",
-                        label: "Blog",
-                        position: "left",
-                        target: "_self",
-                    },
-                    {
-                        "href": "https://github.com/goauthentik/authentik",
-                        "data-icon": "github",
-                        "aria-label": "GitHub",
-                        "position": "right",
-                    },
-                    {
-                        "href": "https://goauthentik.io/discord",
-                        "data-icon": "discord",
-                        "aria-label": "Discord",
-                        "position": "right",
-                    },
-                ],
-            },
-            footer: {
-                links: [],
-                copyright: `Copyright © ${new Date().getFullYear()} Authentik Security Inc. Built with Docusaurus.`,
-            },
-            tableOfContents: {
-                minHeadingLevel: 2,
-                maxHeadingLevel: 3,
-            },
-            colorMode: {
-                respectPrefersColorScheme: true,
-            },
-            algolia: {
-                appId: "36ROD0O0FV",
-                apiKey: "727db511300ca9aec5425645bbbddfb5",
-                indexName: "goauthentik",
-            },
-            prism: {
-                theme: prismThemes.oneLight,
-                darkTheme: prismThemes.oneDark,
-                additionalLanguages: [
-                    // ---
-                    "apacheconf",
-                    "diff",
-                    "http",
-                    "json",
-                    "nginx",
-                    "python",
-                    "bash",
-                ],
-            },
-        },
-        presets: [
-            [
-                "@docusaurus/preset-classic",
-                {
-                    docs: {
-                        id: "docs",
-                        sidebarPath: "./sidebars.js",
-                        showLastUpdateTime: false,
-                        editUrl: "https://github.com/goauthentik/authentik/edit/main/website/",
-                        docItemComponent: "@theme/ApiItem",
-
-                        beforeDefaultRemarkPlugins: [
-                            remarkDirective,
-                            remarkVersionDirective,
-                            remarkPreviewDirective,
-                            remarkSupportDirective,
-                        ],
-                        remarkPlugins: [
-                            [
-                                remarkGithub,
-                                {
-                                    repository: "goauthentik/authentik",
-                                    // Only replace issues and PR links
-                                    buildUrl: (values: BuildUrlValues) => {
-                                        return values.type === "issue" || values.type === "mention"
-                                            ? defaultBuildUrl(values)
-                                            : false;
-                                    },
-                                },
-                            ],
-                        ],
-                    },
-                    theme: {
-                        customCss: require.resolve("@goauthentik/docusaurus-config/css/index.css"),
-                    },
-                } satisfies Preset.Options,
-            ],
-        ],
-        plugins: [
-            [
-                "@docusaurus/plugin-content-docs",
-                {
-                    id: "docsIntegrations",
-                    path: "integrations",
-                    routeBasePath: "integrations",
-                    sidebarPath: "./sidebarsIntegrations.js",
-                    editUrl: "https://github.com/goauthentik/authentik/edit/main/website/",
-                },
-            ],
-            [
-                "docusaurus-plugin-openapi-docs",
-                {
-                    id: "api",
-                    docsPluginId: "docs",
-                    config: {
-                        authentik: {
-                            specPath: "static/schema.yml",
-                            outputDir: "docs/developer-docs/api/reference/",
-                            hideSendButton: true,
-                            sidebarOptions: {
-                                groupPathsBy: "tag",
-                            },
-                        } satisfies OpenApiPlugin.Options,
-                    },
-                },
-            ],
-        ],
-        markdown: {
-            mermaid: true,
-        },
-        future: {
-            experimental_faster: true,
-        },
-        themes: ["@docusaurus/theme-mermaid", "docusaurus-theme-openapi-docs"],
-    };
-};
-
-module.exports = createConfig;
diff --git a/website/integrations/services/actual-budget/index.mdx b/website/integrations/services/actual-budget/index.mdx
index 16186f929ae8..8d9c47d4c793 100644
--- a/website/integrations/services/actual-budget/index.mdx
+++ b/website/integrations/services/actual-budget/index.mdx
@@ -4,8 +4,8 @@ sidebar_label: Actual Budget
 support_level: community
 ---
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 ## What is Actual Budget
 
diff --git a/website/integrations/services/apache-guacamole/index.mdx b/website/integrations/services/apache-guacamole/index.mdx
index 70944ec33e89..a1f3761792ed 100644
--- a/website/integrations/services/apache-guacamole/index.mdx
+++ b/website/integrations/services/apache-guacamole/index.mdx
@@ -4,8 +4,8 @@ sidebar_label: Apache Guacamole™
 support_level: authentik
 ---
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 ## What is Apache Guacamole™
 
diff --git a/website/integrations/services/aws/index.mdx b/website/integrations/services/aws/index.mdx
index 14a91d8fa9f7..652767bdf84f 100644
--- a/website/integrations/services/aws/index.mdx
+++ b/website/integrations/services/aws/index.mdx
@@ -21,8 +21,8 @@ The following placeholders are used in this guide:
 This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application.
 :::
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs>
 <TabItem value="iam" label="Classic IAM" default>
diff --git a/website/integrations/services/beszel/index.mdx b/website/integrations/services/beszel/index.mdx
index 7e69fa70a5b5..f825170ff844 100644
--- a/website/integrations/services/beszel/index.mdx
+++ b/website/integrations/services/beszel/index.mdx
@@ -1,12 +1,9 @@
 ---
 title: Integrate with Beszel
 sidebar_label: Beszel
+support_level: community
 ---
 
-# Integrate With Beszel
-
-<span class="badge badge--secondary">Support level: Community</span>
-
 ## What is Beszel
 
 > Beszel is a lightweight server monitoring platform that provides Docker statistics, historical data, and configurable alerts.
diff --git a/website/integrations/services/bookstack/index.mdx b/website/integrations/services/bookstack/index.mdx
index b440a811ef61..8cda0b880dcb 100644
--- a/website/integrations/services/bookstack/index.mdx
+++ b/website/integrations/services/bookstack/index.mdx
@@ -1,14 +1,11 @@
 ---
 title: Integrate with BookStack
 sidebar_label: BookStack
+support_level: community
 ---
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
-
-# Integrate with BookStack
-
-<span class="badge badge--secondary">Support level: Community</span>
+import Tabs from "@theme/Tabs";
 
 ## What is BookStack
 
diff --git a/website/integrations/services/chronograf/index.mdx b/website/integrations/services/chronograf/index.mdx
index 4248eced424a..34adc13ab17b 100644
--- a/website/integrations/services/chronograf/index.mdx
+++ b/website/integrations/services/chronograf/index.mdx
@@ -3,10 +3,6 @@ title: Integrate with Chronograf
 sidebar_label: Chronograf
 ---
 
-# Integrate with Chronograf
-
-<span class="badge badge--secondary">Support level: Community</span>
-
 ## What is Chronograf
 
 > Chronograf lets you quickly visualize the data stored in InfluxDB, enabling you to build robust queries and alerts. It is simple to use and comes with templates and libraries for rapidly creating dashboards with real-time data visualizations.
diff --git a/website/integrations/services/espocrm/index.md b/website/integrations/services/espocrm/index.md
index 6710619f3900..9e7b74f614fa 100644
--- a/website/integrations/services/espocrm/index.md
+++ b/website/integrations/services/espocrm/index.md
@@ -1,12 +1,9 @@
 ---
 title: Integrate with EspoCRM
 sidebar_label: EspoCRM
+support_level: community
 ---
 
-# Integrate with EspoCRM
-
-<span class="badge badge--secondary">Support level: Community</span>
-
 ## What is EspoCRM?
 
 > EspoCRM is a CRM (customer relationship management) web application that allows users to store, visualize, and analyze their company's business-related relationships such as opportunities, people, businesses, and projects.
diff --git a/website/integrations/services/freshrss/index.mdx b/website/integrations/services/freshrss/index.mdx
index 3023833371c0..8745d8599fb3 100644
--- a/website/integrations/services/freshrss/index.mdx
+++ b/website/integrations/services/freshrss/index.mdx
@@ -1,12 +1,9 @@
 ---
 title: Integrate with FreshRSS
 sidebar_label: FreshRSS
+support_level: community
 ---
 
-# Integrate with FreshRSS
-
-<span class="badge badge--secondary">Support level: Community</span>
-
 ## What is FreshRSS
 
 > FreshRSS is a self-hosted RSS feed aggregator.
diff --git a/website/integrations/services/gatus/index.mdx b/website/integrations/services/gatus/index.mdx
index 9503b6e2d7ba..ea5ce2b0e1e1 100644
--- a/website/integrations/services/gatus/index.mdx
+++ b/website/integrations/services/gatus/index.mdx
@@ -1,12 +1,9 @@
 ---
 title: Integrate with Gatus
 sidebar_label: Gatus
+support_level: community
 ---
 
-# Integrate with Gatus
-
-<span class="badge badge--secondary">Support level: Community</span>
-
 ## What is Gatus?
 
 > Gatus is a developer-oriented health dashboard that gives you the ability to monitor your services using HTTP, ICMP, TCP, and even DNS queries as well as evaluate the result of said queries by using a list of conditions on values like the status code, the response time, the certificate expiration, the body and many others. The icing on top is that each of these health checks can be paired with alerting via Slack, Teams, PagerDuty, Discord, Twilio and many more.
diff --git a/website/integrations/services/gitlab/index.mdx b/website/integrations/services/gitlab/index.mdx
index 6b3fffbab6f1..222ee372fc8b 100644
--- a/website/integrations/services/gitlab/index.mdx
+++ b/website/integrations/services/gitlab/index.mdx
@@ -29,8 +29,8 @@ This documentation lists only the settings that you need to change from their de
 
 There are two ways to configure single sign-on for GitLab. You can configure it via SAML authentication or via OpenID Connect.
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
     defaultValue="saml"
diff --git a/website/integrations/services/grafana/index.mdx b/website/integrations/services/grafana/index.mdx
index fe2060ccfb9f..0df0c4749f7b 100644
--- a/website/integrations/services/grafana/index.mdx
+++ b/website/integrations/services/grafana/index.mdx
@@ -101,8 +101,8 @@ resource "authentik_group" "grafana_viewers" {
 
 ## Grafana configuration
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
   defaultValue="docker"
diff --git a/website/integrations/services/index.mdx b/website/integrations/services/index.mdx
index 2633959b01f4..e6f7975d0ed0 100644
--- a/website/integrations/services/index.mdx
+++ b/website/integrations/services/index.mdx
@@ -3,8 +3,8 @@ title: Integrate with Applications
 sidebar_label: Applications
 ---
 
-import DocCardList from "@theme/DocCardList";
 import SupportBadge from "@site/src/components/SupportBadge";
+import DocCardList from "@theme/DocCardList";
 
 # Applications
 
diff --git a/website/integrations/services/kimai/index.md b/website/integrations/services/kimai/index.md
index 7d34331afda7..b48d850ea367 100644
--- a/website/integrations/services/kimai/index.md
+++ b/website/integrations/services/kimai/index.md
@@ -49,6 +49,8 @@ Paste the following block in your `local.yaml` file, after replacing the placeho
 
 To get the value for `x509cert`, go to _System_ > _Certificates_, and download the public Signing Certificate. To avoid further problems, concat it into "string format" using e.g.: https://www.samltool.com/format_x509cert.php
 
+<!-- prettier-ignore-start -->
+
 ```yaml
 # Optionally add this for docker debug-logging
 # monolog:
@@ -127,4 +129,6 @@ kimai:
                     url: "https://kimai.company"
 ```
 
+<!-- prettier-ignore-end -->
+
 Afterwards, either [rebuild the cache](https://www.kimai.org/documentation/cache.html) or restart the docker container.
diff --git a/website/integrations/services/nextcloud/index.mdx b/website/integrations/services/nextcloud/index.mdx
index ad3c7d2c4388..b713fb6385aa 100644
--- a/website/integrations/services/nextcloud/index.mdx
+++ b/website/integrations/services/nextcloud/index.mdx
@@ -30,8 +30,8 @@ This documentation lists only the settings that you need to change from their de
 
 It is possible to configure Nextcloud to use either OpenID Connect or SAML for authentication. Below are the steps to configure both methods.
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
   defaultValue="oidc"
diff --git a/website/integrations/services/paperless-ngx/index.mdx b/website/integrations/services/paperless-ngx/index.mdx
index a1c75d233d6e..b48e0a08fbbc 100644
--- a/website/integrations/services/paperless-ngx/index.mdx
+++ b/website/integrations/services/paperless-ngx/index.mdx
@@ -41,8 +41,8 @@ To support the integration of Paperless-ngx with authentik, you need to create a
 
 ## Paperless Configuration
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
   defaultValue="docker"
diff --git a/website/integrations/services/plesk/index.md b/website/integrations/services/plesk/index.md
index 9b658285d55a..11eeb5ef650d 100644
--- a/website/integrations/services/plesk/index.md
+++ b/website/integrations/services/plesk/index.md
@@ -1,12 +1,9 @@
 ---
 title: Integrate with Plesk
 sidebar_label: Plesk
+support_level: community
 ---
 
-# Integrate with Plesk
-
-<span class="badge badge--secondary">Support level: Community</span>
-
 ## What is Plesk
 
 > Plesk is a web hosting platform with a control panel that helps manage servers, applications, and websites through a comprehensive graphical user interface. It provides tools for web professionals, IT administrators, and hosting companies to simplify the process of hosting and managing websites.
diff --git a/website/integrations/services/pocketbase/index.md b/website/integrations/services/pocketbase/index.md
index 905b31b658a6..9c5fec81435e 100644
--- a/website/integrations/services/pocketbase/index.md
+++ b/website/integrations/services/pocketbase/index.md
@@ -1,12 +1,9 @@
 ---
 title: Integrate with PocketBase
 sidebar_label: PocketBase
+support_level: community
 ---
 
-# Integrate With PocketBase
-
-<span class="badge badge--secondary">Support level: Community</span>
-
 ## What is PocketBase
 
 > PocketBase is a lightweight backend solution that provides a built-in database, authentication, and file storage.
diff --git a/website/integrations/services/wekan/index.mdx b/website/integrations/services/wekan/index.mdx
index 0f8807eb1620..405704652740 100644
--- a/website/integrations/services/wekan/index.mdx
+++ b/website/integrations/services/wekan/index.mdx
@@ -42,8 +42,8 @@ To support the integration of Wekan with authentik, you need to create an applic
 
 ## Wekan configuration
 
-import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
+import Tabs from "@theme/Tabs";
 
 <Tabs
   defaultValue="docker"
diff --git a/website/remark/enterprise-directive.mjs b/website/remark/enterprise-directive.mjs
new file mode 100644
index 000000000000..c9a1a05db964
--- /dev/null
+++ b/website/remark/enterprise-directive.mjs
@@ -0,0 +1,47 @@
+/**
+ * @file Remark plugin to transform `ak-enterprise` directives into badges.
+ *
+ * @import { Root } from "mdast";
+ */
+import { h } from "hastscript";
+import { SKIP, visit } from "unist-util-visit";
+
+/**
+ * MDAST plugin to transform `ak-enterprise` directives into badges.
+ */
+function remarkEnterpriseDirective() {
+    /**
+     * @param {Root} tree The MDAST tree to transform.
+     */
+    return function (tree) {
+        visit(tree, "textDirective", function (node) {
+            if (node.name !== "ak-enterprise") return SKIP;
+
+            const data = node.data || (node.data = {});
+
+            const hast = h("span", {
+                ...node.attributes,
+                "className": "badge badge--primary",
+                "title": `This feature is available in the enterprise version of authentik.`,
+                "aria-description": "Enterprise badge",
+                "role": "img",
+            });
+
+            data.hName = hast.tagName;
+            data.hProperties = hast.properties;
+
+            data.hChildren = [
+                {
+                    type: "text",
+                    value: "Enterprise",
+                },
+            ];
+
+            node.children = [];
+
+            return SKIP;
+        });
+    };
+}
+
+export default remarkEnterpriseDirective;
diff --git a/website/remark/preview-directive.ts b/website/remark/preview-directive.mjs
similarity index 82%
rename from website/remark/preview-directive.ts
rename to website/remark/preview-directive.mjs
index e2475523c56e..76353eb0dcf4 100644
--- a/website/remark/preview-directive.ts
+++ b/website/remark/preview-directive.mjs
@@ -1,14 +1,19 @@
+/**
+ * @file Remark plugin to transform `ak-preview` directives into preview badges.
+ *
+ * @import { Root } from "mdast";
+ */
 import { h } from "hastscript";
-import { Root } from "mdast";
-import "mdast-util-directive";
-import "mdast-util-to-hast";
 import { SKIP, visit } from "unist-util-visit";
 
 /**
  * MDAST plugin to transform `ak-preview` directives into preview badges.
  */
 function remarkPreviewDirective() {
-    return function (tree: Root) {
+    /**
+     * @param {Root} tree The MDAST tree to transform.
+     */
+    return function (tree) {
         visit(tree, "textDirective", function (node) {
             if (node.name !== "ak-preview") return SKIP;
 
diff --git a/website/remark/support-directive.ts b/website/remark/support-directive.mjs
similarity index 74%
rename from website/remark/support-directive.ts
rename to website/remark/support-directive.mjs
index 4537a1a87241..6595e1d48060 100644
--- a/website/remark/support-directive.ts
+++ b/website/remark/support-directive.mjs
@@ -1,29 +1,35 @@
+/**
+ * @file Remark plugin to transform `ak-support` directives into support level badges.
+ *
+ * @import { Root } from "mdast";
+ */
 import { h } from "hastscript";
-import { Root } from "mdast";
-import "mdast-util-directive";
-import "mdast-util-to-hast";
-import { coerce } from "semver";
 import { SKIP, visit } from "unist-util-visit";
 
 /**
  * Support levels for authentik.
+ * @typedef {"authentik" | "community" | "vendor" | "deprecated"} SupportLevel
  */
-export type SupportLevel = "authentik" | "community" | "vendor" | "deprecated";
 
 /**
  * Mapping of support levels to badge classes.
+ *
+ * @satisfies {Record<SupportLevel, string>}
  */
-export const SupportLevelToLabel = {
+export const SupportLevelToLabel = /** @type {const} */ ({
     authentik: "authentik",
     community: "Community",
     vendor: "Vendor",
     deprecated: "Deprecated",
-} as const satisfies Record<SupportLevel, string>;
+});
 
 /**
  * Type-predicate to determine if a string is a known support level.
+ *
+ * @param {string} input The string to check.
+ * @return {input is SupportLevel} True if the string is a known support level.
  */
-export function isSupportLevel(input: string): input is SupportLevel {
+export function isSupportLevel(input) {
     return Object.hasOwn(SupportLevelToLabel, input);
 }
 
@@ -31,7 +37,10 @@ export function isSupportLevel(input: string): input is SupportLevel {
  * MDAST plugin to transform `ak-support` directives into preview badges.
  */
 function remarkSupportDirective() {
-    return function (tree: Root) {
+    /**
+     * @param {Root} tree The MDAST tree to transform.
+     */
+    return function (tree) {
         visit(tree, "textDirective", function (node) {
             if (node.name !== "ak-support") return SKIP;
 
diff --git a/website/remark/version-directive.ts b/website/remark/version-directive.mjs
similarity index 89%
rename from website/remark/version-directive.ts
rename to website/remark/version-directive.mjs
index 803c59515873..61d5e010de89 100644
--- a/website/remark/version-directive.ts
+++ b/website/remark/version-directive.mjs
@@ -1,7 +1,9 @@
+/**
+ * @file Remark plugin to transform `ak-version` directives into version badges.
+ *
+ * @import { Root } from "mdast";
+ */
 import { h } from "hastscript";
-import { Root } from "mdast";
-import "mdast-util-directive";
-import "mdast-util-to-hast";
 import { coerce } from "semver";
 import { SKIP, visit } from "unist-util-visit";
 
@@ -21,7 +23,10 @@ import { SKIP, visit } from "unist-util-visit";
  * ```
  */
 function remarkVersionDirective() {
-    return function (tree: Root) {
+    /**
+     * @param {Root} tree The MDAST tree to transform.
+     */
+    return function (tree) {
         visit(tree, "textDirective", function (node) {
             if (node.name !== "ak-version") return SKIP;
 
diff --git a/website/sidebars.js b/website/sidebars.js
deleted file mode 100644
index 25d1024ebae9..000000000000
--- a/website/sidebars.js
+++ /dev/null
@@ -1,796 +0,0 @@
-import apiReference from "./docs/developer-docs/api/reference/sidebar";
-import { generateVersionDropdown } from "./src/utils.js";
-
-const releases = [
-    "releases/2025/v2025.4",
-    "releases/2025/v2025.2",
-    "releases/2024/v2024.12",
-    {
-        type: "category",
-        label: "Previous versions",
-        items: [
-            "releases/2024/v2024.10",
-            "releases/2024/v2024.8",
-            "releases/2024/v2024.6",
-            "releases/2024/v2024.4",
-            "releases/2024/v2024.2",
-            "releases/2023/v2023.10",
-            "releases/2023/v2023.8",
-            "releases/2023/v2023.6",
-            "releases/2023/v2023.5",
-            "releases/2023/v2023.4",
-            "releases/2023/v2023.3",
-            "releases/2023/v2023.2",
-            "releases/2023/v2023.1",
-            "releases/2022/v2022.12",
-            "releases/2022/v2022.11",
-            "releases/2022/v2022.10",
-            "releases/2022/v2022.9",
-            "releases/2022/v2022.8",
-            "releases/2022/v2022.7",
-            "releases/2022/v2022.6",
-            "releases/2022/v2022.5",
-            "releases/2022/v2022.4",
-            "releases/2022/v2022.2",
-            "releases/2022/v2022.1",
-            "releases/2021/v2021.12",
-            "releases/2021/v2021.10",
-            "releases/2021/v2021.9",
-            "releases/2021/v2021.8",
-            "releases/2021/v2021.7",
-            "releases/2021/v2021.6",
-            "releases/2021/v2021.5",
-            "releases/2021/v2021.4",
-            "releases/2021/v2021.3",
-            "releases/2021/v2021.2",
-            "releases/2021/v2021.1",
-            "releases/old/v0.14",
-            "releases/old/v0.13",
-            "releases/old/v0.12",
-            "releases/old/v0.11",
-            "releases/old/v0.10",
-            "releases/old/v0.9",
-        ],
-    },
-];
-
-export default {
-    docs: [
-        {
-            type: "html",
-            value: generateVersionDropdown(releases),
-        },
-        {
-            type: "doc",
-            id: "index",
-        },
-        {
-            type: "category",
-            label: "Core Concepts",
-            collapsed: true,
-            items: ["core/terminology", "core/architecture"],
-        },
-        {
-            type: "category",
-            label: "Enterprise",
-            collapsed: true,
-            link: {
-                type: "doc",
-                id: "enterprise/index",
-            },
-            items: [
-                "enterprise/get-started",
-                "enterprise/manage-enterprise",
-                "enterprise/entsupport",
-            ],
-        },
-        {
-            type: "category",
-            label: "Installation and Configuration ",
-            collapsed: true,
-            link: {
-                type: "doc",
-                id: "install-config/index",
-            },
-            items: [
-                {
-                    type: "category",
-                    label: "Installation",
-                    collapsed: true,
-                    items: [
-                        "install-config/install/docker-compose",
-                        "install-config/install/kubernetes",
-                        "install-config/install/aws",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Configuration",
-                    link: {
-                        type: "doc",
-                        id: "install-config/configuration/configuration",
-                    },
-                    items: [],
-                },
-                "install-config/upgrade",
-                "install-config/beta",
-                "install-config/reverse-proxy",
-                "install-config/automated-install",
-                "install-config/air-gapped",
-            ],
-        },
-        {
-            type: "category",
-            label: "Add and Secure Applications",
-            collapsed: true,
-            items: [
-                {
-                    type: "category",
-                    label: "Applications",
-                    link: {
-                        type: "doc",
-                        id: "add-secure-apps/applications/index",
-                    },
-                    items: ["add-secure-apps/applications/manage_apps"],
-                },
-                {
-                    type: "category",
-                    label: "Providers",
-                    link: {
-                        type: "doc",
-                        id: "add-secure-apps/providers/index",
-                    },
-                    items: [
-                        {
-                            type: "category",
-                            label: "Property Mappings",
-                            link: {
-                                type: "doc",
-                                id: "add-secure-apps/providers/property-mappings/index",
-                            },
-                            items: ["add-secure-apps/providers/property-mappings/expression"],
-                        },
-                        {
-                            type: "category",
-                            label: "Google Workspace Provider",
-                            link: {
-                                type: "doc",
-                                id: "add-secure-apps/providers/gws/index",
-                            },
-                            items: [
-                                "add-secure-apps/providers/gws/setup-gws",
-                                "add-secure-apps/providers/gws/add-gws-provider",
-                            ],
-                        },
-                        {
-                            type: "category",
-                            label: "LDAP Provider",
-                            link: {
-                                type: "doc",
-                                id: "add-secure-apps/providers/ldap/index",
-                            },
-                            items: ["add-secure-apps/providers/ldap/generic_setup"],
-                        },
-                        {
-                            type: "category",
-                            label: "Microsoft Entra ID Provider",
-                            link: {
-                                type: "doc",
-                                id: "add-secure-apps/providers/entra/index",
-                            },
-                            items: [
-                                "add-secure-apps/providers/entra/setup-entra",
-                                "add-secure-apps/providers/entra/add-entra-provider",
-                            ],
-                        },
-                        {
-                            type: "category",
-                            label: "OAuth2 Provider",
-                            link: {
-                                type: "doc",
-                                id: "add-secure-apps/providers/oauth2/index",
-                            },
-                            items: [
-                                "add-secure-apps/providers/oauth2/create-oauth2-provider",
-                                "add-secure-apps/providers/oauth2/client_credentials",
-                                "add-secure-apps/providers/oauth2/device_code",
-                                "add-secure-apps/providers/oauth2/github-compatibility",
-                                "add-secure-apps/providers/oauth2/webfinger_support",
-                            ],
-                        },
-                        {
-                            type: "category",
-                            label: "Proxy Provider",
-                            link: {
-                                type: "doc",
-                                id: "add-secure-apps/providers/proxy/index",
-                            },
-                            items: [
-                                "add-secure-apps/providers/proxy/custom_headers",
-                                "add-secure-apps/providers/proxy/header_authentication",
-                                {
-                                    type: "category",
-                                    label: "Forward authentication",
-                                    link: {
-                                        type: "doc",
-                                        id: "add-secure-apps/providers/proxy/forward_auth",
-                                    },
-                                    items: [
-                                        "add-secure-apps/providers/proxy/server_nginx",
-                                        "add-secure-apps/providers/proxy/server_traefik",
-                                        "add-secure-apps/providers/proxy/server_envoy",
-                                        "add-secure-apps/providers/proxy/server_caddy",
-                                    ],
-                                },
-                            ],
-                        },
-                        {
-                            type: "category",
-                            label: "RAC (Remote Access Control) Provider",
-                            link: {
-                                type: "doc",
-                                id: "add-secure-apps/providers/rac/index",
-                            },
-                            items: ["add-secure-apps/providers/rac/how-to-rac"],
-                        },
-                        "add-secure-apps/providers/radius/index",
-                        "add-secure-apps/providers/saml/index",
-                        "add-secure-apps/providers/scim/index",
-                        {
-                            type: "category",
-                            label: "SSF Provider",
-                            link: {
-                                type: "doc",
-                                id: "add-secure-apps/providers/ssf/index",
-                            },
-                            items: ["add-secure-apps/providers/ssf/create-ssf-provider"],
-                        },
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Flows and Stages",
-                    collapsed: true,
-                    items: [
-                        {
-                            type: "category",
-                            label: "Flows",
-                            link: {
-                                type: "doc",
-                                id: "add-secure-apps/flows-stages/flow/index",
-                            },
-                            items: [
-                                "add-secure-apps/flows-stages/flow/inspector",
-                                "add-secure-apps/flows-stages/flow/context/index",
-                                {
-                                    type: "category",
-                                    label: "Defaults and Examples",
-                                    items: [
-                                        "add-secure-apps/flows-stages/flow/examples/flows",
-                                        "add-secure-apps/flows-stages/flow/examples/default_flows",
-                                        "add-secure-apps/flows-stages/flow/examples/snippets",
-                                    ],
-                                },
-                                {
-                                    type: "category",
-                                    label: "Executors",
-                                    items: [
-                                        "add-secure-apps/flows-stages/flow/executors/if-flow",
-                                        "add-secure-apps/flows-stages/flow/executors/sfe",
-                                        "add-secure-apps/flows-stages/flow/executors/user-settings",
-                                        "add-secure-apps/flows-stages/flow/executors/headless",
-                                    ],
-                                },
-                            ],
-                        },
-                        {
-                            type: "category",
-                            label: "Stages",
-                            link: {
-                                type: "doc",
-                                id: "add-secure-apps/flows-stages/stages/index",
-                            },
-                            items: [
-                                "add-secure-apps/flows-stages/stages/authenticator_duo/index",
-                                "add-secure-apps/flows-stages/stages/authenticator_endpoint_gdtc/index",
-                                "add-secure-apps/flows-stages/stages/authenticator_email/index",
-                                "add-secure-apps/flows-stages/stages/authenticator_sms/index",
-                                "add-secure-apps/flows-stages/stages/authenticator_static/index",
-                                "add-secure-apps/flows-stages/stages/authenticator_totp/index",
-                                "add-secure-apps/flows-stages/stages/authenticator_webauthn/index",
-                                "add-secure-apps/flows-stages/stages/authenticator_validate/index",
-                                "add-secure-apps/flows-stages/stages/captcha/index",
-                                "add-secure-apps/flows-stages/stages/deny",
-                                "add-secure-apps/flows-stages/stages/email/index",
-                                "add-secure-apps/flows-stages/stages/identification/index",
-                                "add-secure-apps/flows-stages/stages/invitation/index",
-                                "add-secure-apps/flows-stages/stages/password/index",
-                                "add-secure-apps/flows-stages/stages/prompt/index",
-                                "add-secure-apps/flows-stages/stages/redirect/index",
-                                "add-secure-apps/flows-stages/stages/source/index",
-                                "add-secure-apps/flows-stages/stages/user_delete",
-                                "add-secure-apps/flows-stages/stages/user_login/index",
-                                "add-secure-apps/flows-stages/stages/user_logout",
-                                "add-secure-apps/flows-stages/stages/user_write",
-                            ],
-                        },
-                        {
-                            type: "category",
-                            label: "Bindings",
-                            link: {
-                                type: "doc",
-                                id: "add-secure-apps/flows-stages/bindings/index",
-                            },
-                            items: ["add-secure-apps/flows-stages/bindings/work_with_bindings"],
-                        },
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Outposts",
-                    link: {
-                        type: "doc",
-                        id: "add-secure-apps/outposts/index",
-                    },
-                    items: [
-                        "add-secure-apps/outposts/embedded/embedded",
-                        {
-                            type: "category",
-                            label: "Integrations",
-                            items: [
-                                "add-secure-apps/outposts/integrations/docker",
-                                "add-secure-apps/outposts/integrations/kubernetes",
-                            ],
-                        },
-                        {
-                            type: "category",
-                            label: "Running and upgrading",
-                            items: [
-                                "add-secure-apps/outposts/manual-deploy-docker-compose",
-                                "add-secure-apps/outposts/manual-deploy-kubernetes",
-                                "add-secure-apps/outposts/upgrading",
-                            ],
-                        },
-                        "add-secure-apps/outposts/manual-deploy-docker-compose",
-                        "add-secure-apps/outposts/manual-deploy-kubernetes",
-                    ],
-                },
-            ],
-        },
-        {
-            type: "category",
-            label: "Customize your instance",
-            collapsed: true,
-            link: {
-                type: "doc",
-                id: "customize/index",
-            },
-            items: [
-                {
-                    type: "category",
-                    label: "Policies",
-                    collapsed: true,
-                    link: {
-                        type: "doc",
-                        id: "customize/policies/index",
-                    },
-                    items: [
-                        "customize/policies/working_with_policies",
-                        {
-                            type: "category",
-                            label: "Expression Policies",
-                            link: {
-                                type: "doc",
-                                id: "customize/policies/expression",
-                            },
-                            items: [
-                                "customize/policies/expression/unique_email",
-                                "customize/policies/expression/whitelist_email",
-                                "customize/policies/expression/managing_flow_context_keys",
-                            ],
-                        },
-                        "customize/policies/unique_password",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Interfaces",
-                    items: [
-                        {
-                            type: "category",
-                            label: "Flow",
-                            items: ["customize/interfaces/flow/customization"],
-                        },
-                        {
-                            type: "category",
-                            label: "User",
-                            items: ["customize/interfaces/user/customization"],
-                        },
-                        {
-                            type: "category",
-                            label: "Admin",
-                            items: ["customize/interfaces/admin/customization"],
-                        },
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Blueprints",
-                    link: {
-                        type: "doc",
-                        id: "customize/blueprints/index",
-                    },
-                    items: [
-                        "customize/blueprints/export",
-                        "customize/blueprints/v1/structure",
-                        "customize/blueprints/v1/tags",
-                        "customize/blueprints/v1/example",
-                        {
-                            type: "category",
-                            label: "Models",
-                            link: {
-                                type: "doc",
-                                id: "customize/blueprints/v1/models",
-                            },
-                            items: ["customize/blueprints/v1/meta"],
-                        },
-                    ],
-                },
-                "customize/branding",
-            ],
-        },
-        {
-            type: "category",
-            label: "Manage Users and Sources",
-            collapsed: true,
-            items: [
-                {
-                    type: "category",
-                    label: "Users",
-                    link: {
-                        type: "doc",
-                        id: "users-sources/user/index",
-                    },
-                    items: [
-                        "users-sources/user/user_basic_operations",
-                        "users-sources/user/user_ref",
-                        "users-sources/user/invitations",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Groups",
-                    link: {
-                        type: "doc",
-                        id: "users-sources/groups/index",
-                    },
-                    items: ["users-sources/groups/manage_groups", "users-sources/groups/group_ref"],
-                },
-                {
-                    type: "category",
-                    label: "Roles",
-                    link: {
-                        type: "doc",
-                        id: "users-sources/roles/index",
-                    },
-                    items: ["users-sources/roles/manage_roles"],
-                },
-                {
-                    type: "category",
-                    label: "Access Control",
-                    link: {
-                        type: "doc",
-                        id: "users-sources/access-control/index",
-                    },
-                    items: [
-                        "users-sources/access-control/permissions",
-                        "users-sources/access-control/manage_permissions",
-                        "users-sources/access-control/initial_permissions",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Federated and Social Sources",
-                    collapsed: true,
-                    link: {
-                        type: "doc",
-                        id: "users-sources/sources/index",
-                    },
-                    items: [
-                        {
-                            type: "category",
-                            label: "Protocols",
-                            collapsed: true,
-                            items: [
-                                {
-                                    type: "category",
-                                    label: "Kerberos",
-                                    link: {
-                                        type: "doc",
-                                        id: "users-sources/sources/protocols/kerberos/index",
-                                    },
-                                    items: ["users-sources/sources/protocols/kerberos/browser"],
-                                },
-                                "users-sources/sources/protocols/ldap/index",
-                                "users-sources/sources/protocols/oauth/index",
-                                "users-sources/sources/protocols/saml/index",
-                                "users-sources/sources/protocols/scim/index",
-                            ],
-                        },
-                        {
-                            type: "category",
-                            label: "Source Property Mappings",
-                            link: {
-                                type: "doc",
-                                id: "users-sources/sources/property-mappings/index",
-                            },
-                            items: ["users-sources/sources/property-mappings/expressions"],
-                        },
-                        {
-                            type: "category",
-                            label: "Directory synchronization",
-                            items: [
-                                "users-sources/sources/directory-sync/active-directory/index",
-                                "users-sources/sources/directory-sync/freeipa/index",
-                            ],
-                        },
-                        {
-                            type: "category",
-                            label: "Identity Providers",
-                            link: {
-                                type: "doc",
-                                id: "users-sources/sources/social-logins/index",
-                            },
-                            items: [
-                                "users-sources/sources/social-logins/apple/index",
-                                "users-sources/sources/social-logins/azure-ad/index",
-                                "users-sources/sources/social-logins/discord/index",
-                                "users-sources/sources/social-logins/facebook/index",
-                                "users-sources/sources/social-logins/github/index",
-                                {
-                                    type: "category",
-                                    label: "Google",
-                                    link: {
-                                        type: "doc",
-                                        id: "users-sources/sources/social-logins/google/index",
-                                    },
-                                    items: [
-                                        "users-sources/sources/social-logins/google/cloud/index",
-                                        "users-sources/sources/social-logins/google/workspace/index",
-                                    ],
-                                },
-                                "users-sources/sources/social-logins/mailcow/index",
-                                "users-sources/sources/social-logins/twitch/index",
-                                "users-sources/sources/social-logins/plex/index",
-                                "users-sources/sources/social-logins/twitter/index",
-                            ],
-                        },
-                    ],
-                },
-            ],
-        },
-        {
-            type: "category",
-            label: "System Management",
-            collapsed: true,
-            items: [
-                "sys-mgmt/brands",
-                {
-                    type: "category",
-                    label: "Operations",
-                    collapsed: true,
-                    items: [
-                        "sys-mgmt/ops/monitoring",
-                        "sys-mgmt/ops/storage-s3",
-                        "sys-mgmt/ops/geoip",
-                        "sys-mgmt/ops/backup-restore",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Events",
-                    collapsed: true,
-                    link: {
-                        type: "doc",
-                        id: "sys-mgmt/events/index",
-                    },
-                    items: ["sys-mgmt/events/notifications", "sys-mgmt/events/transports"],
-                },
-                "sys-mgmt/certificates",
-                "sys-mgmt/settings",
-                "sys-mgmt/service-accounts",
-            ],
-        },
-        {
-            type: "category",
-            label: "Developer Documentation",
-            collapsed: true,
-            link: {
-                type: "doc",
-                id: "developer-docs/index",
-            },
-            items: [
-                {
-                    type: "category",
-                    label: "Development environment",
-                    items: [
-                        "developer-docs/setup/full-dev-environment",
-                        "developer-docs/setup/frontend-dev-environment",
-                        "developer-docs/setup/website-dev-environment",
-                        "developer-docs/setup/debugging",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "API",
-                    link: {
-                        type: "doc",
-                        id: "developer-docs/api/api",
-                    },
-                    items: [
-                        "developer-docs/api/flow-executor",
-                        "developer-docs/api/making-schema-changes",
-                        "developer-docs/api/websocket",
-                        {
-                            type: "category",
-                            label: "Reference",
-                            items: apiReference,
-                        },
-                        "developer-docs/api/clients",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Writing documentation",
-                    link: {
-                        type: "doc",
-                        id: "developer-docs/docs/writing-documentation",
-                    },
-                    items: [
-                        "developer-docs/docs/style-guide",
-                        {
-                            type: "category",
-                            label: "Templates",
-                            link: {
-                                type: "doc",
-                                id: "developer-docs/docs/templates/index",
-                            },
-                            items: [
-                                "developer-docs/docs/templates/procedural",
-                                "developer-docs/docs/templates/conceptual",
-                                "developer-docs/docs/templates/reference",
-                                "developer-docs/docs/templates/combo",
-                            ],
-                        },
-                    ],
-                },
-                {
-                    type: "doc",
-                    id: "developer-docs/releases/index",
-                },
-                "developer-docs/translation",
-            ],
-        },
-        {
-            type: "category",
-            label: "Security",
-            collapsed: true,
-            link: {
-                type: "generated-index",
-                title: "Security",
-                slug: "security",
-            },
-            items: [
-                "security/policy",
-                "security/security-hardening",
-                {
-                    type: "category",
-                    label: "Audits and Certificates",
-                    items: [
-                        "security/audits-and-certs/2023-06-cure53",
-                        "security/audits-and-certs/2024-11-cobalt",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "CVEs",
-                    items: [
-                        {
-                            type: "category",
-                            label: "2025",
-                            items: ["security/cves/CVE-2025-29928"],
-                        },
-                        {
-                            type: "category",
-                            label: "2024",
-                            items: [
-                                "security/cves/CVE-2024-52307",
-                                "security/cves/CVE-2024-52289",
-                                "security/cves/CVE-2024-52287",
-                                "security/cves/CVE-2024-47077",
-                                "security/cves/CVE-2024-47070",
-                                "security/cves/CVE-2024-42490",
-                                "security/cves/CVE-2024-38371",
-                                "security/cves/CVE-2024-37905",
-                                "security/cves/CVE-2024-23647",
-                                "security/cves/CVE-2024-21637",
-                            ],
-                        },
-                        {
-                            type: "category",
-                            label: "2023",
-                            items: [
-                                "security/cves/CVE-2023-48228",
-                                "security/cves/GHSA-rjvp-29xq-f62w",
-                                "security/cves/CVE-2023-39522",
-                                "security/cves/CVE-2023-36456",
-                                "security/cves/CVE-2023-26481",
-                            ],
-                        },
-                        {
-                            type: "category",
-                            label: "2022",
-                            items: [
-                                "security/cves/CVE-2022-46172",
-                                "security/cves/CVE-2022-46145",
-                                "security/cves/CVE-2022-23555",
-                            ],
-                        },
-                    ],
-                },
-            ],
-        },
-        {
-            type: "category",
-            label: "Troubleshooting",
-            link: {
-                type: "generated-index",
-                title: "Troubleshooting",
-                slug: "troubleshooting",
-                description: "Troubleshooting various issues",
-            },
-            items: [
-                {
-                    type: "category",
-                    label: "Forward auth",
-                    items: ["troubleshooting/forward_auth/general"],
-                    link: {
-                        type: "generated-index",
-                        title: "Forward auth troubleshooting",
-                        slug: "troubleshooting/forward_auth",
-                        description:
-                            "Steps to help debug forward auth setups with various reverse proxies.",
-                    },
-                },
-                {
-                    type: "category",
-                    label: "PostgreSQL",
-                    items: [
-                        "troubleshooting/postgres/upgrade_kubernetes",
-                        "troubleshooting/postgres/upgrade_docker",
-                    ],
-                },
-                "troubleshooting/access",
-                "troubleshooting/login",
-                "troubleshooting/logs",
-                "troubleshooting/image_upload",
-                "troubleshooting/missing_permission",
-                "troubleshooting/missing_admin_group",
-                "troubleshooting/csrf",
-                "troubleshooting/emails",
-                "troubleshooting/ldap_source",
-            ],
-        },
-        {
-            type: "category",
-            label: "Release Notes",
-            link: {
-                type: "generated-index",
-                title: "Releases",
-                slug: "releases",
-                description: "Release Notes for recent authentik versions",
-            },
-            items: releases,
-        },
-    ],
-};
diff --git a/website/sidebars/docs.mjs b/website/sidebars/docs.mjs
new file mode 100644
index 000000000000..f6777c88efb4
--- /dev/null
+++ b/website/sidebars/docs.mjs
@@ -0,0 +1,810 @@
+/**
+ * @file Sidebar configuration for documentation entries.
+ *
+ * @import { SidebarItemConfig } from "@docusaurus/plugin-content-docs-types"
+ */
+import apiReference from "../docs/developer-docs/api/reference/sidebar";
+import { generateVersionDropdown } from "../src/utils.js";
+
+/**
+ * @type {SidebarItemConfig[]}
+ */
+const releases = [
+    "releases/2025/v2025.4",
+    "releases/2025/v2025.2",
+    "releases/2024/v2024.12",
+    {
+        type: "category",
+        label: "Previous versions",
+        items: [
+            "releases/2024/v2024.10",
+            "releases/2024/v2024.8",
+            "releases/2024/v2024.6",
+            "releases/2024/v2024.4",
+            "releases/2024/v2024.2",
+            "releases/2023/v2023.10",
+            "releases/2023/v2023.8",
+            "releases/2023/v2023.6",
+            "releases/2023/v2023.5",
+            "releases/2023/v2023.4",
+            "releases/2023/v2023.3",
+            "releases/2023/v2023.2",
+            "releases/2023/v2023.1",
+            "releases/2022/v2022.12",
+            "releases/2022/v2022.11",
+            "releases/2022/v2022.10",
+            "releases/2022/v2022.9",
+            "releases/2022/v2022.8",
+            "releases/2022/v2022.7",
+            "releases/2022/v2022.6",
+            "releases/2022/v2022.5",
+            "releases/2022/v2022.4",
+            "releases/2022/v2022.2",
+            "releases/2022/v2022.1",
+            "releases/2021/v2021.12",
+            "releases/2021/v2021.10",
+            "releases/2021/v2021.9",
+            "releases/2021/v2021.8",
+            "releases/2021/v2021.7",
+            "releases/2021/v2021.6",
+            "releases/2021/v2021.5",
+            "releases/2021/v2021.4",
+            "releases/2021/v2021.3",
+            "releases/2021/v2021.2",
+            "releases/2021/v2021.1",
+            "releases/old/v0.14",
+            "releases/old/v0.13",
+            "releases/old/v0.12",
+            "releases/old/v0.11",
+            "releases/old/v0.10",
+            "releases/old/v0.9",
+        ],
+    },
+];
+
+/**
+ * @type {SidebarItemConfig[]}
+ */
+const items = [
+    {
+        type: "html",
+        value: generateVersionDropdown(releases),
+    },
+    {
+        type: "doc",
+        id: "index",
+    },
+    {
+        type: "category",
+        label: "Core Concepts",
+        collapsed: true,
+        items: ["core/terminology", "core/architecture"],
+    },
+    {
+        type: "category",
+        label: "Enterprise",
+        collapsed: true,
+        link: {
+            type: "doc",
+            id: "enterprise/index",
+        },
+        items: ["enterprise/get-started", "enterprise/manage-enterprise", "enterprise/entsupport"],
+    },
+    {
+        type: "category",
+        label: "Installation and Configuration ",
+        collapsed: true,
+        link: {
+            type: "doc",
+            id: "install-config/index",
+        },
+        items: [
+            {
+                type: "category",
+                label: "Installation",
+                collapsed: true,
+                items: [
+                    "install-config/install/docker-compose",
+                    "install-config/install/kubernetes",
+                    "install-config/install/aws",
+                ],
+            },
+            {
+                type: "category",
+                label: "Configuration",
+                link: {
+                    type: "doc",
+                    id: "install-config/configuration/configuration",
+                },
+                items: [],
+            },
+            "install-config/upgrade",
+            "install-config/beta",
+            "install-config/reverse-proxy",
+            "install-config/automated-install",
+            "install-config/air-gapped",
+        ],
+    },
+    {
+        type: "category",
+        label: "Add and Secure Applications",
+        collapsed: true,
+        items: [
+            {
+                type: "category",
+                label: "Applications",
+                link: {
+                    type: "doc",
+                    id: "add-secure-apps/applications/index",
+                },
+                items: ["add-secure-apps/applications/manage_apps"],
+            },
+            {
+                type: "category",
+                label: "Providers",
+                link: {
+                    type: "doc",
+                    id: "add-secure-apps/providers/index",
+                },
+                items: [
+                    {
+                        type: "category",
+                        label: "Property Mappings",
+                        link: {
+                            type: "doc",
+                            id: "add-secure-apps/providers/property-mappings/index",
+                        },
+                        items: ["add-secure-apps/providers/property-mappings/expression"],
+                    },
+                    {
+                        type: "category",
+                        label: "Google Workspace Provider",
+                        link: {
+                            type: "doc",
+                            id: "add-secure-apps/providers/gws/index",
+                        },
+                        items: [
+                            "add-secure-apps/providers/gws/setup-gws",
+                            "add-secure-apps/providers/gws/add-gws-provider",
+                        ],
+                    },
+                    {
+                        type: "category",
+                        label: "LDAP Provider",
+                        link: {
+                            type: "doc",
+                            id: "add-secure-apps/providers/ldap/index",
+                        },
+                        items: ["add-secure-apps/providers/ldap/generic_setup"],
+                    },
+                    {
+                        type: "category",
+                        label: "Microsoft Entra ID Provider",
+                        link: {
+                            type: "doc",
+                            id: "add-secure-apps/providers/entra/index",
+                        },
+                        items: [
+                            "add-secure-apps/providers/entra/setup-entra",
+                            "add-secure-apps/providers/entra/add-entra-provider",
+                        ],
+                    },
+                    {
+                        type: "category",
+                        label: "OAuth2 Provider",
+                        link: {
+                            type: "doc",
+                            id: "add-secure-apps/providers/oauth2/index",
+                        },
+                        items: [
+                            "add-secure-apps/providers/oauth2/create-oauth2-provider",
+                            "add-secure-apps/providers/oauth2/client_credentials",
+                            "add-secure-apps/providers/oauth2/device_code",
+                            "add-secure-apps/providers/oauth2/github-compatibility",
+                            "add-secure-apps/providers/oauth2/webfinger_support",
+                        ],
+                    },
+                    {
+                        type: "category",
+                        label: "Proxy Provider",
+                        link: {
+                            type: "doc",
+                            id: "add-secure-apps/providers/proxy/index",
+                        },
+                        items: [
+                            "add-secure-apps/providers/proxy/custom_headers",
+                            "add-secure-apps/providers/proxy/header_authentication",
+                            {
+                                type: "category",
+                                label: "Forward authentication",
+                                link: {
+                                    type: "doc",
+                                    id: "add-secure-apps/providers/proxy/forward_auth",
+                                },
+                                items: [
+                                    "add-secure-apps/providers/proxy/server_nginx",
+                                    "add-secure-apps/providers/proxy/server_traefik",
+                                    "add-secure-apps/providers/proxy/server_envoy",
+                                    "add-secure-apps/providers/proxy/server_caddy",
+                                ],
+                            },
+                        ],
+                    },
+                    {
+                        type: "category",
+                        label: "RAC (Remote Access Control) Provider",
+                        link: {
+                            type: "doc",
+                            id: "add-secure-apps/providers/rac/index",
+                        },
+                        items: ["add-secure-apps/providers/rac/how-to-rac"],
+                    },
+                    "add-secure-apps/providers/radius/index",
+                    "add-secure-apps/providers/saml/index",
+                    "add-secure-apps/providers/scim/index",
+                    {
+                        type: "category",
+                        label: "SSF Provider",
+                        link: {
+                            type: "doc",
+                            id: "add-secure-apps/providers/ssf/index",
+                        },
+                        items: ["add-secure-apps/providers/ssf/create-ssf-provider"],
+                    },
+                ],
+            },
+            {
+                type: "category",
+                label: "Flows and Stages",
+                collapsed: true,
+                items: [
+                    {
+                        type: "category",
+                        label: "Flows",
+                        link: {
+                            type: "doc",
+                            id: "add-secure-apps/flows-stages/flow/index",
+                        },
+                        items: [
+                            "add-secure-apps/flows-stages/flow/inspector",
+                            "add-secure-apps/flows-stages/flow/context/index",
+                            {
+                                type: "category",
+                                label: "Defaults and Examples",
+                                items: [
+                                    "add-secure-apps/flows-stages/flow/examples/flows",
+                                    "add-secure-apps/flows-stages/flow/examples/default_flows",
+                                    "add-secure-apps/flows-stages/flow/examples/snippets",
+                                ],
+                            },
+                            {
+                                type: "category",
+                                label: "Executors",
+                                items: [
+                                    "add-secure-apps/flows-stages/flow/executors/if-flow",
+                                    "add-secure-apps/flows-stages/flow/executors/sfe",
+                                    "add-secure-apps/flows-stages/flow/executors/user-settings",
+                                    "add-secure-apps/flows-stages/flow/executors/headless",
+                                ],
+                            },
+                        ],
+                    },
+                    {
+                        type: "category",
+                        label: "Stages",
+                        link: {
+                            type: "doc",
+                            id: "add-secure-apps/flows-stages/stages/index",
+                        },
+                        items: [
+                            "add-secure-apps/flows-stages/stages/authenticator_duo/index",
+                            "add-secure-apps/flows-stages/stages/authenticator_endpoint_gdtc/index",
+                            "add-secure-apps/flows-stages/stages/authenticator_email/index",
+                            "add-secure-apps/flows-stages/stages/authenticator_sms/index",
+                            "add-secure-apps/flows-stages/stages/authenticator_static/index",
+                            "add-secure-apps/flows-stages/stages/authenticator_totp/index",
+                            "add-secure-apps/flows-stages/stages/authenticator_webauthn/index",
+                            "add-secure-apps/flows-stages/stages/authenticator_validate/index",
+                            "add-secure-apps/flows-stages/stages/captcha/index",
+                            "add-secure-apps/flows-stages/stages/deny",
+                            "add-secure-apps/flows-stages/stages/email/index",
+                            "add-secure-apps/flows-stages/stages/identification/index",
+                            "add-secure-apps/flows-stages/stages/invitation/index",
+                            "add-secure-apps/flows-stages/stages/password/index",
+                            "add-secure-apps/flows-stages/stages/prompt/index",
+                            "add-secure-apps/flows-stages/stages/redirect/index",
+                            "add-secure-apps/flows-stages/stages/source/index",
+                            "add-secure-apps/flows-stages/stages/user_delete",
+                            "add-secure-apps/flows-stages/stages/user_login/index",
+                            "add-secure-apps/flows-stages/stages/user_logout",
+                            "add-secure-apps/flows-stages/stages/user_write",
+                        ],
+                    },
+                    {
+                        type: "category",
+                        label: "Bindings",
+                        link: {
+                            type: "doc",
+                            id: "add-secure-apps/flows-stages/bindings/index",
+                        },
+                        items: ["add-secure-apps/flows-stages/bindings/work_with_bindings"],
+                    },
+                ],
+            },
+            {
+                type: "category",
+                label: "Outposts",
+                link: {
+                    type: "doc",
+                    id: "add-secure-apps/outposts/index",
+                },
+                items: [
+                    "add-secure-apps/outposts/embedded/embedded",
+                    {
+                        type: "category",
+                        label: "Integrations",
+                        items: [
+                            "add-secure-apps/outposts/integrations/docker",
+                            "add-secure-apps/outposts/integrations/kubernetes",
+                        ],
+                    },
+                    {
+                        type: "category",
+                        label: "Running and upgrading",
+                        items: [
+                            "add-secure-apps/outposts/manual-deploy-docker-compose",
+                            "add-secure-apps/outposts/manual-deploy-kubernetes",
+                            "add-secure-apps/outposts/upgrading",
+                        ],
+                    },
+                    "add-secure-apps/outposts/manual-deploy-docker-compose",
+                    "add-secure-apps/outposts/manual-deploy-kubernetes",
+                ],
+            },
+        ],
+    },
+    {
+        type: "category",
+        label: "Customize your instance",
+        collapsed: true,
+        link: {
+            type: "doc",
+            id: "customize/index",
+        },
+        items: [
+            {
+                type: "category",
+                label: "Policies",
+                collapsed: true,
+                link: {
+                    type: "doc",
+                    id: "customize/policies/index",
+                },
+                items: [
+                    "customize/policies/working_with_policies",
+                    {
+                        type: "category",
+                        label: "Expression Policies",
+                        link: {
+                            type: "doc",
+                            id: "customize/policies/expression",
+                        },
+                        items: [
+                            "customize/policies/expression/unique_email",
+                            "customize/policies/expression/whitelist_email",
+                            "customize/policies/expression/managing_flow_context_keys",
+                        ],
+                    },
+                    "customize/policies/unique_password",
+                ],
+            },
+            {
+                type: "category",
+                label: "Interfaces",
+                items: [
+                    {
+                        type: "category",
+                        label: "Flow",
+                        items: ["customize/interfaces/flow/customization"],
+                    },
+                    {
+                        type: "category",
+                        label: "User",
+                        items: ["customize/interfaces/user/customization"],
+                    },
+                    {
+                        type: "category",
+                        label: "Admin",
+                        items: ["customize/interfaces/admin/customization"],
+                    },
+                ],
+            },
+            {
+                type: "category",
+                label: "Blueprints",
+                link: {
+                    type: "doc",
+                    id: "customize/blueprints/index",
+                },
+                items: [
+                    "customize/blueprints/export",
+                    "customize/blueprints/v1/structure",
+                    "customize/blueprints/v1/tags",
+                    "customize/blueprints/v1/example",
+                    {
+                        type: "category",
+                        label: "Models",
+                        link: {
+                            type: "doc",
+                            id: "customize/blueprints/v1/models",
+                        },
+                        items: ["customize/blueprints/v1/meta"],
+                    },
+                ],
+            },
+            "customize/branding",
+        ],
+    },
+    {
+        type: "category",
+        label: "Manage Users and Sources",
+        collapsed: true,
+        items: [
+            {
+                type: "category",
+                label: "Users",
+                link: {
+                    type: "doc",
+                    id: "users-sources/user/index",
+                },
+                items: [
+                    "users-sources/user/user_basic_operations",
+                    "users-sources/user/user_ref",
+                    "users-sources/user/invitations",
+                ],
+            },
+            {
+                type: "category",
+                label: "Groups",
+                link: {
+                    type: "doc",
+                    id: "users-sources/groups/index",
+                },
+                items: ["users-sources/groups/manage_groups", "users-sources/groups/group_ref"],
+            },
+            {
+                type: "category",
+                label: "Roles",
+                link: {
+                    type: "doc",
+                    id: "users-sources/roles/index",
+                },
+                items: ["users-sources/roles/manage_roles"],
+            },
+            {
+                type: "category",
+                label: "Access Control",
+                link: {
+                    type: "doc",
+                    id: "users-sources/access-control/index",
+                },
+                items: [
+                    "users-sources/access-control/permissions",
+                    "users-sources/access-control/manage_permissions",
+                    "users-sources/access-control/initial_permissions",
+                ],
+            },
+            {
+                type: "category",
+                label: "Federated and Social Sources",
+                collapsed: true,
+                link: {
+                    type: "doc",
+                    id: "users-sources/sources/index",
+                },
+                items: [
+                    {
+                        type: "category",
+                        label: "Protocols",
+                        collapsed: true,
+                        items: [
+                            {
+                                type: "category",
+                                label: "Kerberos",
+                                link: {
+                                    type: "doc",
+                                    id: "users-sources/sources/protocols/kerberos/index",
+                                },
+                                items: ["users-sources/sources/protocols/kerberos/browser"],
+                            },
+                            "users-sources/sources/protocols/ldap/index",
+                            "users-sources/sources/protocols/oauth/index",
+                            "users-sources/sources/protocols/saml/index",
+                            "users-sources/sources/protocols/scim/index",
+                        ],
+                    },
+                    {
+                        type: "category",
+                        label: "Source Property Mappings",
+                        link: {
+                            type: "doc",
+                            id: "users-sources/sources/property-mappings/index",
+                        },
+                        items: ["users-sources/sources/property-mappings/expressions"],
+                    },
+                    {
+                        type: "category",
+                        label: "Directory synchronization",
+                        items: [
+                            "users-sources/sources/directory-sync/active-directory/index",
+                            "users-sources/sources/directory-sync/freeipa/index",
+                        ],
+                    },
+                    {
+                        type: "category",
+                        label: "Identity Providers",
+                        link: {
+                            type: "doc",
+                            id: "users-sources/sources/social-logins/index",
+                        },
+                        items: [
+                            "users-sources/sources/social-logins/apple/index",
+                            "users-sources/sources/social-logins/azure-ad/index",
+                            "users-sources/sources/social-logins/discord/index",
+                            "users-sources/sources/social-logins/facebook/index",
+                            "users-sources/sources/social-logins/github/index",
+                            {
+                                type: "category",
+                                label: "Google",
+                                link: {
+                                    type: "doc",
+                                    id: "users-sources/sources/social-logins/google/index",
+                                },
+                                items: [
+                                    "users-sources/sources/social-logins/google/cloud/index",
+                                    "users-sources/sources/social-logins/google/workspace/index",
+                                ],
+                            },
+                            "users-sources/sources/social-logins/mailcow/index",
+                            "users-sources/sources/social-logins/twitch/index",
+                            "users-sources/sources/social-logins/plex/index",
+                            "users-sources/sources/social-logins/twitter/index",
+                        ],
+                    },
+                ],
+            },
+        ],
+    },
+    {
+        type: "category",
+        label: "System Management",
+        collapsed: true,
+        items: [
+            "sys-mgmt/brands",
+            {
+                type: "category",
+                label: "Operations",
+                collapsed: true,
+                items: [
+                    "sys-mgmt/ops/monitoring",
+                    "sys-mgmt/ops/storage-s3",
+                    "sys-mgmt/ops/geoip",
+                    "sys-mgmt/ops/backup-restore",
+                ],
+            },
+            {
+                type: "category",
+                label: "Events",
+                collapsed: true,
+                link: {
+                    type: "doc",
+                    id: "sys-mgmt/events/index",
+                },
+                items: ["sys-mgmt/events/notifications", "sys-mgmt/events/transports"],
+            },
+            "sys-mgmt/certificates",
+            "sys-mgmt/settings",
+            "sys-mgmt/service-accounts",
+        ],
+    },
+    {
+        type: "category",
+        label: "Developer Documentation",
+        collapsed: true,
+        link: {
+            type: "doc",
+            id: "developer-docs/index",
+        },
+        items: [
+            {
+                type: "category",
+                label: "Development environment",
+                items: [
+                    "developer-docs/setup/full-dev-environment",
+                    "developer-docs/setup/frontend-dev-environment",
+                    "developer-docs/setup/website-dev-environment",
+                    "developer-docs/setup/debugging",
+                ],
+            },
+            {
+                type: "category",
+                label: "API",
+                link: {
+                    type: "doc",
+                    id: "developer-docs/api/api",
+                },
+                items: [
+                    "developer-docs/api/flow-executor",
+                    "developer-docs/api/making-schema-changes",
+                    "developer-docs/api/websocket",
+                    {
+                        type: "category",
+                        label: "Reference",
+                        items: apiReference,
+                    },
+                    "developer-docs/api/clients",
+                ],
+            },
+            {
+                type: "category",
+                label: "Writing documentation",
+                link: {
+                    type: "doc",
+                    id: "developer-docs/docs/writing-documentation",
+                },
+                items: [
+                    "developer-docs/docs/style-guide",
+                    {
+                        type: "category",
+                        label: "Templates",
+                        link: {
+                            type: "doc",
+                            id: "developer-docs/docs/templates/index",
+                        },
+                        items: [
+                            "developer-docs/docs/templates/procedural",
+                            "developer-docs/docs/templates/conceptual",
+                            "developer-docs/docs/templates/reference",
+                            "developer-docs/docs/templates/combo",
+                        ],
+                    },
+                ],
+            },
+            {
+                type: "doc",
+                id: "developer-docs/releases/index",
+            },
+            "developer-docs/translation",
+        ],
+    },
+    {
+        type: "category",
+        label: "Security",
+        collapsed: true,
+        link: {
+            type: "generated-index",
+            title: "Security",
+            slug: "security",
+        },
+        items: [
+            "security/policy",
+            "security/security-hardening",
+            {
+                type: "category",
+                label: "Audits and Certificates",
+                items: [
+                    "security/audits-and-certs/2023-06-cure53",
+                    "security/audits-and-certs/2024-11-cobalt",
+                ],
+            },
+            {
+                type: "category",
+                label: "CVEs",
+                items: [
+                    {
+                        type: "category",
+                        label: "2025",
+                        items: ["security/cves/CVE-2025-29928"],
+                    },
+                    {
+                        type: "category",
+                        label: "2024",
+                        items: [
+                            "security/cves/CVE-2024-52307",
+                            "security/cves/CVE-2024-52289",
+                            "security/cves/CVE-2024-52287",
+                            "security/cves/CVE-2024-47077",
+                            "security/cves/CVE-2024-47070",
+                            "security/cves/CVE-2024-42490",
+                            "security/cves/CVE-2024-38371",
+                            "security/cves/CVE-2024-37905",
+                            "security/cves/CVE-2024-23647",
+                            "security/cves/CVE-2024-21637",
+                        ],
+                    },
+                    {
+                        type: "category",
+                        label: "2023",
+                        items: [
+                            "security/cves/CVE-2023-48228",
+                            "security/cves/GHSA-rjvp-29xq-f62w",
+                            "security/cves/CVE-2023-39522",
+                            "security/cves/CVE-2023-36456",
+                            "security/cves/CVE-2023-26481",
+                        ],
+                    },
+                    {
+                        type: "category",
+                        label: "2022",
+                        items: [
+                            "security/cves/CVE-2022-46172",
+                            "security/cves/CVE-2022-46145",
+                            "security/cves/CVE-2022-23555",
+                        ],
+                    },
+                ],
+            },
+        ],
+    },
+    {
+        type: "category",
+        label: "Troubleshooting",
+        link: {
+            type: "generated-index",
+            title: "Troubleshooting",
+            slug: "troubleshooting",
+            description: "Troubleshooting various issues",
+        },
+        items: [
+            {
+                type: "category",
+                label: "Forward auth",
+                items: ["troubleshooting/forward_auth/general"],
+                link: {
+                    type: "generated-index",
+                    title: "Forward auth troubleshooting",
+                    slug: "troubleshooting/forward_auth",
+                    description:
+                        "Steps to help debug forward auth setups with various reverse proxies.",
+                },
+            },
+            {
+                type: "category",
+                label: "PostgreSQL",
+                items: [
+                    "troubleshooting/postgres/upgrade_kubernetes",
+                    "troubleshooting/postgres/upgrade_docker",
+                ],
+            },
+            "troubleshooting/access",
+            "troubleshooting/login",
+            "troubleshooting/logs",
+            "troubleshooting/image_upload",
+            "troubleshooting/missing_permission",
+            "troubleshooting/missing_admin_group",
+            "troubleshooting/csrf",
+            "troubleshooting/emails",
+            "troubleshooting/ldap_source",
+        ],
+    },
+    {
+        type: "category",
+        label: "Release Notes",
+        link: {
+            type: "generated-index",
+            title: "Releases",
+            slug: "releases",
+            description: "Release Notes for recent authentik versions",
+        },
+        items: releases,
+    },
+];
+
+/**
+ * @type {SidebarItemConfig}
+ */
+const sidebar = {
+    docs: items,
+};
+
+export default sidebar;
diff --git a/website/sidebars/integrations.mjs b/website/sidebars/integrations.mjs
new file mode 100644
index 000000000000..6eed36ef2a1e
--- /dev/null
+++ b/website/sidebars/integrations.mjs
@@ -0,0 +1,221 @@
+/**
+ * @file Sidebar configuration for the authentik integrations.
+ *
+ * @import { SidebarItemConfig } from "@docusaurus/plugin-content-docs-types"
+ */
+
+/**
+ * @type {SidebarItemConfig[]}
+ */
+const items = [
+    {
+        type: "category",
+        label: "Device Management",
+        items: ["services/apple/index", "services/fleet/index"],
+    },
+    {
+        type: "category",
+        label: "Chat, Communication & Collaboration",
+        items: [
+            "services/bookstack/index",
+            "services/dokuwiki/index",
+            "services/espocrm/index",
+            "services/hedgedoc/index",
+            "services/kimai/index",
+            "services/mailcow/index",
+            "services/mastodon/index",
+            "services/matrix-synapse/index",
+            "services/mautic/index",
+            "services/mobilizon/index",
+            "services/nextcloud/index",
+            "services/onlyoffice/index",
+            "services/openproject/index",
+            "services/outline/index",
+            "services/owncloud/index",
+            "services/paperless-ng/index",
+            "services/paperless-ngx/index",
+            "services/rocketchat/index",
+            "services/roundcube/index",
+            "services/sharepoint-se/index",
+            "services/slack/index",
+            "services/thelounge/index",
+            "services/vikunja/index",
+            "services/wekan/index",
+            "services/wiki-js/index",
+            "services/writefreely/index",
+            "services/zulip/index",
+        ],
+    },
+    {
+        type: "category",
+        label: "Cloud Providers",
+        items: [
+            "services/aws/index",
+            "services/google/index",
+            "services/hashicorp-cloud/index",
+            "services/oracle-cloud/index",
+        ],
+    },
+    {
+        type: "category",
+        label: "Dashboards",
+        items: ["services/organizr/index", "services/linkwarden/index", "services/homarr/index"],
+    },
+    {
+        type: "category",
+        label: "Hypervisors / Orchestrators",
+        items: [
+            "services/portainer/index",
+            "services/proxmox-ve/index",
+            "services/rancher/index",
+            "services/xen-orchestra/index",
+            "services/vmware-vcenter/index",
+        ],
+    },
+    {
+        type: "category",
+        label: "Infrastructure",
+        items: [
+            "services/apache-guacamole/index",
+            "services/argocd/index",
+            "services/awx-tower/index",
+            "services/cloudflare-access/index",
+            "services/globalprotect/index",
+            "services/harbor/index",
+            "services/hashicorp-vault/index",
+            "services/jenkins/index",
+            "services/knocknoc/index",
+            "services/meshcentral/index",
+            "services/minio/index",
+            "services/netbox/index",
+            "services/omni/index",
+            "services/pgadmin/index",
+            "services/phpipam/index",
+            "services/plesk/index",
+            "services/powerdns-admin/index",
+            "services/proftpd/index",
+            "services/qnap-nas/index",
+            "services/rustdesk-pro/index",
+            "services/semgrep/index",
+            "services/synology-dsm/index",
+            "services/skyhigh/index",
+            "services/snipe-it/index",
+            "services/sssd/index",
+            "services/terrakube/index",
+            "services/truecommand/index",
+            "services/veeam-enterprise-manager/index",
+            "services/xcreds/index",
+            "services/zammad/index",
+        ],
+    },
+    {
+        type: "category",
+        label: "Networking",
+        items: [
+            "services/aruba-orchestrator/index",
+            "services/firezone/index",
+            "services/fortigate-admin/index",
+            "services/fortigate-ssl/index",
+            "services/fortimanager/index",
+            "services/gravity/index",
+            "services/netbird/index",
+            "services/opnsense/index",
+            "services/pfsense/index",
+        ],
+    },
+    {
+        type: "category",
+        label: "Miscellaneous",
+        items: [
+            "services/actual-budget/index",
+            "services/adventurelog/index",
+            "services/calibre-web/index",
+            "services/engomo/index",
+            "services/frappe/index",
+            "services/freshrss/index",
+            "services/gravitee/index",
+            "services/karakeep/index",
+            "services/home-assistant/index",
+            "services/immich/index",
+            "services/jellyfin/index",
+            "services/komga/index",
+            "services/mealie/index",
+            "services/miniflux/index",
+            "services/node-red/index",
+            "services/open-webui/index",
+            "services/semaphore/index",
+            "services/sonar-qube/index",
+            "services/sonarr/index",
+            "services/tandoor/index",
+            "services/tautulli/index",
+            "services/weblate/index",
+            "services/youtrack/index",
+            "services/zipline/index",
+        ],
+    },
+    {
+        type: "category",
+        label: "Monitoring",
+        items: [
+            "services/beszel/index",
+            "services/chronograf/index",
+            "services/gatus/index",
+            "services/glitchtip/index",
+            "services/grafana/index",
+            "services/observium/index",
+            "services/sentry/index",
+            "services/ubuntu-landscape/index",
+            "services/uptime-kuma/index",
+            "services/wazuh/index",
+            "services/zabbix/index",
+            "services/whats-up-docker/index",
+        ],
+    },
+    {
+        type: "category",
+        label: "Platforms",
+        items: [
+            "services/atlassian/index",
+            "services/budibase/index",
+            "services/drupal/index",
+            "services/pocketbase/index",
+            "services/wordpress/index",
+        ],
+    },
+    {
+        type: "category",
+        label: "Version Control Systems",
+        items: [
+            "services/gitea/index",
+            "services/github-organization/index",
+            "services/github-enterprise-cloud/index",
+            "services/github-enterprise-emu/index",
+            "services/github-enterprise-server/index",
+            "services/gitlab/index",
+        ],
+    },
+];
+
+/**
+ * @satisfies {SidebarItemConfig}
+ */
+const integrationsSidebar = {
+    integrations: [
+        {
+            type: "doc",
+            id: "index",
+        },
+        {
+            type: "category",
+            label: "Applications",
+            collapsed: false,
+            link: {
+                type: "doc",
+                id: "services/index",
+            },
+            items,
+        },
+    ],
+};
+
+export default integrationsSidebar;
diff --git a/website/test/sidebarIntegrations.mjs b/website/sidebars/integrations.test.mjs
similarity index 70%
rename from website/test/sidebarIntegrations.mjs
rename to website/sidebars/integrations.test.mjs
index 899e5ca308d8..d507e6a43718 100644
--- a/website/test/sidebarIntegrations.mjs
+++ b/website/sidebars/integrations.test.mjs
@@ -1,28 +1,48 @@
+/**
+ * @file Test suite for the sidebar configuration of the authentik integrations.
+ *
+ * @todo Enforce types.
+ */
 import FastGlob from "fast-glob";
 import assert from "node:assert";
 import test from "node:test";
 
-import sidebar from "../sidebarsIntegrations.js";
+import sidebar from "./integrations.mjs";
 
 const getSidebarItems = () => {
+    /**
+     * @type {any[]}
+     */
     const allItems = [];
+    /**
+     *
+     * @param {any} category
+     */
     const mapper = (category) => {
         if (!category.items) {
             return;
         }
-        category.items.forEach((item) => {
-            if (item.constructor === String) {
-                allItems.push(item);
-            } else {
-                mapper(item);
-            }
-        });
+
+        category.items.forEach(
+            /**
+             *
+             * @param {any} item
+             */
+            (item) => {
+                if (typeof item === "string") {
+                    allItems.push(item);
+                } else {
+                    mapper(item);
+                }
+            },
+        );
     };
+
     sidebar.integrations.forEach(mapper);
     return allItems.sort();
 };
 
-test("ensure all services have a sidebar entry", (t) => {
+test("ensure all services have a sidebar entry", (_t) => {
     // All services in the sidebar
     const services = getSidebarItems()
         .filter((entry) => entry.startsWith("services/"))
@@ -39,7 +59,7 @@ test("ensure all services have a sidebar entry", (t) => {
     });
 });
 
-test("ensure all sources have a sidebar entry", (t) => {
+test("ensure all sources have a sidebar entry", (_t) => {
     // All sources in the sidebar
     const sources = getSidebarItems()
         .filter((entry) => entry.startsWith("sources/"))
@@ -51,6 +71,7 @@ test("ensure all sources have a sidebar entry", (t) => {
         .map((entry) => entry.replace(/\/index\.mdx?/, ""))
         .map((entry) => entry.replace(".md", ""))
         .sort();
+
     sourceFiles.forEach((file, idx) => {
         assert.strictEqual(file, sources[idx]);
     });
diff --git a/website/sidebarsIntegrations.js b/website/sidebarsIntegrations.js
deleted file mode 100644
index ae83b03f4cdc..000000000000
--- a/website/sidebarsIntegrations.js
+++ /dev/null
@@ -1,209 +0,0 @@
-module.exports = {
-    integrations: [
-        {
-            type: "doc",
-            id: "index",
-        },
-        {
-            type: "category",
-            label: "Applications",
-            collapsed: false,
-            link: {
-                type: "doc",
-                id: "services/index",
-            },
-            items: [
-                {
-                    type: "category",
-                    label: "Device Management",
-                    items: ["services/apple/index", "services/fleet/index"],
-                },
-                {
-                    type: "category",
-                    label: "Chat, Communication & Collaboration",
-                    items: [
-                        "services/bookstack/index",
-                        "services/dokuwiki/index",
-                        "services/espocrm/index",
-                        "services/hedgedoc/index",
-                        "services/kimai/index",
-                        "services/mailcow/index",
-                        "services/mastodon/index",
-                        "services/matrix-synapse/index",
-                        "services/mautic/index",
-                        "services/mobilizon/index",
-                        "services/nextcloud/index",
-                        "services/onlyoffice/index",
-                        "services/openproject/index",
-                        "services/outline/index",
-                        "services/owncloud/index",
-                        "services/paperless-ng/index",
-                        "services/paperless-ngx/index",
-                        "services/rocketchat/index",
-                        "services/roundcube/index",
-                        "services/sharepoint-se/index",
-                        "services/slack/index",
-                        "services/thelounge/index",
-                        "services/vikunja/index",
-                        "services/wekan/index",
-                        "services/wiki-js/index",
-                        "services/writefreely/index",
-                        "services/zulip/index",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Cloud Providers",
-                    items: [
-                        "services/aws/index",
-                        "services/google/index",
-                        "services/hashicorp-cloud/index",
-                        "services/oracle-cloud/index",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Dashboards",
-                    items: [
-                        "services/organizr/index",
-                        "services/linkwarden/index",
-                        "services/homarr/index",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Hypervisors / Orchestrators",
-                    items: [
-                        "services/portainer/index",
-                        "services/proxmox-ve/index",
-                        "services/rancher/index",
-                        "services/xen-orchestra/index",
-                        "services/vmware-vcenter/index",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Infrastructure",
-                    items: [
-                        "services/apache-guacamole/index",
-                        "services/argocd/index",
-                        "services/awx-tower/index",
-                        "services/cloudflare-access/index",
-                        "services/globalprotect/index",
-                        "services/harbor/index",
-                        "services/hashicorp-vault/index",
-                        "services/jenkins/index",
-                        "services/knocknoc/index",
-                        "services/meshcentral/index",
-                        "services/minio/index",
-                        "services/netbox/index",
-                        "services/omni/index",
-                        "services/pgadmin/index",
-                        "services/phpipam/index",
-                        "services/plesk/index",
-                        "services/powerdns-admin/index",
-                        "services/proftpd/index",
-                        "services/qnap-nas/index",
-                        "services/rustdesk-pro/index",
-                        "services/semgrep/index",
-                        "services/synology-dsm/index",
-                        "services/skyhigh/index",
-                        "services/snipe-it/index",
-                        "services/sssd/index",
-                        "services/terrakube/index",
-                        "services/truecommand/index",
-                        "services/veeam-enterprise-manager/index",
-                        "services/xcreds/index",
-                        "services/zammad/index",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Networking",
-                    items: [
-                        "services/aruba-orchestrator/index",
-                        "services/firezone/index",
-                        "services/fortigate-admin/index",
-                        "services/fortigate-ssl/index",
-                        "services/fortimanager/index",
-                        "services/gravity/index",
-                        "services/netbird/index",
-                        "services/opnsense/index",
-                        "services/pfsense/index",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Miscellaneous",
-                    items: [
-                        "services/actual-budget/index",
-                        "services/adventurelog/index",
-                        "services/calibre-web/index",
-                        "services/engomo/index",
-                        "services/frappe/index",
-                        "services/freshrss/index",
-                        "services/gravitee/index",
-                        "services/karakeep/index",
-                        "services/home-assistant/index",
-                        "services/immich/index",
-                        "services/jellyfin/index",
-                        "services/komga/index",
-                        "services/mealie/index",
-                        "services/miniflux/index",
-                        "services/node-red/index",
-                        "services/open-webui/index",
-                        "services/semaphore/index",
-                        "services/sonar-qube/index",
-                        "services/sonarr/index",
-                        "services/tandoor/index",
-                        "services/tautulli/index",
-                        "services/weblate/index",
-                        "services/youtrack/index",
-                        "services/zipline/index",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Monitoring",
-                    items: [
-                        "services/beszel/index",
-                        "services/chronograf/index",
-                        "services/gatus/index",
-                        "services/glitchtip/index",
-                        "services/grafana/index",
-                        "services/observium/index",
-                        "services/sentry/index",
-                        "services/ubuntu-landscape/index",
-                        "services/uptime-kuma/index",
-                        "services/wazuh/index",
-                        "services/zabbix/index",
-                        "services/whats-up-docker/index",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Platforms",
-                    items: [
-                        "services/atlassian/index",
-                        "services/budibase/index",
-                        "services/drupal/index",
-                        "services/pocketbase/index",
-                        "services/wordpress/index",
-                    ],
-                },
-                {
-                    type: "category",
-                    label: "Version Control Systems",
-                    items: [
-                        "services/gitea/index",
-                        "services/github-organization/index",
-                        "services/github-enterprise-cloud/index",
-                        "services/github-enterprise-emu/index",
-                        "services/github-enterprise-server/index",
-                        "services/gitlab/index",
-                    ],
-                },
-            ],
-        },
-    ],
-};
diff --git a/website/src/components/SupportBadge.tsx b/website/src/components/SupportBadge.tsx
index b5e28fe19db3..1f2291ef71e0 100644
--- a/website/src/components/SupportBadge.tsx
+++ b/website/src/components/SupportBadge.tsx
@@ -1,4 +1,4 @@
-import { SupportLevelToLabel, isSupportLevel } from "@site/remark/support-directive";
+import { SupportLevelToLabel, isSupportLevel } from "@site/remark/support-directive.mjs";
 import React from "react";
 
 export interface SupportBadgeProps {
diff --git a/website/src/theme/DocItem/Content/index.tsx b/website/src/theme/DocItem/Content/index.tsx
index 30b8ae3b0d00..2121cb14a770 100644
--- a/website/src/theme/DocItem/Content/index.tsx
+++ b/website/src/theme/DocItem/Content/index.tsx
@@ -1,3 +1,4 @@
+/// <reference types="@docusaurus/plugin-content-docs" />
 /**
  * @file Swizzled DocItemContent component.
  *
@@ -7,8 +8,7 @@
  * the content of a documentation page. However, it also adds support for
  * support badges, and Authentik version badges.
  */
-import { DocFrontMatter } from "@docusaurus/plugin-content-docs";
-import { DocContextValue, useDoc } from "@docusaurus/plugin-content-docs/client";
+import { useDoc } from "@docusaurus/plugin-content-docs/client";
 import { ThemeClassNames } from "@docusaurus/theme-common";
 import { SupportBadge } from "@site/src/components/SupportBadge";
 import { VersionBadge } from "@site/src/components/VersionBadge";
@@ -17,24 +17,25 @@ import type { Props } from "@theme/DocItem/Content";
 import Heading from "@theme/Heading";
 import MDXContent from "@theme/MDXContent";
 import clsx from "clsx";
-import React from "react";
+import React, { useEffect } from "react";
 
-interface SwizzledDocFrontMatter extends DocFrontMatter {
-    support_level?: string;
-    authentik_version?: string;
-    authentik_preview: boolean;
-    authentik_enterprise: boolean;
-}
-
-interface SwizzledDocContextValue extends DocContextValue {
-    frontMatter: SwizzledDocFrontMatter;
+class MarkdownLintError extends Error {
+    constructor(message: string) {
+        super(message);
+        this.name = "MarkdownLintError";
+    }
 }
 
 const DocItemContent: React.FC<Props> = ({ children }) => {
     const syntheticTitle = useSyntheticTitle();
-    const { frontMatter } = useDoc() as SwizzledDocContextValue;
-    const { support_level, authentik_version, authentik_enterprise, authentik_preview } =
-        frontMatter;
+    const { frontMatter, metadata, contentTitle } = useDoc();
+    const {
+        // ---
+        support_level,
+        authentik_version,
+        authentik_enterprise,
+        authentik_preview,
+    } = frontMatter;
 
     const badges: JSX.Element[] = [];
 
@@ -54,6 +55,35 @@ const DocItemContent: React.FC<Props> = ({ children }) => {
         badges.push(<span className="badge badge--primary">Enterprise</span>);
     }
 
+    if (badges.length && !syntheticTitle) {
+        throw new MarkdownLintError(
+            `${metadata.id}: ${badges.length} Badge(s) found with a missing synthetic title. Remove the page heading and set it via the frontmatter.`,
+        );
+    }
+
+    if (frontMatter.title && contentTitle && frontMatter.title === contentTitle) {
+        throw new MarkdownLintError(
+            `${metadata.id}: Synthetic title "${frontMatter.title}" and content title "${contentTitle}" are the same. Remove the first heading and let the frontmatter set the title.`,
+        );
+    }
+
+    useEffect(() => {
+        const invalidBadges = document.querySelectorAll(`.theme-doc-markdown > header + .badge,
+            .theme-doc-markdown .markdown > .badge
+            `);
+
+        if (!invalidBadges.length) return;
+
+        console.error(
+            `Found ${invalidBadges.length} invalid badges on ${metadata.id}`,
+            invalidBadges,
+        );
+
+        throw new MarkdownLintError(
+            `${metadata.id}: ${invalidBadges.length} Badge(s) defined in markdown content instead of the frontmatter.`,
+        );
+    }, []);
+
     return (
         <div className={clsx(ThemeClassNames.docs.docMarkdown, "markdown")}>
             {syntheticTitle ? (
diff --git a/website/src/theme/EditMetaRow/index.tsx b/website/src/theme/EditMetaRow/index.tsx
index c145f969ed1d..acbd011041e5 100644
--- a/website/src/theme/EditMetaRow/index.tsx
+++ b/website/src/theme/EditMetaRow/index.tsx
@@ -1,11 +1,10 @@
 import Translate from "@docusaurus/Translate";
 import Admonition from "@theme/Admonition";
-import IconNote from "@theme/Admonition/Icon/Note";
 import type { Props } from "@theme/EditMetaRow";
 import EditThisPage from "@theme/EditThisPage";
 import LastUpdated from "@theme/LastUpdated";
 import clsx from "clsx";
-import React, { type ReactNode } from "react";
+import React from "react";
 
 import styles from "./styles.module.css";
 
@@ -49,11 +48,11 @@ const EditMetaRow: React.FC<Props> = ({
                 <div className="row">
                     <div className="col col--12">
                         <ul>
-                            {editUrl && (
+                            {editUrl ? (
                                 <li>
                                     <EditThisPage editUrl={editUrl} />
                                 </li>
-                            )}
+                            ) : null}
 
                             <li>
                                 <a
@@ -106,9 +105,9 @@ const EditMetaRow: React.FC<Props> = ({
 
             <div className="row">
                 <div className={clsx("col", styles.lastUpdated)}>
-                    {(lastUpdatedAt || lastUpdatedBy) && (
+                    {lastUpdatedAt || lastUpdatedBy ? (
                         <LastUpdated lastUpdatedAt={lastUpdatedAt} lastUpdatedBy={lastUpdatedBy} />
-                    )}
+                    ) : null}
                 </div>
             </div>
         </>
diff --git a/website/types/docusaurus.d.ts b/website/types/docusaurus.d.ts
new file mode 100644
index 000000000000..bffcc08299a1
--- /dev/null
+++ b/website/types/docusaurus.d.ts
@@ -0,0 +1,45 @@
+/**
+ * @file Supplemental type definitions for Docusaurus.
+ *
+ * @remarks
+ *
+ * Docusaurus uses an unconventional module resolution strategy, which can lead to
+ * issues when using TypeScript.
+ *
+ * The types in this file are intended to expose less visible types to TypeScript's
+ * project references, allowing for better type checking and autocompletion.
+ */
+
+declare module "@docusaurus/plugin-content-docs-types" {
+    export * from "@docusaurus/plugin-content-docs";
+    export * from "@docusaurus/plugin-content-docs/src/types.ts";
+    export * from "@docusaurus/plugin-content-docs/src/sidebars/types.ts";
+}
+
+declare module "@docusaurus/plugin-content-docs/src/sidebars/types" {
+    export * from "@docusaurus/plugin-content-docs/src/sidebars/types.ts";
+}
+
+declare module "@docusaurus/plugin-content-docs/client" {
+    import { DocContextValue as BaseDocContextValue } from "@docusaurus/plugin-content-docs/lib/client/doc.js";
+    import { DocFrontMatter as BaseDocFrontMatter } from "@docusaurus/plugin-content-docs";
+
+    /**
+     * @monkeypatch
+     */
+    export interface DocFrontMatter extends BaseDocFrontMatter {
+        support_level?: string;
+        authentik_version?: string;
+        authentik_preview: boolean;
+        authentik_enterprise: boolean;
+    }
+
+    export interface DocContextValue extends BaseDocContextValue {
+        /**
+         * @monkeypatch
+         */
+        frontMatter: DocFrontMatter;
+    }
+
+    export function useDoc(): DocContextValue;
+}