LogoLogo
Get CIPPJoin Discord
  • ☕CIPP Documentation
  • 🦸Setup
    • Self Hosting Guide
      • Prerequisites
      • Installation
      • Run From Package Mode
      • Post-Install Configuration
      • Configuring Automatic Updates
      • Updating Versions
      • Migrating to Hosted CIPP
      • Self-hosted API Setup
    • Service Account Setup
      • GDAP's Importance in CIPP
      • Creating the CIPP Service Account
      • Conditional Access best practices
      • Recommended Roles
    • Configuring CIPP
      • Adding users to CIPP
      • Executing the SAM Setup Wizard
      • Tenant Onboarding
      • Adding Tenants & Consenting the CIPP-SAM Application
      • User Roles in CIPP
      • Adding a custom domain name
      • I want to manage my own tenant
    • Implementing CIPP
      • Recommended First Steps
      • Standards Setup
    • Resources
      • Professional Onboarding Services
      • Sponsor Quick Start
  • 🙋User Documentation
    • Shared Features
      • Menu Bar
        • Tenant Select
        • Display Mode
        • 🔍Search
        • Bookmarks
        • User Preferences
      • Table Features
      • Speed Dial
      • Keyboard Shortcuts
    • CIPP Dashboard
    • Identity Management
      • Administration
        • Users
          • Bulk Add
          • Invite Guest
          • Add User
          • View Individual User
            • Edit User
            • Exchange Settings
            • Compromise Remediation
            • Conditional Access
        • Risky Users
        • Groups
          • Add Group
          • Edit Group
        • Group Templates
          • Add Group Template
          • Deploy Group Templates
        • Devices
        • Deleted items
        • Roles
        • JIT Admin
          • Add JIT Admin
        • Offboarding Wizard
      • Reports
        • MFA Report
        • Inactive Users
        • Sign Ins Report
        • AAD Connect Report
        • Risk Detections
    • Tenant Administration
      • Administration
        • Tenants
          • Edit Tenant
          • Tenant Groups
            • Add Tenant Group
            • Edit Tenant Group
        • Alert Configuration
          • Add Alert
        • Audit Logs
        • Enterprise Applications
        • Secure Score
        • App Consent Requests
        • Authentication Methods
        • Partner Relationships
      • GDAP Management
        • Relationships
          • Relationship Summary
            • Role Mappings
        • Role Mappings
          • Map GDAP Roles
        • Role Templates
          • Add Template
        • Invites
          • New Invite
        • Onboarding
        • Offboarding
      • Configuration Backup
        • Backups
          • Restore Configuration Backup
          • Add Configuration Backup
      • Standards
        • List Standards Templates
        • Add Standards Template
        • Compare Tenant to Standard
        • Best Practice Analyser
          • Best Practice Templates
          • Custom Reports
        • Domains Analyser
      • Conditional Access
        • CA Policies
          • Deploy CA Policies
        • CA Vacation Mode
          • Add Vacation Schedule
        • CA Templates
        • Named Locations
          • Add Named Locations
      • Reports
        • License Report
        • Sherweb License Report
          • Add Subscription
        • Consented Applications
    • Security & Compliance
      • Incidents & Alerts
        • Incidents
        • Alerts
      • Defender
        • Defender Status
        • Defender Deployment
        • Vulnerabilities
      • Reports
        • Device Compliance
    • Intune
      • Applications
        • Applications
          • Add Application
            • Add MSP App
            • Add Store App
            • Add Choco App
            • Add Office App
        • Application Queue
      • Autopilot
        • Autopilot Devices
        • Add Autopilot Device
        • Profiles
        • Add Profile
        • Status Pages
        • Add Status Page
      • Device Management
        • Devices
        • Configuration Policies
        • Compliance Policies
        • Protection Policies
        • Apply Policy
        • Policy Templates
        • Scripts
      • Reports
        • Analytics Device Score
    • Teams & SharePoint
      • OneDrive
      • SharePoint
        • Add Site
        • Bulk Add Site
      • Teams
        • Teams
          • Add Team
        • Teams Activity
        • Business Voice
    • Email & Exchange
      • Administration
        • Mailboxes
          • Add Shared Mailbox
        • Deleted Mailboxes
        • Mailbox Rules
        • Contacts
          • Add Contact
          • Edit Contact
        • Quarantine
        • Tenant Allow/Block Lists
          • Add Entry
      • Transport
        • Transport rules
          • Deploy Template
        • Transport Templates
        • Connectors
          • Deploy connector Templates
        • Connector Templates
      • Spamfilter
        • Spamfilter
          • Deploy Spamfilter
        • Spamfilter Templates
        • Connection filter
          • Deploy Connection Filter
        • Connection filter templates
      • Tools
        • Mailbox Restore Wizard
        • Mail Test
      • Resource Management
        • Rooms
          • Add Room
          • Edit Room
        • Room Lists
      • Reports
        • Mailbox Statistics
        • Mailbox Client Access Settings
        • Anti-Phishing Filters
        • Malware Filters
        • Safe Link Filters
        • Safe Attachment Filters
        • Shared Mailbox with Enabled Account
        • Global Address List
    • Tools
      • Tenant Tools
        • Graph Explorer
        • Application Approval
        • Tenant Lookup
        • IP Database
        • Individual Domain Check
      • Email Tools
        • Message Trace
        • Mailbox Restores
        • Message Viewer
      • Dark Web Tools
        • Tenant Breach Lookup
        • Breach Lookup
      • Template Library
      • Community Repositories
        • View Repository Templates
      • Scheduler
        • Add Job
    • CIPP
      • Application Settings
        • Permissions
        • Tenants
        • Backend
        • Notifications
        • Partner Webhooks
        • Licenses
        • CIPP Backup
        • Global Variables
      • Logbook
      • SAM Setup Wizard
      • Integrations
        • Integration Sync
        • CIPP-API
        • Sherweb
        • Gradient
        • Halo PSA Ticketing
        • NinjaOne
        • Hudu
        • Password Pusher
        • Have I Been Pwned?
        • Cloudflare
        • GitHub
      • Custom Data
        • Directory Extensions
          • Add Directory Extension
        • Schema Extensions
          • Add Schema Extension
        • Mappings
          • Add Mapping
          • Edit Mapping
      • Advanced
        • Super Admin
          • Tenant Mode
          • Function Offloading
          • Custom Roles
          • SAM App Roles
          • SAM App Permissions
        • Exchange Cmdlets
        • Timers
        • Table Maintenance
  • 📂Troubleshooting
    • Error codes
    • Troubleshooting instructions
      • Refreshing a Specific Tenant's Permissions via CPV API
    • Frequently Asked Questions
      • I got a "Potential Phishing page detected" alert. What do I do with that?
  • 🔐Security
    • CIPP Security and Compliance
      • Security Policy
      • Security reports
    • CIPP Community Vulnerability Disclosure Policy
  • 👩‍💻👩💻 Dev Documentation
    • CIPP Dev Guide
      • Setting Up for Local Development
      • Executing Local Development
      • Project Structure
      • Development Tips
      • CIPP v7 Developer Brief
    • Contributing to the Code
    • Contributing to the Documentation
  • ⚙️API Documentation
    • Setup & Authentication
    • Endpoints
  • 🧰MSP Adoption Toolkit
    • Building a CIPP Business Case
  • ☕Sip & CIPP
    • Conditional Access
    • Autopilot & Intune
  • CIPP New Interface Release Candidate 2 (rc2)
Powered by GitBook
On this page
  • 1. Sync Your Fork(s) in GitHub
  • 2. Updating from v6 (or Older) to v7+
  • 3. Updating from v6 (or Older) to v7+ (Merge Conflicts)
  • “I Accidentally Discarded Changes” (The Common GitHub Pitfall)
  • Recreate the Workflow File
  • Done & Dusted

Was this helpful?

Edit on GitHub
Export as PDF
  1. Setup
  2. Self Hosting Guide

Updating Versions

Keeping CIPP up-to-date ensures you have the latest features, security patches, and bug fixes.

PreviousConfiguring Automatic UpdatesNextMigrating to Hosted CIPP

Last updated 1 month ago

Was this helpful?

Note (Hosted / Sponsored Clients) If you’re using a CyberDrain-hosted instance of CIPP, updates happen automatically—generally within 48 hours of a new release. You can safely skip the rest of this page; however, it is important to perform a permissions check via CIPP > Application Settings > Permissions to ensure any newly added permissions are accounted for via an automated Permissions Repair in v7+.

Update your self-hosted CIPP instance to the latest release using the following instructions:

Note (Self-Hosted Clients Updating from v6 or earlier)

A few more steps are required to upgrade versions 6 to 7. See the for v7.0.1 and review the steps in below for how to successfully update in these scenarios.


1. Sync Your Fork(s) in GitHub

For typical updates (e.g., moving from any v7+ patch releases):

1

Open Your CIPP Fork

  • Go to your fork of the CIPP repo on GitHub.

  • Click Sync fork (or sometimes Fetch upstream).

  • Choose Update branch—be careful not to discard any commits.

IMPORTANT: If prompted with a question asking "Do you want to Discard (X) Commits" or "Update Branch", ensure you click on "Update Branch" AND DO NOT PRESS DISCARD

2

Repeat for CIPP-API

  • Do the same steps in your CIPP-API fork so both the front-end and API stay in sync.

3

Wait for Deployment

  • If you’ve connected your Azure Function App to GitHub Actions (), the updates should roll out automatically within about 30 minutes.

  • Check your Azure Logs or GitHub Actions to confirm a successful deployment

4

Clear Browser Cache

  • If you see an older version in your browser, try a Hard Refresh: open DevTools (F12), then right-click the refresh icon beside the URL bar and select Hard reload and empty cache.

5

Permissions Check

  • Updates to CIPP can often include additional permissions required as new features are added or existing features get updated for new requirements from Microsoft. Go into CIPP > Application Settings > Permissions and perform a Permissions Check. If any roles are missing, you'll be presented with the option to Repair Permissions in v7+.


2. Updating from v6 (or Older) to v7+

The v7 front-end introduced a Next.js + Material-UI stack, so older forks might need an extra step:

If your "Sync fork" options button presents you with an error that there are conflicts that must be resolved, skip to .

1

Check Your Workflow File(s)

  • In your CIPP repo, open:

    .github/workflows
  • Look for filenames starting with azure-static-web-apps (e.g., azure-static-web-apps-main.yml).

  • Important: If you discarded commits previously, you might not see such a file at all—or it might be renamed.

2

Set the output_location to "/out" (If Missing)

  • In older v7 instructions, we had to manually change:

    output_location: "" 

    to:

    output_location: "/out"
  • However, newer versions of the workflow may already include "/out". Double-check your file before making changes.

3

Commit and Redeploy

  • After editing, commit directly to your main branch.

  • A GitHub Actions run should trigger automatically, building and redeploying the Static Web App.

4

Wait & Verify

  • Give Azure a few minutes to pick up changes. Check the Actions tab or the Azure Logs for success.

  • Clear your cache or try a different browser to confirm the new version is live.

5

Permissions Check

  • Updates to CIPP can often include additional permissions required as new features are added or existing features get updated for new requirements from Microsoft. Go into CIPP > Application Settings > Permissions and perform a Permissions Check. If any roles are missing, you'll be presented with the option to Repair Permissions in v7+.

3. Updating from v6 (or Older) to v7+ (Merge Conflicts)

In many cases, there are so many changes to the repo that GitHub doesn't know how to properly merge your repo with the upstream repo. Follow these instructions to get your branch to update.

1

Locate your workflow file

  • In your CIPP repo, open:

    .github/workflows
  • Look for filenames starting with azure-static-web-apps (e.g., azure-static-web-apps-main.yml).

  • Open this file in a new browser tab.

2

Discard Commits

  • Return to your main repo view

  • Click "Sync fork"

  • Click "Discard XXX commits"

3

Recreate Workflow File

  • In your CIPP repo, open:

    .github/workflows
  • Click "Add file" in the top right of the page

  • Select "Create new file"

  • Name the file the same as the azure-static-web-apps file open in your other browser tab

  • Copy the contents of the file in your other tab to the new file

4

“I Accidentally Discarded Changes” (The Common GitHub Pitfall)

If you accidentally chose Discard (X) Commits while syncing your fork, you might have lost the original azure-static-web-apps workflow file. This often leads to:

  • “No changes to commit” messages,

  • A stuck or outdated front-end version,

  • Confusion about missing .yml files.

Recreate the Workflow File

If you're comfortable with GitHub, the easiest way to ensure you have the appropriate values for your token is to review your Actions tab on your CIPP repo for the most recent successfully run update. The contents of your old workflow file will be found by clicking "Workflow file" in the left side column of the Build and Deploy task. You'll still need to ensure the /out changes have been made to the file.

1

Check Repository Secrets

  • In your CIPP fork, go to Settings → Secrets and variables → Actions.

  • Note the name of your Azure Static Web Apps deployment token (e.g., AZURE_STATIC_WEB_APPS_API_TOKEN_SOMENAME_12345).

2

Create a New .yml in .github/workflows

  • The filename can be anything (azure-static-web-apps-fix.yml, deploy.yml, etc.)—just make sure it ends in .yml.

  • Use this example file as the contents

3

Update References to Your Secrets

  • In that new file, look for lines referencing the token (e.g., AZURE_STATIC_WEB_APPS_API_TOKEN_...).

  • Replace them with your token name from Step 1.

4

Commit

  • Once you commit, GitHub Actions should fire off a new build if the on: triggers are present (typically push or pull_request).

  • Check the Actions tab to see if it’s running.

5

Confirm Deployment

  • After the workflow succeeds, your Static Web App should serve the updated version.

  • If you still see the old UI, do a Hard Refresh (Open DevTools, then Right Click Refresh Button) or wait up to 30 minutes for Azure’s distribution/CDN to update

6

Permissions Check

  • Updates to CIPP can often include additional permissions required as new features are added or existing features get updated for new requirements from Microsoft. Go into CIPP > Application Settings > Permissions and perform a Permissions Check. If any roles are missing, you'll be presented with the option to Repair Permissions in v7+.

Done & Dusted

At this point, your CIPP front-end and API should be updated to the latest release. Keep these key points in mind:

  1. Never click “Discard Commits” when syncing.

  2. Watch for the .github/workflows files if you suspect deployment issues.

  3. Hard-refresh or wait for CDN caches to clear for a truly up-to-date view

Congratulations! You’re now up-to-date and ready to use the newest features.

Resume with Step 2 from

🦸
release notes
Run From Package mode
option 2
Option 3
Option 2
2KB
cipp-workflow.yml
Example file