docs: trim SSO page to SaaS focus, Factory details live in replicated-config

Add SSO documentation page covering all supported identity providers
for both SaaS (AMP) and Factory deployments.

Includes:
- Provider overview (WorkOS, Entra ID, Okta, Auth0, Keycloak)
- SaaS vs Factory SSO availability
- Step-by-step setup guides per provider with env vars
- CLI authentication via Device Authorization Grant
- RBAC integration overview
- Troubleshooting common SSO issues
- Complete environment variables reference

Placed in the Manage nav group alongside RBAC.

docs/ar/changelog.mdx

@@ -4,6 +4,42 @@ description: "تحديثات المنتج والتحسينات وإصلاحات
 icon: "clock"
 mode: "wide"
 ---
+<Update label="27 مارس 2026">
+  ## v1.13.0rc1
+
+  [عرض الإصدار على GitHub](https://github.com/crewAIInc/crewAI/releases/tag/1.13.0rc1)
+
+  ## ما الذي تغير
+
+  ### الوثائق
+  - تحديث سجل التغييرات والإصدار لـ v1.13.0a2
+
+  ## المساهمون
+
+  @greysonlalonde
+
+</Update>
+
+<Update label="27 مارس 2026">
+  ## v1.13.0a2
+
+  [عرض الإصدار على GitHub](https://github.com/crewAIInc/crewAI/releases/tag/1.13.0a2)
+
+  ## ما الذي تغير
+
+  ### الميزات
+  - تحديث تلقائي لمستودع اختبار النشر أثناء الإصدار
+  - تحسين مرونة إصدار المؤسسات وتجربة المستخدم
+
+  ### الوثائق
+  - تحديث سجل التغييرات والإصدار للإصدار v1.13.0a1
+
+  ## المساهمون
+
+  @greysonlalonde
+
+</Update>
+
 <Update label="27 مارس 2026">
   ## v1.13.0a1
 

docs/en/changelog.mdx

@@ -4,6 +4,42 @@ description: "Product updates, improvements, and bug fixes for CrewAI"
 icon: "clock"
 mode: "wide"
 ---
+<Update label="Mar 27, 2026">
+  ## v1.13.0rc1
+
+  [View release on GitHub](https://github.com/crewAIInc/crewAI/releases/tag/1.13.0rc1)
+
+  ## What's Changed
+
+  ### Documentation
+  - Update changelog and version for v1.13.0a2
+
+  ## Contributors
+
+  @greysonlalonde
+
+</Update>
+
+<Update label="Mar 27, 2026">
+  ## v1.13.0a2
+
+  [View release on GitHub](https://github.com/crewAIInc/crewAI/releases/tag/1.13.0a2)
+
+  ## What's Changed
+
+  ### Features
+  - Auto-update deployment test repo during release
+  - Improve enterprise release resilience and UX
+
+  ### Documentation
+  - Update changelog and version for v1.13.0a1
+
+  ## Contributors
+
+  @greysonlalonde
+
+</Update>
+
 <Update label="Mar 27, 2026">
   ## v1.13.0a1
 

docs/en/enterprise/features/sso.mdx

@@ -0,0 +1,194 @@
+---
+title: Single Sign-On (SSO)
+icon: "key"
+description: Configure enterprise SSO authentication for CrewAI Platform — SaaS and Factory
+---
+
+## Overview
+
+CrewAI Platform supports enterprise Single Sign-On (SSO) across both **SaaS (AMP)** and **Factory (self-hosted)** deployments. SSO enables your team to authenticate using your organization's existing identity provider, enforcing centralized access control, MFA policies, and user lifecycle management.
+
+### Supported Providers
+
+| Provider | SaaS | Factory | Protocol |
+|---|---|---|---|
+| **WorkOS** | ✅ (default) | ✅ | OAuth 2.0 / OIDC |
+| **Microsoft Entra ID** (Azure AD) | ✅ (enterprise) | ✅ | OAuth 2.0 / SAML 2.0 |
+| **Okta** | ✅ (enterprise) | ✅ | OAuth 2.0 / OIDC |
+| **Auth0** | ✅ (enterprise) | ✅ | OAuth 2.0 / OIDC |
+| **Keycloak** | — | ✅ | OAuth 2.0 / OIDC |
+
+### Key Capabilities
+
+- **SAML 2.0 and OAuth 2.0 / OIDC** protocol support
+- **Device Authorization Grant** flow for CLI authentication
+- **Role-Based Access Control (RBAC)** with custom roles and per-resource permissions
+- **MFA enforcement** delegated to your identity provider
+- **User provisioning** through IdP assignment (users/groups)
+
+---
+
+## SaaS SSO
+
+### Default Authentication
+
+CrewAI's managed SaaS platform (AMP) uses **WorkOS** as the default authentication provider. When you sign up at [app.crewai.com](https://app.crewai.com), authentication is handled through `login.crewai.com` — no additional SSO configuration is required.
+
+### Enterprise Custom SSO
+
+Enterprise SaaS customers can configure SSO with their own identity provider (Entra ID, Okta, Auth0). Contact your CrewAI account team to enable custom SSO for your organization. Once configured:
+
+1. Your team members authenticate through your organization's IdP
+2. Access control and MFA policies are enforced by your IdP
+3. The CrewAI CLI automatically detects your SSO configuration via `crewai enterprise configure`
+
+### CLI Defaults (SaaS)
+
+| Setting | Default Value |
+|---|---|
+| `enterprise_base_url` | `https://app.crewai.com` |
+| `oauth2_provider` | `workos` |
+| `oauth2_domain` | `login.crewai.com` |
+
+---
+
+## Factory SSO
+
+Factory (self-hosted) deployments support SSO with the following identity providers:
+
+- **Microsoft Entra ID** (Azure AD)
+- **Okta**
+- **Keycloak**
+- **Auth0**
+- **WorkOS**
+
+Each provider requires registering an application in your IdP and configuring the corresponding environment variables in your Helm `values.yaml`.
+
+<Note>
+  Detailed setup guides for each provider — including step-by-step IdP registration, environment variable reference, and CLI enablement — are available in your **Factory admin documentation** (shipped with your Factory installation).
+</Note>
+
+---
+
+## CLI Authentication
+
+The CrewAI CLI supports SSO authentication via the **Device Authorization Grant** flow. This allows developers to authenticate from their terminal without exposing credentials.
+
+### Quick Setup
+
+For Factory installations, the CLI can auto-configure all OAuth2 settings:
+
+```bash
+crewai enterprise configure https://your-factory-url.app
+```
+
+This command fetches the SSO configuration from your Factory instance and sets all required CLI parameters automatically.
+
+Then authenticate:
+
+```bash
+crewai login
+```
+
+<Note>
+  Requires CrewAI CLI version **1.6.0** or higher for Entra ID, **0.159.0** or higher for Okta, and **1.9.0** or higher for Keycloak.
+</Note>
+
+### Manual CLI Configuration
+
+If you need to configure the CLI manually, use `crewai config set`:
+
+```bash
+# Set the provider
+crewai config set oauth2_provider okta
+
+# Set provider-specific values
+crewai config set oauth2_domain your-domain.okta.com
+crewai config set oauth2_client_id your-client-id
+crewai config set oauth2_audience api://default
+
+# Set the enterprise base URL
+crewai config set enterprise_base_url https://your-factory-url.app
+```
+
+### CLI Configuration Reference
+
+| Setting | Description | Example |
+|---|---|---|
+| `enterprise_base_url` | Your CrewAI instance URL | `https://crewai.yourcompany.com` |
+| `oauth2_provider` | Provider name | `workos`, `okta`, `auth0`, `entra_id`, `keycloak` |
+| `oauth2_domain` | Provider domain | `your-domain.okta.com` |
+| `oauth2_client_id` | OAuth2 client ID | `0oaqnwji7pGW7VT6T697` |
+| `oauth2_audience` | API audience identifier | `api://default` |
+
+View current configuration:
+
+```bash
+crewai config list
+```
+
+### How Device Authorization Works
+
+1. Run `crewai login` — the CLI requests a device code from your IdP
+2. A verification URL and code are displayed in your terminal
+3. Your browser opens to the verification URL
+4. Enter the code and authenticate with your IdP credentials
+5. The CLI receives an access token and stores it locally
+
+---
+
+## Role-Based Access Control (RBAC)
+
+CrewAI Platform provides granular RBAC that integrates with your SSO provider. Permissions can be scoped to individual resources including dashboards, automations, and environment variables.
+
+- **Predefined roles** come out of the box with standard permission sets
+- **Custom roles** can be created with any combination of Read, Write, and Manage permissions
+- **Per-resource assignment** — limit specific automations to individual users or roles
+
+For detailed RBAC configuration, see the [RBAC documentation](/enterprise/features/rbac).
+
+---
+
+## Troubleshooting
+
+### CLI Login Fails (Device Authorization)
+
+**Symptom:** `crewai login` returns an error or times out.
+
+**Fix:**
+- Verify that Device Authorization Grant is enabled in your IdP
+- Check that your CLI is configured correctly: `crewai config list`
+- Ensure your CrewAI CLI version meets the minimum requirements for your provider
+
+### Token Validation Errors
+
+**Symptom:** `Invalid token: Signature verification failed` or `401 Unauthorized` after login.
+
+**Fix:**
+- Verify that your OAuth2 audience and authorization server settings match your IdP configuration exactly
+- For SaaS: contact your CrewAI account team if errors persist after verifying CLI settings
+
+### 403 Forbidden After Login
+
+**Symptom:** User authenticates successfully but gets 403 errors.
+
+**Fix:**
+- Check that the user is assigned to the CrewAI application in your IdP
+- Verify the user has the appropriate role assignment in your IdP
+
+### CLI Can't Reach CrewAI Instance
+
+**Symptom:** `crewai enterprise configure` fails to connect.
+
+**Fix:**
+- Verify the instance URL is reachable from your machine
+- Check that `enterprise_base_url` is set correctly: `crewai config list`
+- Ensure TLS certificates are valid and trusted
+
+---
+
+## Next Steps
+
+- [Installation Guide](/installation) — Get started with CrewAI
+- [Quickstart](/quickstart) — Build your first crew
+- [RBAC Setup](/enterprise/features/rbac) — Detailed role and permission management

docs/ko/changelog.mdx

@@ -4,6 +4,42 @@ description: "CrewAI의 제품 업데이트, 개선 사항 및 버그 수정"
 icon: "clock"
 mode: "wide"
 ---
+<Update label="2026년 3월 27일">
+  ## v1.13.0rc1
+
+  [GitHub 릴리스 보기](https://github.com/crewAIInc/crewAI/releases/tag/1.13.0rc1)
+
+  ## 변경 사항
+
+  ### 문서
+  - v1.13.0a2의 변경 로그 및 버전 업데이트
+
+  ## 기여자
+
+  @greysonlalonde
+
+</Update>
+
+<Update label="2026년 3월 27일">
+  ## v1.13.0a2
+
+  [GitHub 릴리스 보기](https://github.com/crewAIInc/crewAI/releases/tag/1.13.0a2)
+
+  ## 변경 사항
+
+  ### 기능
+  - 릴리스 중 자동 업데이트 배포 테스트 리포지토리
+  - 기업 릴리스의 복원력 및 사용자 경험 개선
+
+  ### 문서
+  - v1.13.0a1에 대한 변경 로그 및 버전 업데이트
+
+  ## 기여자
+
+  @greysonlalonde
+
+</Update>
+
 <Update label="2026년 3월 27일">
   ## v1.13.0a1
 

docs/pt-BR/changelog.mdx

@@ -4,6 +4,42 @@ description: "Atualizações de produto, melhorias e correções do CrewAI"
 icon: "clock"
 mode: "wide"
 ---
+<Update label="27 mar 2026">
+  ## v1.13.0rc1
+
+  [Ver release no GitHub](https://github.com/crewAIInc/crewAI/releases/tag/1.13.0rc1)
+
+  ## O que Mudou
+
+  ### Documentação
+  - Atualizar changelog e versão para v1.13.0a2
+
+  ## Contribuidores
+
+  @greysonlalonde
+
+</Update>
+
+<Update label="27 mar 2026">
+  ## v1.13.0a2
+
+  [Ver release no GitHub](https://github.com/crewAIInc/crewAI/releases/tag/1.13.0a2)
+
+  ## O que Mudou
+
+  ### Recursos
+  - Repositório de teste de implantação de autoatualização durante o lançamento
+  - Melhorar a resiliência e a experiência do usuário na versão empresarial
+
+  ### Documentação
+  - Atualizar changelog e versão para v1.13.0a1
+
+  ## Contribuidores
+
+  @greysonlalonde
+
+</Update>
+
 <Update label="27 mar 2026">
   ## v1.13.0a1
 

lib/crewai-files/src/crewai_files/__init__.py

@@ -152,4 +152,4 @@ __all__ = [
     "wrap_file_source",
 ]
 
-__version__ = "1.13.0a1"
+__version__ = "1.13.0rc1"

lib/crewai-tools/pyproject.toml

@@ -11,7 +11,7 @@ dependencies = [
     "pytube~=15.0.0",
     "requests~=2.32.5",
     "docker~=7.1.0",
-    "crewai==1.13.0a1",
+    "crewai==1.13.0rc1",
     "tiktoken~=0.8.0",
     "beautifulsoup4~=4.13.4",
     "python-docx~=1.2.0",

lib/crewai-tools/src/crewai_tools/__init__.py

@@ -309,4 +309,4 @@ __all__ = [
     "ZapierActionTools",
 ]
 
-__version__ = "1.13.0a1"
+__version__ = "1.13.0rc1"

lib/crewai/pyproject.toml

@@ -54,7 +54,7 @@ Repository = "https://github.com/crewAIInc/crewAI"
 
 [project.optional-dependencies]
 tools = [
-    "crewai-tools==1.13.0a1",
+    "crewai-tools==1.13.0rc1",
 ]
 embeddings = [
     "tiktoken~=0.8.0"

lib/crewai/src/crewai/__init__.py

@@ -42,7 +42,7 @@ def _suppress_pydantic_deprecation_warnings() -> None:
 
 _suppress_pydantic_deprecation_warnings()
 
-__version__ = "1.13.0a1"
+__version__ = "1.13.0rc1"
 _telemetry_submitted = False
 
 

lib/crewai/src/crewai/cli/templates/crew/pyproject.toml

@@ -5,7 +5,7 @@ description = "{{name}} using crewAI"
 authors = [{ name = "Your Name", email = "you@example.com" }]
 requires-python = ">=3.10,<3.14"
 dependencies = [
-    "crewai[tools]==1.13.0a1"
+    "crewai[tools]==1.13.0rc1"
 ]
 
 [project.scripts]

lib/crewai/src/crewai/cli/templates/flow/pyproject.toml

@@ -5,7 +5,7 @@ description = "{{name}} using crewAI"
 authors = [{ name = "Your Name", email = "you@example.com" }]
 requires-python = ">=3.10,<3.14"
 dependencies = [
-    "crewai[tools]==1.13.0a1"
+    "crewai[tools]==1.13.0rc1"
 ]
 
 [project.scripts]

lib/crewai/src/crewai/cli/templates/tool/pyproject.toml

@@ -5,7 +5,7 @@ description = "Power up your crews with {{folder_name}}"
 readme = "README.md"
 requires-python = ">=3.10,<3.14"
 dependencies = [
-    "crewai[tools]==1.13.0a1"
+    "crewai[tools]==1.13.0rc1"
 ]
 
 [tool.crewai]

lib/devtools/src/crewai_devtools/__init__.py

@@ -1,3 +1,3 @@
 """CrewAI development tools."""
 
-__version__ = "1.13.0a1"
+__version__ = "1.13.0rc1"

lib/devtools/src/crewai_devtools/cli.py

@@ -156,6 +156,33 @@ def update_version_in_file(file_path: Path, new_version: str) -> bool:
     return False
 
 
+def update_pyproject_version(file_path: Path, new_version: str) -> bool:
+    """Update the [project] version field in a pyproject.toml file.
+
+    Args:
+        file_path: Path to pyproject.toml file.
+        new_version: New version string.
+
+    Returns:
+        True if version was updated, False otherwise.
+    """
+    if not file_path.exists():
+        return False
+
+    content = file_path.read_text()
+    new_content = re.sub(
+        r'^(version\s*=\s*")[^"]+(")',
+        rf"\g<1>{new_version}\2",
+        content,
+        count=1,
+        flags=re.MULTILINE,
+    )
+    if new_content != content:
+        file_path.write_text(new_content)
+        return True
+    return False
+
+
 _DEFAULT_WORKSPACE_PACKAGES: Final[list[str]] = [
     "crewai",
     "crewai-tools",
@@ -1045,10 +1072,84 @@ def _update_enterprise_crewai_dep(pyproject_path: Path, version: str) -> bool:
     return False
 
 
+_DEPLOYMENT_TEST_REPO: Final[str] = "crewAIInc/crew_deployment_test"
+
 _PYPI_POLL_INTERVAL: Final[int] = 15
 _PYPI_POLL_TIMEOUT: Final[int] = 600
 
 
+def _update_deployment_test_repo(version: str, is_prerelease: bool) -> None:
+    """Update the deployment test repo to pin the new crewai version.
+
+    Clones the repo, updates the crewai[tools] pin in pyproject.toml,
+    regenerates the lockfile, commits, and pushes directly to main.
+
+    Args:
+        version: New crewai version string.
+        is_prerelease: Whether this is a pre-release version.
+    """
+    console.print(
+        f"\n[bold cyan]Updating {_DEPLOYMENT_TEST_REPO} to {version}[/bold cyan]"
+    )
+
+    with tempfile.TemporaryDirectory() as tmp:
+        repo_dir = Path(tmp) / "crew_deployment_test"
+        run_command(["gh", "repo", "clone", _DEPLOYMENT_TEST_REPO, str(repo_dir)])
+        console.print(f"[green]✓[/green] Cloned {_DEPLOYMENT_TEST_REPO}")
+
+        pyproject = repo_dir / "pyproject.toml"
+        content = pyproject.read_text()
+        new_content = re.sub(
+            r'"crewai\[tools\]==[^"]+"',
+            f'"crewai[tools]=={version}"',
+            content,
+        )
+        if new_content == content:
+            console.print(
+                "[yellow]Warning:[/yellow] No crewai[tools] pin found to update"
+            )
+            return
+        pyproject.write_text(new_content)
+        console.print(f"[green]✓[/green] Updated crewai[tools] pin to {version}")
+
+        lock_cmd = [
+            "uv",
+            "lock",
+            "--refresh-package",
+            "crewai",
+            "--refresh-package",
+            "crewai-tools",
+        ]
+        if is_prerelease:
+            lock_cmd.append("--prerelease=allow")
+
+        max_retries = 10
+        for attempt in range(1, max_retries + 1):
+            try:
+                run_command(lock_cmd, cwd=repo_dir)
+                break
+            except subprocess.CalledProcessError:
+                if attempt == max_retries:
+                    console.print(
+                        f"[red]Error:[/red] uv lock failed after {max_retries} attempts"
+                    )
+                    raise
+                console.print(
+                    f"[yellow]uv lock failed (attempt {attempt}/{max_retries}),"
+                    f" retrying in {_PYPI_POLL_INTERVAL}s...[/yellow]"
+                )
+                time.sleep(_PYPI_POLL_INTERVAL)
+        console.print("[green]✓[/green] Lockfile updated")
+
+        run_command(["git", "add", "pyproject.toml", "uv.lock"], cwd=repo_dir)
+        run_command(
+            ["git", "commit", "-m", f"chore: bump crewai to {version}"],
+            cwd=repo_dir,
+        )
+        run_command(["git", "push"], cwd=repo_dir)
+        console.print(f"[green]✓[/green] Pushed to {_DEPLOYMENT_TEST_REPO}")
+
+
 def _wait_for_pypi(package: str, version: str) -> None:
     """Poll PyPI until a specific package version is available.
 
@@ -1141,6 +1242,11 @@ def _release_enterprise(version: str, is_prerelease: bool, dry_run: bool) -> Non
 
             pyproject = pkg_dir / "pyproject.toml"
             if pyproject.exists():
+                if update_pyproject_version(pyproject, version):
+                    console.print(
+                        f"[green]✓[/green] Updated version in: "
+                        f"{pyproject.relative_to(repo_dir)}"
+                    )
                 if update_pyproject_dependencies(
                     pyproject, version, extra_packages=list(_ENTERPRISE_EXTRA_PACKAGES)
                 ):
@@ -1159,19 +1265,35 @@ def _release_enterprise(version: str, is_prerelease: bool, dry_run: bool) -> Non
         _wait_for_pypi("crewai", version)
 
         console.print("\nSyncing workspace...")
-        run_command(
-            [
-                "uv",
-                "sync",
-                "--refresh-package",
-                "crewai",
-                "--refresh-package",
-                "crewai-tools",
-                "--refresh-package",
-                "crewai-files",
-            ],
-            cwd=repo_dir,
-        )
+        sync_cmd = [
+            "uv",
+            "sync",
+            "--refresh-package",
+            "crewai",
+            "--refresh-package",
+            "crewai-tools",
+            "--refresh-package",
+            "crewai-files",
+        ]
+        if is_prerelease:
+            sync_cmd.append("--prerelease=allow")
+
+        max_retries = 10
+        for attempt in range(1, max_retries + 1):
+            try:
+                run_command(sync_cmd, cwd=repo_dir)
+                break
+            except subprocess.CalledProcessError:
+                if attempt == max_retries:
+                    console.print(
+                        f"[red]Error:[/red] uv sync failed after {max_retries} attempts"
+                    )
+                    raise
+                console.print(
+                    f"[yellow]uv sync failed (attempt {attempt}/{max_retries}),"
+                    f" retrying in {_PYPI_POLL_INTERVAL}s...[/yellow]"
+                )
+                time.sleep(_PYPI_POLL_INTERVAL)
         console.print("[green]✓[/green] Workspace synced")
 
         # --- branch, commit, push, PR ---
@@ -1187,7 +1309,7 @@ def _release_enterprise(version: str, is_prerelease: bool, dry_run: bool) -> Non
         run_command(["git", "push", "-u", "origin", branch_name], cwd=repo_dir)
         console.print("[green]✓[/green] Branch pushed")
 
-        run_command(
+        pr_url = run_command(
             [
                 "gh",
                 "pr",
@@ -1204,6 +1326,7 @@ def _release_enterprise(version: str, is_prerelease: bool, dry_run: bool) -> Non
             cwd=repo_dir,
         )
         console.print("[green]✓[/green] Enterprise bump PR created")
+        console.print(f"[cyan]PR URL:[/cyan] {pr_url}")
 
         _poll_pr_until_merged(branch_name, "enterprise bump PR", repo=enterprise_repo)
 
@@ -1570,7 +1693,18 @@ def tag(dry_run: bool, no_edit: bool) -> None:
     is_flag=True,
     help="Skip the enterprise release phase",
 )
-def release(version: str, dry_run: bool, no_edit: bool, skip_enterprise: bool) -> None:
+@click.option(
+    "--skip-to-enterprise",
+    is_flag=True,
+    help="Skip phases 1 & 2, run only the enterprise release phase",
+)
+def release(
+    version: str,
+    dry_run: bool,
+    no_edit: bool,
+    skip_enterprise: bool,
+    skip_to_enterprise: bool,
+) -> None:
     """Full release: bump versions, tag, and publish a GitHub release.
 
     Combines bump and tag into a single workflow. Creates a version bump PR,
@@ -1583,11 +1717,19 @@ def release(version: str, dry_run: bool, no_edit: bool, skip_enterprise: bool) -
         dry_run: Show what would be done without making changes.
         no_edit: Skip editing release notes.
         skip_enterprise: Skip the enterprise release phase.
+        skip_to_enterprise: Skip phases 1 & 2, run only the enterprise release phase.
     """
     try:
         check_gh_installed()
 
-        if not skip_enterprise:
+        if skip_enterprise and skip_to_enterprise:
+            console.print(
+                "[red]Error:[/red] Cannot use both --skip-enterprise "
+                "and --skip-to-enterprise"
+            )
+            sys.exit(1)
+
+        if not skip_enterprise or skip_to_enterprise:
             missing: list[str] = []
             if not _ENTERPRISE_REPO:
                 missing.append("ENTERPRISE_REPO")
@@ -1606,6 +1748,15 @@ def release(version: str, dry_run: bool, no_edit: bool, skip_enterprise: bool) -
         cwd = Path.cwd()
         lib_dir = cwd / "lib"
 
+        is_prerelease = _is_prerelease(version)
+
+        if skip_to_enterprise:
+            _release_enterprise(version, is_prerelease, dry_run)
+            console.print(
+                f"\n[green]✓[/green] Enterprise release [bold]{version}[/bold] complete!"
+            )
+            return
+
         if not dry_run:
             console.print("Checking git status...")
             check_git_clean()
@@ -1699,7 +1850,8 @@ def release(version: str, dry_run: bool, no_edit: bool, skip_enterprise: bool) -
 
         if not dry_run:
             _create_tag_and_release(tag_name, release_notes, is_prerelease)
-            _trigger_pypi_publish(tag_name, wait=not skip_enterprise)
+            _trigger_pypi_publish(tag_name, wait=True)
+            _update_deployment_test_repo(version, is_prerelease)
 
         if not skip_enterprise:
             _release_enterprise(version, is_prerelease, dry_run)