v4.1.0

v4.1.0 (2025-01-27)

Full Changelog

Added

• Add support for resource owner password flow #1039 (kailash-b)
• add: adding namespace in build.gradle #1044 (pmathew92)

Fixed

• fix: Interop Layer #1045 (guabu)

v4.0.0

Full changelog

💡 Check the Migration Guide to understand the changes required to migrate your application to v4.

💡 Check the v4.0.0-beta.0 to understand other major changes .

⚠️ BREAKING CHANGES

• BREAKING CHANGE: requireLocalAuthentication method is no longer available as part of the CredentialsManager class or the useAuth0 Hook from v4 of the SDK. Refer Migration Guide for more details.

Added

• feat: added support for domain switching #931 (desusai7)

v4.0.0-beta.0

Breaking Changes:

• requireLocalAuthentication method is no longer available as part of the CredentialsManager class or the useAuth0 Hook from v4 of the SDK. Refer below sections on how to enable authentication before obtaining credentials now.

Changes:

• Updated the Auth0 class constructor to accept a new parameter, LocalAuthenticationOptions, for enabling authentication before obtaining credentials as shown below:

const localAuthOptions: LocalAuthenticationOptions = {
    title: 'Authenticate to retreive your credentials',
    subtitle: 'Please authenticate to continue',
    description: 'We need to authenticate you to retrieve your credentials',
    cancelTitle: 'Cancel',
    evaluationPolicy: LocalAuthenticationStrategy.deviceOwnerWithBiometrics,
    fallbackTitle: 'Use Passcode',
    authenticationLevel: LocalAuthenticationLevel.strong,
    deviceCredentialFallback: true,
  }
const auth0 = new Auth0({ domain: config.domain, clientId: config.clientId, localAuthenticationOptions: localAuthOptions });

Modified the Auth0Provider to accept LocalAuthenticationOptions as a parameter to enable authentication before obtaining credentials.

const localAuthOptions: LocalAuthenticationOptions = {
  title: 'Authenticate to retreive your credentials',
  subtitle: 'Please authenticate to continue',
  description: 'We need to authenticate you to retrieve your credentials',
  cancelTitle: 'Cancel',
  evaluationPolicy: LocalAuthenticationStrategy.deviceOwnerWithBiometrics,
  fallbackTitle: 'Use Passcode',
  authenticationLevel: LocalAuthenticationLevel.strong,
  deviceCredentialFallback: true,
};

const App = () => {
  return (
    <Auth0Provider
      domain={config.domain}
      clientId={config.clientId}
      localAuthenticationOptions={localAuthOptions}
    >
      {/* YOUR APP */}
    </Auth0Provider>
  );
};

export default App;

Added

• feat: added support for domain switching #931 (desusai7)

v3.2.1

Fixed

• chore: upgraded dependency on Auth0.swift to 2.7.2 #895 (desusai7)

Security

• chore(deps-dev): bump expo from 50.0.17 to 50.0.18 #902 (dependabot[bot])
• chore(deps-dev): bump @types/jest from 29.5.11 to 29.5.12 #901 (dependabot[bot])
• chore(deps-dev): bump @testing-library/react from 14.1.2 to 14.3.1 #900 (dependabot[bot])
• chore(deps-dev): bump pod-install from 0.1.39 to 0.2.2 #899 (dependabot[bot])
• chore(deps-dev): bump @types/react-native from 0.72.8 to 0.73.0 #898 (dependabot[bot])
• feat: bumped up react-native version to 0.74.1 and expo to 50.0.0 #889 (desusai7)

v3.2.0

Added

• Support for Apple's Privacy Manifest #887 (poovamraj)
• chore(deps-dev): bump @types/react from 17.0.71 to 17.0.73 #831 (dependabot[bot])
• chore(deps-dev): bump react-native from 0.72.7 to 0.73.0 #823 (dependabot[bot])

v3.1.0

Added

• Provide option to pass custom redirect url #813 (poovamraj)
• Support SFSafariViewController #800 (poovamraj)
• Support additional parameters for forceRefresh in iOS #801 (poovamraj)

Fixed

• Handle incomplete promise in web authentication #798 (poovamraj)
• Fix metadata type in CreateUserOptions #789 (poovamraj)

v3.0.2

Fixed

• ESD-30932 Improve error handling #720 (poovamraj)

Security

• Update Auth0.Android to resolve CVE-2023-3635 #750 (poovamraj)

v3.0.1

Fixed

• Make authorize and clearSession parameters optional #701 (poovamraj)

Security

• chore(deps): bump semver from 5.7.1 to 5.7.2 in /example #692 (dependabot[bot])
• chore(deps): bump fast-xml-parser from 4.2.4 to 4.2.7 in /example #693 (dependabot[bot])

v3.0.0

v3.0.0 (2023-08-10)

Full Changelog

💡 Check the Migration Guide to understand the changes required to migrate your application to v3.

Added

• Credentials are returned as part of authorize methods in hooks
• Support for organizations name in login
• Added sample app in the repository
• Expo plugin is updated to latest version
• Added 'openid profile email' as mandatory scopes
• Option to forceRefresh is added in getCredentials
• Added hasValidCredentials to hooks
• More options to authorize using Hooks
  • authorizeWithSMS
  • authorizeWithEmail
  • authorizeWithOOB
  • authorizeWithOTP
  • authorizeWithRecoveryCode

Changed

• Custom Scheme is now optional in Expo
• Migrated the codebase to Typescript
• Use Native SDKs (Auth0.Android and Auth0.Swift) for Web Authentication
• Credentials object in Android will return expiresIn instead of expiresAt
• max_age parameter is changed to maxAge in WebAuth.authorize()
• customScheme is now part of ClearSessionOptions instead of ClearSessionParameters in clearSession
• Minimum supported version for iOS is bumped to 13
• Revoke Token and Change Password now return void instead of an empty object

Removed

• Removed the type property returned in the Credentials object in Android. Use tokenType instead.
• skipLegacyListener has been removed in authorize and clearSession

Security

• chore(deps): bump word-wrap from 1.2.3 to 1.2.4 #682 (dependabot[bot])
• chore: Expand .semgrepignore exclusions to tests #679 (evansims)
• chore(deps-dev): bump semver from 6.3.0 to 7.5.2 #657 (dependabot[bot])

v3.0.0-beta.3

v3.0.0-beta.3 (2023-07-11)

Full Changelog

Added

• Export types as part of root #649 (poovamraj)