1.0.0

Breaking changes

• SameSite=Strict Cookies: We changed the configuration of cookies so that they are SameSite=Strict.
  For more information on how to configure custom domains correctly - visit our documentation.
• Naming alignments: We aligned our naming in multiple places to be snake-case instead of camel-case, along with parameter naming alignment. These changes include:
  • loginOptions > login_options
  • refreshToken > refresh_token
  • DeliveryMethod.PHONE > DeliveryMethod.SMS

Enhancements

• JWT returns in validate_session: The validate_session function will now return the parsed JWT response.
• Upgraded SSO configuration options: We upgraded SSO management function, so that they now support configuring the domain parameter, which is used for auto registering new users to a specific tenant, if their identifiers are from the defined domain.

Bug fixes

• Logic fix in validate_and_refresh_session function: A fix to allow either and not both actions in method was applied.

0.9.1

Breaking changes

• 🚨 Session and Refresh token split 🚨: Session validation and refresh have been split in order to allow more control over session management.
  3 new functions have been added with a more predictable and straightforward behavior; the new functions have no optional parameters.

* `validate_session` - only validates the session.
* `refresh_session` - refreshes a session.
* `validate_and_refresh_session` - combines the two, validate and refresh as needed.

These function replace the following which have been removed:

* `validate_session_request` - replaced by `validate_and_refresh_session` with the change of requiring both tokens, and the two new functions added for more granular control.
* `refresh_token`: replaced by `refresh_session`, behavior remains with more consistent naming and input validation.

Enhancements

• Documentation enhancements: Additional explanations were added to our SDK's README.
• Rate limiting: In order to maintain our stable performance, and provide a good experience to all of our customers, we added SDK and API rate limits. You can read more in our documentation.

0.9.0

Breaking changes

• Rename of External ID to Login ID: In order to clarify and align the various user identifiers used in our system - we've decided to rename externalId to login_id.
• Enchanted Link attribute change: Updated the identifier attribute to linkId, to make it clearer for the Descoper to use.

Enhancements

• Management APIs: Various Management APIs were added to the package. This allows automation of actions on Users, Tenants, Access Keys and many more! 💯
  Some cool functionalities include:
  • Searching over all users
  • Adding roles and permissions, and assigning them to a user
  • Creating a tenant and configuriing its SAML mapping
• Key Response structure update: A v2 of the key response API; in order to support other frameworks, such as OpenID Connect, the key response's structure was updated, and keys are now a sub-attribute of keys.
  • Format in v1: [{...}]
  • Format in v2: {"keys": [{...}]}
• Custom Claims: Custom Claims can now be added to the JWT, using the updateJwt API.
• Readme updates: Updated the README of the repo, to make newcomers' lives even easier than before!

Bug fixes

• Username removed as parameter from SSO User Attributes Mapping: Username was a deprecated parameter in the SSO User Attributes Mapping dropdown. We removed it to resolve the confusion.

0.3.0

What's Changed

• Change exchange to POST by @dorsha in #63
• Change access key and refresh session to POST by @dorsha in #64
• 1. adjust email_validator for the new version (disable call for dns q… by @guyp-descope in #65
• fix: use cov xml file for result by @omercnet in #62
• chore(deps): update dependency black to v22.10.0 by @descope in #67
• Extend API to support custom claims by @aviadl in #68
• Change SAML start to be post by @dorsha in #70
• Change oauth authorize to be post by @dorsha in #71
• Fix oauth/saml start to be POST with query params by @dorsha in #72
• Add useful headers by @dorsha in #73
• Stepup take 2 by @aviadl in #74
• Adjust jwt response for access key with authz by @guyp-descope in #75
• fix(deps): update dependency cryptography to v38.0.3 [security] by @descope in #76
• fix(deps): update dependency pyjwt to v2.6.0 by @descope in #77
• chore(deps): update dependency pytest-cov to v4 by @descope in #69
• chore(deps): update dependency pytest to v7.2.0 by @descope in #79
• Add webauthn SignUpOrIn function by @shilgapira in #80
• Have both logout and logout_all as optinos by @slavikm in #81
• Add MFA support by @aviadl in #82
• chore(deps): update dependency liccheck to v0.7.3 by @descope in #83
• Management by @itaihanski in #84
• Add issuer support as url by @dorsha in #85
• Get management key from env var or config params by @shilgapira in #87
• Enchanted link support by @aviadl in #86
• Ensure management key is set before passing calls to management APIs by @shilgapira in #90
• Set localhost as default base_url (instead of prod link) by @guyp-descope in #88
• update poetry lockfile by @omercnet in #89

New Contributors

• @itaihanski made their first contribution in #84

Full Changelog: 0.2.0...0.3.0

0.2.0

What's Changed

• Pin dependencies by @descope in #49
• fix(readme): fix readme links to full URLs by @omercnet in #51
• chore: fix dev deps by @omercnet in #53
• Added support for /me by @slavikm in #52
• Add exchange access key function by @shilgapira in #54
• Add validate_permissions and validate_roles logic by @guyp-descope in #55
• fix: updating github action by @omercnet in #60
• fix the jet response object returned during validate_session_request by @guyp-descope in #58
• Change logout to be post by @dorsha in #59
• use valid return_url by @talaharoni in #61
• fix(deps): update dependency pyjwt to v2.5.0 by @descope in #57
• fix(deps): update dependency email-validator to v1.3.0 by @descope in #56

New Contributors

• @shilgapira made their first contribution in #54
• @dorsha made their first contribution in #59
• @talaharoni made their first contribution in #61

Full Changelog: 0.1.0...0.2.0

0.1.0

What's Changed

• Initial Python sdk code by @guyp-descope in #1
• Update the authorized license list + fix doc for the signin_otp function by @guyp-descope in #2
• Add magic link support to python by @aviadl in #3
• Fix routing to have /auth/ prefix by @aviadl in #4
• Support OAuth authentication method by @guyp-descope in #5
• Configure Renovate by @renovate in #6
• Update schneegans/dynamic-badges-action action to v1.4.0 by @renovate in #8
• Update actions/setup-python action to v4 by @renovate in #9
• fix packaging and add pyproject.toml fie by @guyp-descope in #10
• Upload artifacts by @meirwah in #12
• elaborate error msg by @meirwah in #13
• create and store images for example servers by @meirwah in #15
• change port by @meirwah in #16
• Update common.py by @meirwah in #18
• Update otp_web_sample_app.py by @meirwah in #17
• Update common.py by @meirwah in #19
• created baseline readme by @jeff-descope in #11
• Sdk take 2 by @guyp-descope in #20
• Split by auth method by @asafshen in #21
• remove cookies parameter on do_post and do_get by @guyp-descope in #23
• SDK with custom host and optional Verify by @meirwah in #22
• Change example routes by @meirwah in #24
• remove the usage of decorators in otp web sample app by @guyp-descope in #25
• Modify jwt response by @aviadl in #27
• Fix sample app, to place data on cookie propely by @aviadl in #28
• remove dsr usage on sample /private api by @guyp-descope in #29
• Restructure the jwt_response object by @guyp-descope in #30
• fix import by @guyp-descope in #32
• Rename example route by @meirwah in #33
• update console link by @Bars92 in #34
• update SDK URL to prod by @meirwah in #35
• (WIP) Docteam edits by @jeff-descope in #36
• Expose refresh token as a public method by @aviadl in #38
• fix issue #421 - aligned delivery-method-verification with the GO sdk by @guyp-descope in #37
• expose refresh token on DescopeClient by @asafshen in #39
• Replace basice auth with bearer by @aviadl in #40
• Update documentation by @guyp-descope in #41
• Fix doc (magiclink) by @guyp-descope in #42
• fix the parameters to magiclink verify func by @guyp-descope in #43
• Change all endpoints to the correct one by @aviadl in #46
• Validate session allows session token or refresh token to be empty by @slavikm in #47
• Switch to poetry by @omercnet in #48
• Update dependency jquery to v3.6.1 by @descope in #45
• chore(release): Change publish action to prod pypi by @omercnet in #50

New Contributors

• @guyp-descope made their first contribution in #1
• @aviadl made their first contribution in #3
• @renovate made their first contribution in #6
• @meirwah made their first contribution in #12
• @jeff-descope made their first contribution in #11
• @asafshen made their first contribution in #21
• @Bars92 made their first contribution in #34
• @slavikm made their first contribution in #47
• @omercnet made their first contribution in #48
• @descope made their first contribution in #45

Full Changelog: https://github.com/descope/python-sdk/commits/0.1.0