v2.154.0

2.154.0 (2024-05-31)

Features

• add SAML specific external URL config (#1599) (b352719)
• add support for verifying argon2i and argon2id passwords (#1597) (55409f7)

Bug Fixes

• call write header in write if not written (#1598) (0ef7eb3)
• deadlock issue with timeout middleware write (#1595) (6c9fbd4)

v2.154.0-rc.4

This is a release candidate. See release-please PR #4 for context.

v2.153.1

2.154.0 (2024-05-31)

Features

• add SAML specific external URL config (#1599) (b352719)
• add support for verifying argon2i and argon2id passwords (#1597) (55409f7)

Bug Fixes

• call write header in write if not written (#1598) (0ef7eb3)
• deadlock issue with timeout middleware write (#1595) (6c9fbd4)

v2.153.1-rc.9

This is a release candidate. See release-please PR #3 for context.

v2.153.0

2.153.0 (2024-05-29)

Features

• add actor_via_sso to audit log (#1002) (c52de4a)
• add GOTRUE_<PROVIDER>_SKIP_NONCE_CHECK to skip nonce checks in ODIC flow (#1264) (4291959)
• add is_sso_user column to users which allows duplicate emails to exist on those rows (#828) (0e2cd70)
• add kid, iss, iat claims to the JWT (#1148) (3446197)
• add provider claim to amr when the method is sso/saml (#837) (68acb95)
• add array attribute mapping for SAML (#1526) (7326285)
• add cleanup for session timebox and inactivity timeout (#1298) (9226979)
• add cleanup of unverified factors in 24 hour window (#1379) (0100a80)
• add configuration for custom sms sender hook (#1428) (1ea56b6)
• add CORS allowed headers config (#1197) (7134000)
• add custom access token hook (#1332) (312f871)
• add custom sms hook (#1474) (0f6b29a)
• add database cleanup logic, runs after each request (#875) (aaad5bd)
• add different logout scopes (#1112) (df07540)
• add email rate limit breach metric (#1208) (4ff1fe0)
• add endpoint to resend email confirmation (#912) (a50b5a7)
• add endpoint to unlink identity from user (#1315) (af83b34)
• add error codes (#1377) (e4beea1)
• add Figma provider (#1139) (007324c)
• add fly oauth provider (#1261) (0fe4285)
• add friendly name to enroll factor response (#1277) (3c72faf)
• add generated admin client (#924) (3ee3f34)
• add haveibeenpwned.org password strength check (#1324) (c3acfe7)
• add idempotent refresh token algorithm (#1278) (b0426c6)
• add idle db connection options (duration, count, healthcheck period) (#811) (e187280)
• add inactivity-timeout to sessions (#1288) (6c8a96e)
• add index on user_id of mfa_factors (#1247) (6ea135a)
• add kakao OIDC (#1381) (b5566e7)
• add log entries for pkce (#1068) (9c3ba87)
• add manual linking APIs (#1317) (80172a1)
• add mfa cleanup (#1105) (f5c9afb)
• add mfa indexes (#746) (cb6a879)
• add MFA support (disabled by default) (#736) (940f582)
• add mfa verification postgres hook (#1314) (db344d5)
• Add new Kakao Provider (#834) (bafb89b)
• add new Linkedin OIDC due to deprecated scopes for new linkedin applications (#1248) (f40acfe)
• add opentelemetry tracer and metrics (#679) (650fa3b)
• add password hashing metrics (#769) (47adfef)
• add PKCE (OAuth) (#891) (cf47ec2)
• add pkce recovery (#1022) (1954560)
• add pkce to email_change routes (#1082) (0f8548f)
• add required characters password strength check (#1323) (3991bdb)
• add safe deferred closing (#945) (29c431f)
• add SAML config (disabled by default) (#759) (91fa9bd)
• add saml metadata force update every 24 hours (#1020) (965feb9)
• add send email Hook (#1512) (cf42e02)
• add session id to required claim for output of custom access token hook (#1360) (31222d5)
• add single session per user with tags support (#1297) (69feebc)
• add soft delete option to admin delete endpoint (#489) (2a2f425)
• add sso pkce (#1137) (2c0e0a1)
• add support for Azure CIAM login (#1541) ([1cb4f96](https://github.com/nickmit...

v2.153.0-rc.undefined

This is a release candidate. See release-please PR #1 for context.