Infrastructure/logto

Fork 0

mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00

silverhand-bot 2856f9ee28

release: version packages (#6811 )

2024-11-22 17:04:11 +08:00

109 KiB

Raw Permalink Blame History

Change Log

1.19.0

Minor Changes

640425414: add trustUnverifiedEmail setting for the Microsoft EntraID OIDC SSO connector

Since we launched the EntraID OIDC SSO connector we have received several feedbacks that their customer's email address can not be populated to Logto's user profile when signing up through the EntraID OIDC SSO connector. This is because Logto only syncs verified email addresses, meaning the email_verified claim must be true in the user info response from the OIDC provider.

However, based on Microsoft's documentation, since the user's email address in manually managed by the organization, they are not verified guaranteed. This means that the email_verified claim will not be included in their user info response.

To address this issue, we have added a new trustUnverifiedEmail exclusively for the Microsoft EntraID OIDC SSO connector. When this setting is enabled, Logto will trust the email address provided by the Microsoft EntraID OIDC SSO connector even if the email_verified claim is not included in the user info response. This will allow users to sign up and log in to Logto using their email address without any issues. Please note this may introduce a security risk as the email address is not verified by the OIDC provider. You should only enable this setting if you trust the email address provided by the Microsoft EntraID OIDC SSO connector.

You can configure this setting in the EntraID OIDC SSO connector settings page in the Logto console or through the management API.
640425414: display support email and website info on experience error pages.

Added support email and website info to the error pages of the experience app. E.g. when a user tries to access a page that doesn't exist, or when the social session is not found in a social callback page. This will help users to contact support easily when they encounter an error.

You may configure the support email and website info in the sign-in experience settings page in the Logto console or through the management API.
640425414: add unknown session redirect url in the sign-in experience settings

In certain cases, Logto may be unable to properly identify a user’s authentication session when they land on the sign-in page. This can happen if the session has expired, if the user bookmarks the sign-in URL for future access, or if they directly share the sign-in link. By default, an "unknown session" 404 error is displayed.

To improve user experience, we have added a new unknownSessionRedirectUrl field in the sign-in experience settings.You can configure this field to redirect users to a custom URL when an unknown session is detected. This will help users to easily navigate to your client application or website and reinitiate the authentication process automatically.

1.18.1

Patch Changes

5bb937505: Connector config default values should only show up when creating new connectors

1.18.0

Minor Changes

f150a67d5: display user password information on user details page
e0326c96c: Add personal access token (PAT)

Personal access tokens (PATs) provide a secure way for users to grant access tokens without using their credentials and interactive sign-in.

You can create a PAT by going to the user's detail page in Console or using the Management API POST /users/:userId/personal-access-tokens.

To use a PAT, call the token exchange endpoint POST /oidc/token with the following parameters:
1. grant_type: REQUIRED. The value of this parameter must be urn:ietf:params:oauth:grant-type:token-exchange indicates that a token exchange is being performed.
2. resource: OPTIONAL. The resource indicator, the same as other token requests.
3. scope: OPTIONAL. The requested scopes, the same as other token requests.
4. subject_token: REQUIRED. The user's PAT.
5. subject_token_type: REQUIRED. The type of the security token provided in the subject_token parameter. The value of this parameter must be urn:logto:token-type:personal_access_token.
6. client_id: REQUIRED. The client identifier of the client application that is making the request, the returned access token will contain this client_id claim.
And the response will be a JSON object with the following properties:
1. access_token: REQUIRED. The access token of the user, which is the same as other token requests like authorization_code or refresh_token.
2. issued_token_type: REQUIRED. The type of the issued token. The value of this parameter must be urn:ietf:params:oauth:token-type:access_token.
3. token_type: REQUIRED. The type of the token. The value of this parameter must be Bearer.
4. expires_in: REQUIRED. The lifetime in seconds of the access token.
5. scope: OPTIONAL. The scopes of the access token.
b837efead: add access deny method to the custom token claims script

Introduce a new api parameter to the custom token claims script. This parameter is used to provide more access control context over the token exchange process. Use api.denyAccess() to reject the token exchange request. Use this method to implement your own access control logics.
```
const getCustomJwtClaims: async ({ api }) => {
  // Reject the token request, with a custom error message
  return api.denyAccess('Access denied');
}
```

Patch Changes

ee1947ac4: support entering name while creating a user
ff6b304ba: fix: should not show custom JWT paywall for OSS users
3b9714b99: set lang attribute for <html>
fae8725a4: improve RTL language support

1.17.0

Minor Changes

3a839f6d6: support organization logo and sign-in experience override

Now it's able to set light and dark logos for organizations. You can upload the logos in the organization settings page.

Also, it's possible to override the sign-in experience logo from an organization. Simply add the organization_id parameter to the authentication request. In most Logto SDKs, it can be done by using the extraParams field in the signIn method.

For example, in the JavaScript SDK:
```
import LogtoClient from "@logto/client";

const logtoClient = new LogtoClient(/* your configuration */);

logtoClient.signIn({
  redirectUri: "https://your-app.com/callback",
  extraParams: {
    organization_id: "<organization-id>",
  },
});
```
The value <organization-id> can be found in the organization settings page.

If you could not find the extraParams field in the SDK you are using, please let us know.
b91ec0cd6: add the application custom_data field editor to the application details page in console
62f5e5e0c: support app-level branding

You can now set logos, favicons, and colors for your app. These settings will be used in the sign-in experience when the app initiates the authentication flow. For apps that have no branding settings, the omni sign-in experience branding will be used.

If organization_id is provided in the authentication request, the app-level branding settings will be overridden by the organization's branding settings, if available.
3bf756f2b: use Vite for transpilation and bundling

Removed ParcelJS and replaced with Vite. No breaking changes should be expected, but use a minor version bump to catch your attention.

Important

The browserlist configuration for @logto/experience and been synced with what is stated in README.md.
b188bb161: support multiple app secrets with expiration

Now secure apps (machine-to-machine, traditional web, Protected) can have multiple app secrets with expiration. This allows for secret rotation and provides an even safer experience.

To manage your application secrets, go to Logto Console -> Applications -> Application Details -> Endpoints & Credentials.

We've also added a set of Management APIs (/api/applications/{id}/secrets) for this purpose.

Important

You can still use existing app secrets for client authentication, but it is recommended to delete the old ones and create new secrets with expiration for enhanced security.
62f5e5e0c: support dark favicon

The favicon for the dark theme now can be set in the sign-in experience branding settings.

Patch Changes

3aa7e57b3: fix Google connector scope field can not be reset bug

1.16.0

Minor Changes

eacec10ac: improve machine-to-machine application integration user experience
- Display a role assignment modal to facilitate setting permissions for the newly created machine-to-machine app.
- In the role assignment modal, add a Logto icon to roles that carry the Logto Management API access permission, making it easier for users to select roles with Logto Management API access permission.
- Add a notification for machine-to-machine roles to guide users in using the machine-to-machine role by creating a machine-to-machine application.
- Improve machine-to-machine application integration guide.
87615d58c: support machine-to-machine apps for organizations

This feature allows machine-to-machine apps to be associated with organizations, and be assigned with organization roles.

Console
- Add a new "machine-to-machine" type to organization roles. All existing roles are now "user" type.
- You can manage machine-to-machine apps in the organization details page -> Machine-to-machine apps section.
- You can view the associated organizations in the machine-to-machine app details page.
OpenID Connect grant

The client_credentials grant type is now supported for organizations. You can use this grant type to obtain an access token for an organization.

Management API

A set of new endpoints are added to the Management API:
- /api/organizations/{id}/applications to manage machine-to-machine apps.
- /api/organizations/{id}/applications/{applicationId} to manage a specific machine-to-machine app in an organization.
- /api/applications/{id}/organizations to view the associated organizations of a machine-to-machine app.
061a30a87: support agree to terms polices for Logto’s sign-in experiences
- Automatic: Users automatically agree to terms by continuing to use the service
- ManualRegistrationOnly: Users must agree to terms by checking a box during registration, and don't need to agree when signing in
- Manual: Users must agree to terms by checking a box during registration or signing in
ead51e555: add Ruby app guide
ef21c7a99: support per-organization multi-factor authentication requirement

An organization can now require its member to have multi-factor authentication (MFA) configured. If an organization has this requirement and a member does not have MFA configured, the member will not be able to fetch the organization access token.
0ef712e4e: support Google One Tap configuration
15953609b: support the dynamic config rendering for connector multi-select configuration
b52609a1e: add hasPassword to custom JWT user context
efa884c40: feature: just-in-time user provisioning for organizations

This feature allows users to automatically join the organization and be assigned roles upon their first sign-in through some authentication methods. You can set requirements to meet for just-in-time provisioning.

Email domains

New users will automatically join organizations with just-in-time provisioning if they:
- Sign up with verified email addresses, or;
- Use social sign-in with verified email addresses.
This applies to organizations that have the same email domain configured.

To enable this feature, you can add email domain via the Management API or the Logto Console:
- We added the following new endpoints to the Management API:
  - GET /organizations/{organizationId}/jit/email-domains
  - POST /organizations/{organizationId}/jit/email-domains
  - PUT /organizations/{organizationId}/jit/email-domains
  - DELETE /organizations/{organizationId}/jit/email-domains/{emailDomain}
- In the Logto Console, you can manage email domains in the organization details page -> "Just-in-time provisioning" section.
SSO connectors

New or existing users signing in through enterprise SSO for the first time will automatically join organizations that have just-in-time provisioning configured for the SSO connector.

To enable this feature, you can add SSO connectors via the Management API or the Logto Console:
- We added the following new endpoints to the Management API:
  - GET /organizations/{organizationId}/jit/sso-connectors
  - POST /organizations/{organizationId}/jit/sso-connectors
  - PUT /organizations/{organizationId}/jit/sso-connectors
  - DELETE /organizations/{organizationId}/jit/sso-connectors/{ssoConnectorId}
- In the Logto Console, you can manage SSO connectors in the organization details page -> "Just-in-time provisioning" section.
Default organization roles

You can also configure the default roles for users provisioned via this feature. The default roles will be assigned to the user when they are provisioned.

To enable this feature, you can set the default roles via the Management API or the Logto Console:
- We added the following new endpoints to the Management API:
  - GET /organizations/{organizationId}/jit/roles
  - POST /organizations/{organizationId}/jit/roles
  - PUT /organizations/{organizationId}/jit/roles
  - DELETE /organizations/{organizationId}/jit/roles/{organizationRoleId}
- In the Logto Console, you can manage default roles in the organization details page -> "Just-in-time provisioning" section.
b50ba0b7e: enable backchannel logout support

Enable the support of OpenID Connect Back-Channel Logout 1.0.

To register for backchannel logout, navigate to the application details page in the Logto Console and locate the "Backchannel logout" section. Enter the backchannel logout URL of your RP and click "Save".

You can also enable session requirements for backchannel logout. When enabled, Logto will include the sid claim in the logout token.

For programmatic registration, you can set the backchannelLogoutUri and backchannelLogoutSessionRequired properties in the application oidcClientMetadata object.

Patch Changes

9f33d997b: view and update user's profile property in the user settings page
06ef19905: fix a regression bug that error toasts pop up in audit log when logs are associated with deleted applications
af44e87eb: add Chrome extension guide
136320584: allow skipping manual account linking during sign-in

You can find this configuration in Console -> Sign-in experience -> Sign-up and sign-in -> Social sign-in -> Automatic account linking.

When switched on, if a user signs in with a social identity that is new to the system, and there is exactly one existing account with the same identifier (e.g., email), Logto will automatically link the account with the social identity instead of prompting the user for account linking.
d81e13d21: display OIDC issuer endpoint in the application details form

1.15.0

Minor Changes

b5104d8c1: add new webhook events

We introduce a new event type DataHook to unlock a series of events that can be triggered by data updates (mostly Management API):

User.Created
User.Deleted
User.Data.Updated
User.SuspensionStatus.Updated
Role.Created
Role.Deleted
Role.Data.Updated
Role.Scopes.Updated
Scope.Created
Scope.Deleted
Scope.Data.Updated
Organization.Created
Organization.Deleted
Organization.Data.Updated
Organization.Membership.Updated
OrganizationRole.Created
OrganizationRole.Deleted
OrganizationRole.Data.Updated
OrganizationRole.Scopes.Updated
OrganizationScope.Created
OrganizationScope.Deleted
OrganizationScope.Data.Updated

DataHook events are triggered when the data associated with the event is updated via management API request or user interaction actions.

Management API triggered events

API endpoint	Event
POST /users	User.Created
DELETE /users/:userId	User.Deleted
PATCH /users/:userId	User.Data.Updated
PATCH /users/:userId/custom-data	User.Data.Updated
PATCH /users/:userId/profile	User.Data.Updated
PATCH /users/:userId/password	User.Data.Updated
PATCH /users/:userId/is-suspended	User.SuspensionStatus.Updated
POST /roles	Role.Created, (Role.Scopes.Update)
DELETE /roles/:id	Role.Deleted
PATCH /roles/:id	Role.Data.Updated
POST /roles/:id/scopes	Role.Scopes.Updated
DELETE /roles/:id/scopes/:scopeId	Role.Scopes.Updated
POST /resources/:resourceId/scopes	Scope.Created
DELETE /resources/:resourceId/scopes/:scopeId	Scope.Deleted
PATCH /resources/:resourceId/scopes/:scopeId	Scope.Data.Updated
POST /organizations	Organization.Created
DELETE /organizations/:id	Organization.Deleted
PATCH /organizations/:id	Organization.Data.Updated
PUT /organizations/:id/users	Organization.Membership.Updated
POST /organizations/:id/users	Organization.Membership.Updated
DELETE /organizations/:id/users/:userId	Organization.Membership.Updated
POST /organization-roles	OrganizationRole.Created, (OrganizationRole.Scopes.Updated)
DELETE /organization-roles/:id	OrganizationRole.Deleted
PATCH /organization-roles/:id	OrganizationRole.Data.Updated
POST /organization-scopes	OrganizationScope.Created
DELETE /organization-scopes/:id	OrganizationScope.Deleted
PATCH /organization-scopes/:id	OrganizationScope.Data.Updated
PUT /organization-roles/:id/scopes	OrganizationRole.Scopes.Updated
POST /organization-roles/:id/scopes	OrganizationRole.Scopes.Updated
DELETE /organization-roles/:id/scopes/:organizationScopeId	OrganizationRole.Scopes.Updated

User interaction triggered events

User interaction action	Event
User email/phone linking	User.Data.Updated
User MFAs linking	User.Data.Updated
User social/SSO linking	User.Data.Updated
User password reset	User.Data.Updated
User registration	User.Created

a0b19513b: show version number in the topbar
76fd33b7e: support default roles for users

Patch Changes

e04d9523a: replace the i18n translated hook event label with the hook event value directly in the console
- remove all the legacy interaction hook events i18n phrases
- replace the translated label with the hook event value directly in the console
  - Create new account -> PostRegister
  - Sign in -> PostSignIn
  - Reset password -> PostResetPassword
558986d28: update documentation reference links
c558affac: improve error handling on audit logs
- No longer toasts error messages if the audit log related user entity has been removed.
- Display a fallback user-id (deleted) information instead.

1.14.0

Minor Changes

21bb35b12: refactor the definition of hook event types
- Add DataHook event types. DataHook are triggered by data changes.
- Add "interaction" prefix to existing hook event types. Interaction hook events are triggered by end user interactions, e.g. completing sign-in.
5872172cb: enable custom JWT feature for OSS version

OSS version users can now use custom JWT feature to add custom claims to JWT access tokens payload (previously, this feature was only available to Logto Cloud).
6fe6f87bc: support adding API resource permissions to organization roles and organization permissions in 3rd-party applications

Updates
- Separated the "Organization template" from the "Organization" page, establishing it as a standalone page for clearer navigation and functionality.
- Enhanced the "Organization template" page by adding functionality that allows users to click on an organization role, which then navigates to the organization role details page where users can view its corresponding permissions and general settings.
- Enabled the assignment of API resource permissions directly from the organization role details page, improving role management and access control.
- Split the permission list for third-party apps into two separate lists: user permissions and organization permissions. Users can now add user profile permissions and API resource permissions for users under user permissions, and add organization permissions and API resource permissions for organizations under organization permissions.

Patch Changes

9cf03c8ed: Add Java Spring Boot web integration guide to the application creation page

1.13.0

Minor Changes

5758f84f5: feat(console): support signing-key rotation

Patch Changes

746483c49: api resource indicator must be a valid absolute uri

An invalid indicator will make Console crash without this check.

Note: We don't mark it as a breaking change as the api behavior has not changed, only adding the check on Console.

1.12.1

Patch Changes

677054a24: add Angular, Nuxt, SvelteKit, Expo (React Native) guides

1.12.0

Minor Changes

c14cd1827: add .NET Core Blazor Server guide
32df9acde: add third-party application management pages
- Add the new application category Third-party to the application creation page.
- Add the new application framework OIDC IdP to the application creation page.
- Add new tab Third-party apps to the applications management page. Split the existing applications list into My apps and Third-party apps two different tab for better management.
- Reorg the application details page form. Remove the Advance settings tab and merge all the OIDC configuration fields into the Settings tab.
- Add new Permissions tab to the third-party application details page. Display the user consent resource, organization, and user scopes. And allow the user to manage the user granted organizations for the third-party application.
- Add new Branding tab to the third-party application details page. Allow the user to manage the application level sign-in experiences for the third-party application.
715dba2ce: add .NET Core Blazor WASM guide
31e60811d: use Node 20 LTS for engine requirement.

Note: We mark it as minor because Logto is shipping with Docker image and it's not a breaking change for users.

Patch Changes

9089dbf84: upgrade TypeScript to 5.3.3
04ec78a91: improve error handling when user associated application is removed
8c4bfbce1: Remove the upsell tag on social connectors creation modal in OSS version.

1.11.0

Minor Changes

9a7b19e49: Add single sign-on (SSO) management pages
- Implement new enterprise SSO management pages. Allow create and manage SSO connectors through Logto console.
- Add enabled/disable SSO toggle switch on the sign-in-experience settings page.
becf59169: introduce Logto Organizations

The term "organization" is also used in other forms, such as "workspace", "team", "company", etc. In Logto, we use "organization" as the generic term to represent the concept of multi-tenancy.

From now, you can create multiple organizations in Logto, each of which can have its own users, while in the same identity pool.

Plus, we also introduce the concept of "organization template". It is a set of permissions and roles that applies to all organizations, while a user can have different roles in different organizations.

See 🏢 Organizations (Multi-tenancy) for more details.

Patch Changes

9421375d7: Bump libphonenumber-js to v1.10.51 to support China 19 started phone numbers. Thanks to @agileago

1.10.0

Minor Changes

6727f629d: feature: introduce multi-factor authentication

We're excited to announce that Logto now supports multi-factor authentication (MFA) for your sign-in experience. Navigate to the "Multi-factor auth" tab to configure how you want to secure your users' accounts.

In this release, we introduce the following MFA methods:
- Authenticator app OTP: users can add any authenticator app that supports the TOTP standard, such as Google Authenticator, Duo, etc.
- WebAuthn (Passkey): users can use the standard WebAuthn protocol to register a hardware security key, such as biometric keys, Yubikey, etc.
- Backup codes：users can generate a set of backup codes to use when they don't have access to other MFA methods.
For a smooth transition, we also support to configure the MFA policy to require MFA for sign-in experience, or to allow users to opt-in to MFA.

1.9.0

Minor Changes

87df417d1: feat: support HTTP for webhook requests

Patch Changes

1ab39d19b: fix 500 error when using search component in console to filter both roles and applications.

1.8.0

Minor Changes

a8b5a020f: feature: machine-to-machine (M2M) role-based access control (RBAC)

Summary

This feature enables Logto users to apply role-based access control (RBAC) to their machine-to-machine (M2M) applications.

With the update, Logto users can now effectively manage permissions for their M2M applications, resulting in improved security and flexibility.

New role type: machine-to-machine

We have introduced a new role type, "machine-to-machine".
- When creating a new role, you can select the type (either "machine-to-machine" or "user" type), with "user" type by default if not specified.
- Logto now ONLY allows the selection of the role type during role creation.
Manage "machine-to-machine" roles

You can manage the permissions of a "machine-to-machine" role in the same way as a "user" role.

Logto's management API resources are available to "machine-to-machine" roles but not for "user" roles. "machine-to-machine" roles can only be assigned to M2M applications; and "user" roles can only be assigned to users.

You can assign "machine-to-machine" roles to M2M applications in the following two ways:
- "Applications" on sidebar -> Select an M2M application -> "Roles" tab -> "Assign Roles" button
- "Roles" on sidebar -> Select an M2M role -> "Machine-to-machine apps" tab -> "Assign Applications" button

Patch Changes

18181f892: standardize id and secret generators
- Remove buildIdGenerator export from @logto/shared
- Add generateStandardSecret and generateStandardShortId exports to @logto/shared
- Align comment and implementation of buildIdGenerator in @logto/shared
  - The comment stated the function will include uppercase letters by default, but it did not; Now it does.
- Use generateStandardSecret for all secret generation

1.7.1

Patch Changes

a4b44dde5: add more intuitive code samples and fix mistakes in express api guide

1.7.0

Minor Changes

e8b0b1d02: feature: password policy

Summary

This feature enables custom password policy for users. Now it is possible to guard with the following rules when a user is creating a new password:
- Minimum length (default: 8)
- Minimum character types (default: 1)
- If the password has been pwned (default: true)
- If the password is exactly the same as or made up of the restricted phrases:
  - Repetitive or sequential characters (default: true)
  - User information (default: true)
  - Custom words (default: [])
If you are an existing Logto Cloud user or upgrading from a previous version, to ensure a smooth experience, we'll keep the original policy as much as possible:

The original password policy requires a minimum length of 8 and at least 2 character types (letters, numbers, and symbols).

Note in the new policy implementation, it is not possible to combine lower and upper case letters into one character type. So the original password policy will be translated into the following:
- Minimum length: 8
- Minimum character types: 2
- Pwned: false
- Repetitive or sequential characters: false
- User information: false
- Custom words: []
If you want to change the policy, you can do it:
- Logto Console -> Sign-in experience -> Password policy.
- Update passwordPolicy property in the sign-in experience via Management API.
Side effects
- All new users will be affected by the new policy immediately.
- Existing users will not be affected by the new policy until they change their password.
- We removed password restrictions when adding or updating a user via Management API.

Patch Changes

f8408fa77: rename the package phrases-ui to phrases-experience
18e05586c: fix the app crash when inputting verification code in Console profile page
f6723d5e2: rename the package ui to experience

1.6.0

Minor Changes

d90b4e7f6: add asp.net core tutorial

Patch Changes

0b519e548: allow non-http origins for application CORS

1.5.1

Patch Changes

16d83dd2f: Allow editing refresh token TTL for non-M2M applications (include SPA type)

1.5.0

Minor Changes

ecbecd8e4: various application improvements
- Show OpenID Provider configuration endpoint in Console
- Configure "Rotate Refresh Token" in Console
- Configure "Refresh Token TTL" in Console

1.4.0

Minor Changes

73666f8fa: Provide new features for webhooks

Features
- Manage webhooks via the Admin Console
- Securing webhooks by validating signature
- Allow to enable/disable a webhook
- Track recent execution status of a webhook
- Support multi-events for a webhook
Updates
- schemas: add name, events, signingKey, and enabled fields to the hook schema
- core: change the user-agent value from Logto (https://logto.io) to Logto (https://logto.io/) in the webhook request headers
- core: deprecate event field in all hook-related APIs, use events instead
- core: deprecate retries field in the HookConfig for all hook-related APIs, now it will fallback to 3 if not specified and will be removed in the future
- core: add new APIs for webhook management
  - GET /api/hooks/:id/recent-logs to retrieve recent execution logs(24h) of a webhook
  - POST /api/hooks/:id/test to test a webhook
  - PATCH /api/hooks/:id/signing-key to regenerate the signing key of a webhook
- core: support query webhook execution stats(24h) via GET /api/hooks/:id and GET /api/hooks/:id by specifying includeExecutionStats query parameter
- console: support webhook management
268dc50e7: Support setting default API Resource from Console and API
- New API Resources will not be treated as default.
- Added PATCH /resources/:id/is-default to setting isDefault for an API Resource.
  - Only one default API Resource is allowed per tenant. Setting one API default will reset all others.
497d5b526: Support updating sign-in identifiers in user details form
- Admin can now update user sign-in identifiers (username, email, phone number) in the user details form in user management.
- Other trivial improvements and fixes, e.g. input field placeholder, error handling, etc.

1.3.0

Minor Changes

5d6720805: add config alwaysIssueRefreshToken for web apps to unblock OAuth integrations that are not strictly conform OpenID Connect.

when it's enabled, Refresh Tokens will be always issued regardless if prompt=consent was present in the authorization request.

1.2.4

Patch Changes

a65bc9b13: Should ignore empty number input box when parsing connector config form.

1.2.3

Patch Changes

046a5771b: upgrade i18next series packages (#3733, #3743)

1.2.2

Patch Changes

748878ce5: add React context and hook to app-insights, fix init issue for frontend projects

1.2.1

Patch Changes

352807b16: support setting cloud role name for AppInsights in React

1.2.0

Minor Changes

c5eb3a2ba: support create user by multiple identifiers
5553425fc: support suspend user

Patch Changes

6cbc90389: ensure all log keys present in the filter, remove deprecated log keys, fix log event filter
457cb2822: Adding social connectors will now mark the related get-started action item as completed.
4945b0be2: Apply security headers

Apply security headers to logto http request response using (helmetjs)[https://helmetjs.github.io/].
- crossOriginOpenerPolicy
- crossOriginEmbedderPolicy
- crossOriginResourcePolicy
- hidePoweredBy
- hsts
- ieNoOpen
- noSniff
- referrerPolicy
- xssFilter
- Content-Security-Policy

1.1.0

Patch Changes

484f08523: Fix connector config form's validation for "switch" field.

1.0.3

1.0.2

1.0.1

1.0.0

Major Changes

c12717412: Decouple users and admins

💥 BREAKING CHANGES 💥

Logto was using a single port to serve both normal users and admins, as well as the web console. While we continuously maintain a high level of security, it’ll still be great to decouple these components into two separate parts to keep data isolated and provide a flexible infrastructure.

From this version, Logto now listens to two ports by default, one for normal users (3001), and one for admins (3002).
- Nothing changed for normal users. No adaption is needed.
- For admin users:
  - The default Admin Console URL has been changed to http://localhost:3002/console.
  - To change the admin port, set the environment variable ADMIN_PORT. For instance, ADMIN_PORT=3456.
  - You can specify a custom endpoint for admins by setting the environment variable ADMIN_ENDPOINT. For example, ADMIN_ENDPOINT=https://admin.your-domain.com.
  - You can now completely disable admin endpoints by setting ADMIN_DISABLE_LOCALHOST=1 and leaving ADMIN_ENDPOINT unset.
  - Admin Console and admin user data are not accessible via normal user endpoints, including localhost and ENDPOINT from the environment.
  - Admin Console no longer displays audit logs of admin users. However, these logs still exist in the database, and Logto still inserts admin user logs. There is just no convenient interface to inspect them.
  - Due to the data isolation, the numbers on the dashboard may slightly decrease (admins are excluded).
If you are upgrading from a previous version, simply run the database alteration command as usual, and we'll take care of the rest.

Note

DID YOU KNOW

Under the hood, we use the powerful Postgres feature Row-Level Security to isolate admin and user data.
1c9160112: ### Features
- Enhanced user search params #2639
- Web hooks
Improvements
- Refactored Interaction APIs and Audit logs
f41fd3f05: drop settings table and add systems table

BREAKING CHANGES
- core: removed GET /settings and PATCH /settings API
- core: added GET /configs/admin-console and PATCH /configs/admin-console API
  - /configs/* APIs are config/key-specific now. they may have different logic per key
- cli: change valid logto db config keys by removing alterationState and adding adminConsole since:
  - OIDC configs and admin console configs are tenant-level configs (the concept of "tenant" can be ignored until we officially announce it)
  - alteration state is still a system-wide config

Minor Changes

343b1090f: ### Add dynamic favicon and html title
- Add the favicon field in the sign-in-experience branding settings. Users would be able to upload their own favicon. Use local logto icon as a fallback
- Set different html title for different pages.
  - sign-in
  - register
  - forgot-password
  - logto
c12717412: ## Creating your social connector with ease

We’re excited to announce that Logto now supports standard protocols (SAML, OIDC, and OAuth2.0) for creating social connectors to integrate external identity providers. Each protocol can create multiple social connectors, giving you more control over your access needs.

To simplify the process of configuring social connectors, we’re replacing code-edit with simple forms. SAML already supports form configuration, with other connectors coming soon. This means you don’t need to compare documents or worry about code format.
343b1090f: - Automatically create a new tenant for new cloud users
- Support path-based multi-tenancy
343b1090f: Allow admin tenant admin to create tenants without limitation
343b1090f: ### Add privacy policy url

In addition to the terms of service url, we also provide a privacy policy url field in the sign-in-experience settings. To better support the end-users' privacy declaration needs.
343b1090f: New feature: User account settings page
- We have removed the previous settings page and moved it to the account settings page. You can access to the new settings menu by clicking the user avatar in the top right corner.
- You can directly change the language or theme from the popover menu, and explore more account settings by clicking the "Profile" menu item.
- You can update your avatar, name and username in the profile page, and also changing your password.
- [Cloud] Cloud users can also link their email address and social accounts (Google and GitHub at first launch).
343b1090f: remove the branding style config and make the logo URL config optional
343b1090f: Add custom CSS code editor so that users can apply advanced UI customization.
- Users can check the real time preview of the CSS via SIE preview on the right side.
2168936b9: Sign-in Experience v2

We are thrilled to announce the release of the newest version of the Sign-in Experience, which includes more ways to sign-in and sign-up, as well as a framework that is easier to understand and more flexible to configure in the Admin Console.

When compared to Sign-in Experience v1, this version’s capability was expanded so that it could support a greater variety of flexible use cases. For example, now users can sign up with email verification code and sign in with email and password.

We hope that this will be able to assist developers in delivering a successful sign-in flow, which will also be appreciated by the end users.
f41fd3f05: Replace the sms naming convention using phone cross logto codebase. Including Sign-in Experience types, API paths, API payload and internal variable names.

Patch Changes

343b1090f: ## Refactor the Admin Console 403 flow
- Add 403 error handler for all AC API requests
- Show confirm modal to notify the user who is not authorized
- Click confirm button to sign out and redirect user to the sign-in page
343b1090f: add deletion confirm for in-used passwordless connectors
38970fb88: Fix a Sign-in experience bug that may block some users to sign in.
343b1090f: Seed data for cloud
- cli!: remove oidc option for database seed command as it's unused
- cli: add hidden --cloud option for database seed command to init cloud data
- cli, cloud: appending Redirect URIs to Admin Console will deduplicate values before update
- move UrlSet and GlobalValues to @logto/shared
1c9160112: Various UI improvements

1.0.0-rc.3

1.0.0-rc.2

Major Changes

c12717412: Decouple users and admins

💥 BREAKING CHANGES 💥

Logto was using a single port to serve both normal users and admins, as well as the web console. While we continuously maintain a high level of security, it’ll still be great to decouple these components into two separate parts to keep data isolated and provide a flexible infrastructure.

From this version, Logto now listens to two ports by default, one for normal users (3001), and one for admins (3002).
- Nothing changed for normal users. No adaption is needed.
- For admin users:
  - The default Admin Console URL has been changed to http://localhost:3002/console.
  - To change the admin port, set the environment variable ADMIN_PORT. For instance, ADMIN_PORT=3456.
  - You can specify a custom endpoint for admins by setting the environment variable ADMIN_ENDPOINT. For example, ADMIN_ENDPOINT=https://admin.your-domain.com.
  - You can now completely disable admin endpoints by setting ADMIN_DISABLE_LOCALHOST=1 and leaving ADMIN_ENDPOINT unset.
  - Admin Console and admin user data are not accessible via normal user endpoints, including localhost and ENDPOINT from the environment.
  - Admin Console no longer displays audit logs of admin users. However, these logs still exist in the database, and Logto still inserts admin user logs. There is just no convenient interface to inspect them.
  - Due to the data isolation, the numbers on the dashboard may slightly decrease (admins are excluded).
If you are upgrading from a previous version, simply run the database alteration command as usual, and we'll take care of the rest.

Note

DID YOU KNOW

Under the hood, we use the powerful Postgres feature Row-Level Security to isolate admin and user data.

Minor Changes

c12717412: ## Creating your social connector with ease

We’re excited to announce that Logto now supports standard protocols (SAML, OIDC, and OAuth2.0) for creating social connectors to integrate external identity providers. Each protocol can create multiple social connectors, giving you more control over your access needs.

To simplify the process of configuring social connectors, we’re replacing code-edit with simple forms. SAML already supports form configuration, with other connectors coming soon. This means you don’t need to compare documents or worry about code format.

1.0.0-rc.1

1.0.0-rc.0

Major Changes

f41fd3f0: drop settings table and add systems table

BREAKING CHANGES
- core: removed GET /settings and PATCH /settings API
- core: added GET /configs/admin-console and PATCH /configs/admin-console API
  - /configs/* APIs are config/key-specific now. they may have different logic per key
- cli: change valid logto db config keys by removing alterationState and adding adminConsole since:
  - OIDC configs and admin console configs are tenant-level configs (the concept of "tenant" can be ignored until we officially announce it)
  - alteration state is still a system-wide config

Minor Changes

f41fd3f0: Replace the sms naming convention using phone cross logto codebase. Including Sign-in Experience types, API paths, API payload and internal variable names.

1.0.0-beta.19

1.0.0-beta.18

Major Changes

1c916011: ### Features
- Enhanced user search params #2639
- Web hooks
Improvements
- Refactored Interaction APIs and Audit logs

Patch Changes

1c916011: Various UI improvements

1.0.0-beta.17

1.0.0-beta.16

Patch Changes

38970fb8: Fix a Sign-in experience bug that may block some users to sign in.

1.0.0-beta.15

1.0.0-beta.14

1.0.0-beta.13

Minor Changes

2168936b: Sign-in Experience v2

We are thrilled to announce the release of the newest version of the Sign-in Experience, which includes more ways to sign-in and sign-up, as well as a framework that is easier to understand and more flexible to configure in the Admin Console.

When compared to Sign-in Experience v1, this version’s capability was expanded so that it could support a greater variety of flexible use cases. For example, now users can sign up with email verification code and sign in with email and password.

We hope that this will be able to assist developers in delivering a successful sign-in flow, which will also be appreciated by the end users.

All notable changes to this project will be documented in this file. See Conventional Commits for commit guidelines.

1.0.0-beta.12 (2022-10-19)

Note: Version bump only for package @logto/console

1.0.0-beta.11 (2022-10-19)

Features

add vertical center support (#2032) (5eeb06e)
console: add a11y lint to ac (#2066) (37d2b0c)
console: add custom language (#2029) (800ac7f)
console: auto detect language setting (#1941) (cdfaf8b)
console: delete custom phrases (#2065) (68e8884)
console: display unsaved alert on custom phrases changed (#1994) (0679a6a)
console: manage language (#1981) (48832e5)

Bug Fixes

add redirectURI validation on frontend & backend (#1874) (4b0970b)
console: checkbox styles (7c85e50)
console: clear select state on close modal (#2071) (b6b9d7c)
console: language editor form should be dirty on clear button clicked (#2037) (1223d23)
console: remove connector id and prevent text overflow (#2072) (05b5025)
console: responsive modal items layout (#2160) (ac38a7f)
console: save generated password in session storage (#2116) (8a7f875)
console: set undefined value to empty string in custom phrases (#2074) (81f9fbc)
console: show correct password after reset (#2063) (02c082c)
console: use fallback language in preview (#1960) (f25ae4d)

1.0.0-beta.10 (2022-09-28)

⚠ BREAKING CHANGES

core: update user scopes (#1922)

Features

console: auto detect language setting (#1941) (49b4303)
console: configure M2M app access (#1999) (a75f8fe)
core: machine to machine apps (cd9c697)

Bug Fixes

bump react sdk and essentials toolkit to support CJK characters in idToken (2f92b43)
console: add sandbox attribute to iframe (#1926) (14cb043)
console: get prefixed router basename in local dev env (ccbe5da)
console: old value does not flash back on saving form (cdbd8d7)
console: use fallback language in preview (#1960) (de4c46e)

Reverts

Revert "feat(console): auto detect language setting (#1941)" (#2004) (ad1d1e3), closes #1941 #2004
Revert "fix(console): use fallback language in preview (#1960)" (#2003) (fa98452), closes #1960 #2003

Code Refactoring

core: update user scopes (#1922) (8d22b5c)

1.0.0-beta.9 (2022-09-07)

Features

console: press tab to insert 2 spaces in code editor (#1871) (c57228c)

Bug Fixes

console,ui: fix locale guard issue in settings page (e200578)
console: input invalid format content in multitextinput will not crash the app (035be48)
downgrade to sdk 1.0.0-beta.2 (#1896) (91d1bf8)

1.0.0-beta.8 (2022-09-01)

Note: Version bump only for package @logto/console

1.0.0-beta.6 (2022-08-30)

Features

console: allow to disable create account (#1806) (67305ec)
console: express integration guide (#1807) (8e4ef2f)

Bug Fixes

console: change step title to sentence case (#1814) (82cd315)

1.0.0-beta.5 (2022-08-19)

⚠ BREAKING CHANGES

core,console: remove /me apis (#1781)

Bug Fixes

console: show platform icons in connector table (#1792) (31f2439)

Code Refactoring

core,console: remove /me apis (#1781) (2c6171c)

1.0.0-beta.4 (2022-08-11)

Features

console: add app secret to guide (#1735) (380e258)
console: show app secret (#1723) (01dfeed)

Bug Fixes

build and types (8b51543)
ui,console,demo-app: update react render method (#1750) (4b972f2)

1.0.0-beta.3 (2022-08-01)

Features

console: add Next.js integration guide in admin console (7d3f947)
console: checked if sign in method is primary (#1706) (405791f)
phrases: tr language (#1707) (411a8c2)

Bug Fixes

console: app error illustration height should not be shrunk (301cc6c)
console: should not display unsaved changes alert on connector config updated (#1685) (61b65a7)

Reverts

Revert "feat(console): checked if sign in method is primary" (#1712) (2229dce), closes #1712 #1706

1.0.0-beta.2 (2022-07-25)

Bug Fixes

console: code editor content should be editable on firefox (56ded3e)
console: connector can be dragged upwards to reorder (038bba4)
console: remove annoying horizontal scrollbar from code editor (7dba908)
console: should parse to json before using zod safeParse (ec674ec)

1.0.0-beta.1 (2022-07-19)

Features

console: add a declaration file for react-i18next (#1556) (6ae5e7d)
console: update dashboard chart y-axis tick format (#1590) (951c6fa)

Bug Fixes

console: docs link doesn't work for en-US locale (#1594) (78fcb03)
console: external links in readme should be opened in new tab (23ff0bf)
console: language select box initial value should not be empty (26f47d8)
console: navigate to new connector details page after switching connector (1615e36)

1.0.0-beta.0 (2022-07-14)

Bug Fixes

console: markdown toc links that contain special characters should work (#1543) (1b056f1)
console: redirect uri field label should display properly in guide (#1549) (020f294)
console: should display user avatar through google connector (e2f5263)
console: should not display unsaved alert on item deleted (#1507) (459af38)
console: should not display unsaved alert on settings updated (#1508) (5dcdc62)
console: tooltip style (#1517) (f387652)

1.0.0-alpha.4 (2022-07-08)

Features

console: add placeholder for connector sender test (#1476) (8e85a11)
expose zod error (#1474) (81b63f0)

Bug Fixes

console: add unsaved changes warning in settings page (2cdbf37)
console: admin console language detection (a8f18e5)
console: connector guide should not have sub title (#1471) (8009d9b)
console: connector placeholder icon should not have background color (#1472) (130817f)
console: do not show unsaved alert after delete connector (#1496) (61a6b1a)
console: docs link in get-started should be localized (#1482) (800f047)
console: hide demo-app from topbar get-started progress if it is deleted (b0bdd90)
console: hide single platform universal connector tab (3d944a5)
console: hide the add connectors hint when no connectors found on sign-in-experience page (#1473) (d309400)
console: improve error handling in connector details and sender tester (d9ce4a0)
console: mutate after connector delete (#1475) (da882ce)
console: pagination color should be color-text-link (#1466) (481b6a0)
console: provide fallback value for language field in settings (5ad5eb2)
console: remove session doc link (#1479) (bb790ce)
console: set language in request header (#1485) (f2195dd)
console: specify toast type (#1499) (bdbeee0)

1.0.0-alpha.3 (2022-07-07)

Features

console: open docs on documentation tab clicked (#1444) (340c641)

Bug Fixes

console: language auto detection (7c880fc)
console: mutate data after sie welcome done (#1447) (33106aa)
console: set user select to none for link button (#1446) (d293de0)
console: vanilla sdk integration guide (58fe92e)

1.0.0-alpha.2 (2022-07-07)

Features

console: add unsaved changes alert for connector config (#1414) (78407fc)
console: user settings unsaved changes alert (#1411) (14b27b6)

Bug Fixes

console: chagne user added modal button to done (#1438) (ec82507)
console: dashboard chart yaxios width (#1435) (b26fb0c)
console: fix typo for variant (#1423) (f6be19e)
console: use icon button in copytoclipboard (#1440) (f8a9743)
ui: set ui specific i18n storage key (#1441) (5b121d7)

1.0.0-alpha.1 (2022-07-05)

Features

console: unsaved changes alert (#1409) (098367e)

Bug Fixes

console: dashbaord chart grid color (#1417) (1d5f69d)
console: leave page button should be primary on unsaved changes alert modal (#1421) (be004fa)

1.0.0-alpha.0 (2022-07-04)

Features

console: update task complete icon (#1395) (06f190b)

Bug Fixes

console: disable secondary should remove sign in methods (#1384) (6e3c461)
console: hide reset description on dark-mode primary color matched (#1394) (de8f476)
console: remove userinfo endpoint on application details page (#1391) (a837d79)
console: save sie when secondary method is disabled (#1410) (52fee4c)
console: use png for calendar icon (#1385) (f01390a)

0.1.2-alpha.5 (2022-07-03)

Note: Version bump only for package @logto/console

0.1.2-alpha.4 (2022-07-03)

Note: Version bump only for package @logto/console

0.1.2-alpha.3 (2022-07-03)

Features

console: add traditional web guide - express js demo (60c9ceb)

0.1.2-alpha.2 (2022-07-02)

Features

console: add loading skeleton to sign in experience page (76921f5)

0.1.2-alpha.1 (2022-07-02)

Note: Version bump only for package @logto/console

0.1.2-alpha.0 (2022-07-02)

Note: Version bump only for package @logto/console

0.1.1-alpha.0 (2022-07-01)

Features

ac: implement admin console welcome page (#1139) (b42f4ba)
connector: apple (#966) (7400ed8)
console,core: hide admin user (#1182) (9194a6e)
console,ui: generate dark mode color in console (#1231) (f72b21d)
console: add 404 page in admin console (0d047fb)
console: add app icon and api icon (#830) (373d349)
console: add application column in user management (#728) (a035587)
console: add column lastSignIn in user management (#679) (a0b4b98)
console: add comopnent alert (#706) (60920c2)
console: add date picker in dashboard (#1085) (5a073ce)
console: add details summary component in guides (693c4f0)
console: add drawer animation (#760) (dd8b767)
console: add integration guide for vue sdk (423b1a9)
console: add integration guide for vue sdk (4931923)
console: add mobile web tab in preview (#1214) (9b6fd4c)
console: add page loading skeleton to data table and detail pages (9b8658d)
console: add placeholders (#1277) (c26ca08)
console: add prevew in guide modal (#839) (002f839)
console: add user dropdown and sign out button (5a09e7d)
console: audit log filters (#1004) (a0d562f)
console: audit log table (#1000) (fdd12de)
console: autofocus in create modal (#785) (b8143ff)
console: clear search results (#1199) (a2de467)
console: configure cors-allowed-origins (#695) (4a0577a)
console: connector detail top card (5288d6d)
console: connector groups table (#962) (eb3f0cb)
console: connector in use status (#1012) (542d574)
console: connector logo and platform icon (#892) (97e6bdd)
console: connector warnings in sign in methods (#710) (cd03130)
console: contact us icon and texts (#836) (c3785d8)
console: dark logo (#860) (664a218)
console: dashboard blocks and curve (#1076) (c38fab8)
console: dashboard skeleton (#1077) (5afbe9d)
console: disable existing connectors when adding (#1018) (19380d0)
console: disallow management api deletion and renaming (#1233) (568b75d)
console: display topbar shadow while scrolling (#1340) (b3774cd)
console: dynamic sign in methods form (#666) (5944ff0)
console: error handling in dashboard (#1090) (6d3857e)
console: form field tooltip (#786) (1c7de47)
console: group connectors in add modal (#1029) (fa420c9)
console: hard code admin display name with username (#1348) (496b17b)
console: hide get-started page on clicking 'Hide this' button (7fd42fd)
console: implement get started page (9790767)
console: implement get-started progress indicator component (ed9387b)
console: init dashboard (#1006) (28e09b6)
console: input error message (#1050) (458602f)
console: integrate admin console language settings (048290b)
console: integrate dark mode settings (a04f818)
console: log details page (#1064) (0421195)
console: multi-text-input delete reminder (#752) (04fc5d4)
console: page skeleton animation mixin (de97bb5)
console: platform label in connectors table (#1034) (96701bc)
console: preview device wrapper (#896) (540bf9c)
console: reset user password (#1266) (8c46ead)
console: show app guide in "Check Help Guide" drawer (e3cab67)
console: sie form reorg (#1218) (2c41334)
console: sign in exp guide (#755) (bafd094)
console: sign in experience preview (#783) (6ab54c9)
console: sign in experience setup others tab (#662) (875a31e)
console: sign in experience welcome page (#746) (d815d96)
console: sign in methods change alert (#701) (a1ceea0)
console: support dark logo for connectors (#1226) (a8467fd)
console: support persisting get-started progress in settings config (43b2309)
console: update connector icons (#935) (f01d113)
console: update pagination size and color (#1153) (fdb8b24)
console: update user management table row height and avatar size (#1151) (b2b7f37)
console: user connector delete confirmation (#1165) (4905a5d)
console: user icon (#857) (9f94f16)
console: user logs (#1082) (c4a0d7a)
core,connectors: update Aliyun logo and add logo_dark to Apple, Github (#1194) (98f8083)
core,console: change admin user password (#1268) (a4d0a94)
core,console: connector platform tabs (#887) (65fb36c)
core,console: social connector targets (#851) (127664a)
core: add welcome route (#1080) (f6f562a)
core: identities key should use target not connectorId (#1115) (41e37a7), closes #1134
core: serve connector logo (#931) (5b44b71)
core: update connector db schema (#732) (8e1533a)
dashboard: add tooltip to dashboard items (#1089) (9dd73ac)
demo-app: implement (part 2) (85a055e)
demo-app: implementation (#982) (7f4f4f8)
demo-app: implementation (3/3) (#1021) (91e2f05)
remove target, platform from connector schema and add id to metadata (#930) (054b0f7)
ui: implement preview mode (#852) (ef19fb3)
update field check rules (#854) (85a407c)
use user level custom data to save preferences (#1045) (f2b44b4)

Bug Fixes

lint:report script (#730) (3b17324)
ac: fix ac text input (#1023) (498b370)
console,core: only show enabled connectors in sign in methods (#988) (4768181)
console: add border and shadow to preview (#957) (5fc2c99)
console: add bottom color for connector logos (#1186) (c5cebfc)
console: add code editor field label (#1170) (9aab5ee)
console: add connector button in table empty state (#1224) (1905fb5)
console: add hover state to hide guide button (#1328) (323895a)
console: add letter spacing for sign-in-experience title (#1033) (cf4bd1b)
console: add mobile platform preview description (#1032) (6167e5c)
console: add sie preview nav margin (#1275) (210ddce)
console: add toast message on save uri success in guide (129ce0b)
console: adding social connector should complete corresponding get-started task (8797c2d)
console: adjust preview size (#951) (fa14589)
console: align added sign-in method with table head content (#1028) (c084b44)
console: align usage of customizeSignInExperience (#837) (808a676)
console: application icon size (#1237) (86aec6c)
console: application integrate SDK guides (b616e71)
console: auto generate password (#1133) (a424f1b)
console: back to social connectors (#889) (8cf72d9)
console: bump react sdk to 0.1.13 to resolve sign in issue (fb34cdc)
console: button loading spinner position (b41b8f1)
console: button space on the guide header (#1317) (0e93792)
console: call settings API after user authentication (3f25d4e)
console: change account modal margin (#1344) (f1a7cb3)
console: change checkbox to controlled comp (#1235) (9a72a34)
console: checkbox style (#1327) (2f3c9ae)
console: clear error message before saving connector config (#1273) (da48784)
console: connector card item style (#1192) (ed3c93a)
console: connector details save changes footer (#736) (2d9b708)
console: connector guide (#990) (3c37739)
console: connector guide setup content should scroll in the whole container (#1314) (05399b5)
console: connector name in user detials (#1147) (94084a4)
console: connector row clickable (#1108) (2a4a61d)
console: connector sender test loading state (#1290) (7d47433)
console: contact us icons (#1181) (e39704a)
console: create connector form alignment (#1220) (ebfab1d)
console: dashboard chart style (#1177) (cf47044), closes #1178
console: date picker input height (#1171) (6ca1395)
console: details page should not be shrinked (#1338) (d73663a)
console: display dark mode color setting only when dark mode is enabled (#1027) (a506dc5)
console: display default avatar when the avatar is empty (#1191) (71ed416)
console: dropdown max height (#1155) (402d19d)
console: dropdown padding (#1168) (56d3f96)
console: error callstack content should not overflow container (933950c)
console: error message in text input component (#1060) (93916bf)
console: fetch settings with swr on app init (c7344c2)
console: fix connector platform label i18n (#1347) (b18388c)
console: fix dark mode char tooltip background (#1345) (f6bf53b)
console: fix dashboard date (#1274) (8c0ceff)
console: fix infinite loading issue when not authenticated (32facc6)
console: fix info icon vertical alignment (#1106) (888c3d7)
console: fix margin for SIE section (#1212) (be56c75)
console: fix platform label prefix caused by merge (#1049) (1dffcd2)
console: fix SIE title padding (#1211) (ca77a41)
console: get-started progress style (#1343) (67a87bb)
console: hide split line when username is empty (#949) (d8c8c04)
console: hide url input on terms of use disabled (#1270) (1e6ad9f)
console: hide user column (#1296) (9b19b0e)
console: icon colors on the action menu (#1179) (d71c18c)
console: icons in item preview should not be shrinked (#1234) (2d66302)
console: improve horizontal scrollbar thumb styles (818b1d7)
console: improve swr error handling to avoid app crash (da77a1d)
console: item preview alignment (#1159) (5c43da2)
console: jump to enabled connector (#1225) (833436a)
console: last button in guide should be primary type (2036570)
console: limit preview options (#1203) (4d16131)
console: long text should wrap in code editor (cbe2497)
console: misc improvements and ui fixes (b653478)
console: move save changes into form (#712) (aed7442)
console: mutate settings after SIE guide done (#1198) (ee2578b)
console: new platform tab colors (#1158) (1bb770f)
console: new ui in save changes footer (#661) (19b9db8)
console: only check demo app existence on get-started page (e8ef4b6)
console: only show enabled connectors in table (#1156) (4dbeb22)
console: open new tab for setup connectors (#843) (070a52c)
console: others form height in SIE (#1210) (8d2f88b)
console: page content should not jump on scrollbar present (#1306) (6d5a4f8)
console: pass enabled connectors to preview (#1209) (ac74309)
console: prevent autofill background color (#749) (0f5491b)
console: prevent cell overflow for user table (#1215) (f5de519)
console: preview mobile device color (#958) (49b7908)
console: read-only text field background color should use color-layer-2 (#1154) (ac99c26)
console: reduce refresh frequency in preview (#950) (b61f70f)
console: reduce welcome image size (#844) (977b75b)
console: remove plain copytoclipboard padding (#675) (e7faf32)
console: remove redundant required label (#1030) (248e43d)
console: remove role edit from user details (#1173) (520f66c)
console: remove sign in methods form fields in guilde (#1174) (e0be4fe)
console: remove text input error state from delete form (#1302) (9e67e59)
console: remove the close button from toast (#1318) (40c8d0e)
console: remove underline in the empty table (#1180) (1704f57)
console: remove unused api resource help button (#1217) (e5249e2)
console: reset password label (#1300) (628ac46)
console: resolve js warning reported in code editor component (c5d1488)
console: return to user-details page from user-log-details page (#1135) (294c600)
console: save changes button on settings page (#1167) (97faade)
console: sdk selector content in the guide should be left-aligned (#1316) (99cd56f)
console: select the old primary sign-in method when the primary method change (#1062) (b2b7189)
console: set input type in connector tester (#1160) (25e94a4)
console: set preview desktop background color (#1292) (a1726d5)
console: set switch default value to false (#1197) (f9f646c)
console: should not append slash in cors allowed uri (#1001) (826f368)
console: should return to previous page when on sign-in-experience and app details page (#1137) (ae0caa8)
console: show enabled platforms in detail tab (#989) (0656b6d)
console: show user id in users table (#1269) (7d5dd1a)
console: sie guide skip (#1271) (8dedd9d)
console: sign in exp layout (#1142) (3668b66)
console: sms and email connector in use status (#1161) (a868c1f)
console: socialConnectors in preview data (#862) (a2cd983)
console: special application name for admin console (#997) (a0ff900)
console: stop swr retry on error 401 and 403 (db59e3c)
console: text field style in settings (#739) (890028d)
console: text input autofill styles (e8a433d)
console: tip icon color (#805) (5b2fe32)
console: tooltip vertical offset (#1169) (99090e3)
console: typo (#810) (bc19a29)
console: ui fixes (#678) (dc976d8)
console: update get-started enable passwordless button text to "Enable" (f7d2e4c)
console: update shadow styles (#813) (2e410e7)
console: update terms of use (#1122) (9262a6f)
console: update user data (#1184) (a3d3a79)
console: upgrade react-sdk 0.1.7 (a814e2c)
console: use box shadow on radio group item hovered (#1321) (953e7c6)
console: use custom icon in date input (#1172) (43711f2)
console: use native color picker style (#819) (628e025)
console: use small size dropdown in sign in experience preview (#1083) (407bd6f)
console: user connector table bottom line (#1037) (f94a3f8)
console: user connectors name (#1164) (d36a7ab)
console: user details card footer (#1175) (7fb88f2)
console: user management search result (#1130) (3a814a6)
console: wrap connector id with copytoclipboard (#1025) (dfc51b6)
console: wrap routes with appcontent (#1052) (88e2120)
core,console: delete specific user identities by target (#1176) (ad86bc8)
delete custom domain (#737) (8a48fb6)
revert "chore(deps): update parcel monorepo to v2.6.0" (877bbc0)
revert "refactor(console): handle user navigates to 'callback' after authenticated" (8584680)

109 KiB Raw Permalink Blame History Unescape Escape

Change Log

1.19.0

Minor Changes

1.18.1

Patch Changes

1.18.0

Minor Changes

Patch Changes

1.17.0

Minor Changes

Patch Changes

1.16.0

Minor Changes

Console

OpenID Connect grant

Management API

Email domains

SSO connectors

Default organization roles

Patch Changes

1.15.0

Minor Changes

Management API triggered events

User interaction triggered events

Patch Changes

1.14.0

Minor Changes

Updates

Patch Changes

1.13.0

Minor Changes

Patch Changes

1.12.1

Patch Changes

1.12.0

Minor Changes

Patch Changes

1.11.0

Minor Changes

Patch Changes

1.10.0

Minor Changes

1.9.0

Minor Changes

Patch Changes

1.8.0

Minor Changes

Summary

New role type: machine-to-machine

Manage "machine-to-machine" roles

Patch Changes

1.7.1

Patch Changes

1.7.0

Minor Changes

Summary

Side effects

Patch Changes

1.6.0

Minor Changes

Patch Changes

1.5.1

Patch Changes

1.5.0

Minor Changes

1.4.0

Minor Changes

Features

Updates

1.3.0

Minor Changes

1.2.4

Patch Changes

1.2.3

Patch Changes

1.2.2

Patch Changes

1.2.1

Patch Changes

109 KiB

Raw Permalink Blame History