v4.0.0 (2024-11-27)
💡 Check the Migration Guide to understand the changes required to migrate your application to v4.
💡 Check the v4.0.0-beta.0 to understand other major changes .
- BREAKING CHANGE:
requireLocalAuthentication
method is no longer available as part of the CredentialsManager class or the useAuth0 Hook from v4 of the SDK. Refer Migration Guide for more details.
Added
v4.0.0-beta.0 (2024-08-05)
- BREAKING CHANGE: Updated Android SDK to v3 beta & fixed issues with biometrics Authentication on Android. #940 (desusai7)
Added
v3.2.1 (2024-05-09)
Fixed
Security
- chore(deps-dev): bump expo from 50.0.17 to 50.0.18 #902 (dependabot[bot])
- chore(deps-dev): bump @types/jest from 29.5.11 to 29.5.12 #901 (dependabot[bot])
- chore(deps-dev): bump @testing-library/react from 14.1.2 to 14.3.1 #900 (dependabot[bot])
- chore(deps-dev): bump pod-install from 0.1.39 to 0.2.2 #899 (dependabot[bot])
- chore(deps-dev): bump @types/react-native from 0.72.8 to 0.73.0 #898 (dependabot[bot])
- feat: bumped up react-native version to 0.74.1 and expo to 50.0.0 #889 (desusai7)
v3.2.0 (2024-04-26)
Added
- Support for Apple's Privacy Manifest #887 (poovamraj)
- chore(deps-dev): bump @types/react from 17.0.71 to 17.0.73 #831 (dependabot[bot])
- chore(deps-dev): bump react-native from 0.72.7 to 0.73.0 #823 (dependabot[bot])
v3.1.0 (2023-12-05)
Added
- Provide option to pass custom redirect url #813 (poovamraj)
- Support SFSafariViewController #800 (poovamraj)
- Support additional parameters for forceRefresh in iOS #801 (poovamraj)
Fixed
- Handle incomplete promise in web authentication #798 (poovamraj)
- Fix metadata type in
CreateUserOptions
#789 (poovamraj)
v3.0.2 (2023-10-06)
Fixed
Security
v3.0.1 (2023-08-16)
Fixed
Security
- chore(deps): bump semver from 5.7.1 to 5.7.2 in /example #692 (dependabot[bot])
- chore(deps): bump fast-xml-parser from 4.2.4 to 4.2.7 in /example #693 (dependabot[bot])
v3.0.0 (2023-08-10)
💡 Check the Migration Guide to understand the changes required to migrate your application to v3.
Added
- Credentials are returned as part of authorize methods in hooks
- Support for organizations name in login
- Added sample app in the repository
- Expo plugin is updated to latest version
- Added 'openid profile email' as mandatory scopes
- Option to
forceRefresh
is added ingetCredentials
- Added
hasValidCredentials
to hooks - More options to authorize using Hooks
authorizeWithSMS
authorizeWithEmail
authorizeWithOOB
authorizeWithOTP
authorizeWithRecoveryCode
Changed
- Custom Scheme is now optional in Expo
- Migrated the codebase to Typescript
- Use Native SDKs (Auth0.Android and Auth0.Swift) for Web Authentication
Credentials
object in Android will returnexpiresIn
instead ofexpiresAt
max_age
parameter is changed tomaxAge
inWebAuth.authorize()
customScheme
is now part ofClearSessionOptions
instead ofClearSessionParameters
inclearSession
- Minimum supported version for iOS is bumped to 13
- Revoke Token and Change Password now return
void
instead of an empty object
Removed
- Removed the
type
property returned in theCredentials
object in Android. UsetokenType
instead. skipLegacyListener
has been removed inauthorize
andclearSession
Security
- chore(deps): bump word-wrap from 1.2.3 to 1.2.4 #682 (dependabot[bot])
- chore: Expand
.semgrepignore
exclusions to tests #679 (evansims) - chore(deps-dev): bump semver from 6.3.0 to 7.5.2 #657 (dependabot[bot])
v3.0.0-beta.3 (2023-07-11)
Added
v3.0.0-beta.2 (2023-07-10)
💡 Check the Migration Guide to understand the changes required to migrate your application to v3.
Added
- Credentials are returned as part of authorize methods in hooks
- Added sample app in the repository
- Expo plugin is updated to latest version
- Added 'openid profile email' as mandatory scopes
- Option to
forceRefresh
is added ingetCredentials
- Added
hasValidCredentials
to hooks - More options to authorize using Hooks
authorizeWithSMS
authorizeWithEmail
authorizeWithOOB
authorizeWithOTP
authorizeWithRecoveryCode
Changed
- Custom Scheme is now optional in Expo
- Migrated the codebase to Typescript
- Use Native SDKs (Auth0.Android and Auth0.Swift) for Web Authentication
Credentials
object in Android will returnexpiresIn
instead ofexpiresAt
max_age
parameter is changed tomaxAge
inWebAuth.authorize()
customScheme
is now part ofClearSessionOptions
instead ofClearSessionParameters
inclearSession
- Minimum supported version for iOS is bumped to 13
- Revoke Token and Change Password now return
void
instead of an empty object
Removed
- Removed the
type
property returned in theCredentials
object in Android. UsetokenType
instead. skipLegacyListener
has been removed inauthorize
andclearSession
v2.17.4 (2023-06-15)
Fixed
v2.17.3 (2023-06-15)
Fixed
v2.17.2 (2023-04-27)
Added
- getCredentials hook now updates user state #584 (KMathisGit)
Fixed
- Added tokenType to credentials returned in Android #621 (poovamraj)
- [ESD-27178] Fix browser not found issue not being surfaced #611 (poovamraj)
v2.17.1 (2023-02-09)
Fixed
v2.17.0 (2023-02-01)
Added
- Allow additional options for authorize and support custom LAPolicy #526 (chrismcleod)
- Initialized flag on useAuth0 hook #561 (cranberyxl)
Fixed
Security
- chore: Bump
yarn.lock
dependencies #580 (evansims) - chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 #567 (dependabot[bot])
- Security: Bump Dependencies #565 (evansims)
v2.16.0 (2022-11-16)
Added
- Enable custom params for login methods #557 (poovamraj)
- Add support for static linking on iOS #555 (Widcket)
Fixed
- Return a unix timestamp for expiresIn #551 (cranberyxl)
v2.15.0 (2022-11-07)
Added
Fixed
v2.14.1 (2022-10-19)
Fixed
- Avoid config changes to handle authentication #534 (poovamraj)
- [SDK-3718] Allow passing extra parameters when logging in with passwordRealm #532 (ewanharris)
- Removed Activity from Android library to avoid prompt #533 (poovamraj)
v2.14.0 (2022-10-07)
This release brings the much requested features to the React Native Auth0 SDK:
- Support for Expo #424 (sdacunha)
- Built-in Secure Credentials Manager #501 (poovamraj)
- Support for React Hooks #500 (stevehobbsdev)
Added
- Add remaining fields for signing up a user #498 (travisobregon)
Changed
- Default scopes for authorize call (hooks only) #522 (stevehobbsdev)
v2.14.0-fa.0 (2022-09-09)
Added
- Add Expo config plugin (SDK 41+) #424 (sdacunha)
- [SDK-3591] New Hook API supporting login and logout #500 (stevehobbsdev)
- [SDK-3537] Credential manager for React Native #501 (poovamraj)
Changed
v2.13.3 (2022-07-06)
Fixed
v2.13.2 (2022-06-28)
Fixed
Security
- Bump simple-plist from 1.1.0 to 1.3.1 #478 (dependabot[bot])
- Bump async from 2.6.3 to 2.6.4 #472 (dependabot[bot])
v2.13.1 (2022-04-01)
Changed
Fixed
- Fix iOS module import for Expo SDK 44 #455 (Bardiamist)
- Fix promise that never completes [SDK-3216]#464 (Widcket)
v2.13.0 (2022-01-27)
Added
Fixed
v2.12.0 (2022-01-07)
Added
Fixed
v2.11.0 (2021-11-30)
Changed
v2.10.0 (2021-09-09)
Added
Changed
- Bump path-parse from 1.0.6 to 1.0.7 #397 (dependabot[bot])
- Disable whitelist on auth refreshToken call (#385) #395 (cpave3)
Security
- Bump react-native from 0.62.2 to 0.62.3 #393 (dependabot[bot])
v2.9.0 (2021-06-22)
Breaking changes
v2.8.3 (2021-05-05)
Changed
v2.8.2 (2021-04-29)
Fixed
v2.8.1 (2021-04-19)
Fixed
- Capture and surface error when browser app is not available [SDK-2224]#363 (lbalmaceda)
v2.8.0 (2021-03-26)
Added
- Add support for Organizations [SDK-2398]#361 (lbalmaceda)
v2.7.0 (2021-01-05)
Added
v2.6.0 (2020-08-11)
Added
Fixed
- Fix the www-authenticate header parsing logic #329 (lbalmaceda)
Security
- Bump lodash from 4.17.15 to 4.17.19 #320 (dependabot[bot])
v2.5.0 (2020-06-09)
This release requires at minimum React Native SDK version 0.62.2. If you need to run it on a different version, check the Compatibility Matrix on the README for reference.
Added
- Warn when bundle identifier contains uppercase characters #316 (lbalmaceda)
Security
- Breaking: Require ReactNative version 0.62.2 #315 (lbalmaceda)
v2.4.0 (2020-06-05)
Added
Security
- Bump dependencies in the lock file #313 (lbalmaceda)
v2.3.1 (2020-04-29)
Fixed
Security
- [Snyk] Security upgrade crypto-js from 3.1.9-1 to 3.3.0 #299 (crew-security)
- Bump acorn from 5.7.3 to 5.7.4 #287 (dependabot[bot])
v2.3.0 (2020-02-10)
Added
v2.2.0 (2020-01-30)
Added
- Add passwordless endpoints #270 (lbalmaceda)
- Handle missing kid (key id) on the JWKS #269 (lbalmaceda)
Changed
- Refactor RSA verification: Replace jsrsasign with crypto-js #268 (lbalmaceda)
v2.1.1 (2020-01-10)
Removed
- Remove issued_at claim value check #266 (lbalmaceda)
Fixed
- Fix gradle javaCompile warning #265 (lbalmaceda)
Security
- Bump handlebars from 4.2.0 to 4.5.3 #262 (dependabot[bot])
v2.1.0 (2019-10-23)
Security
- Improved OIDC compliance #243 (jimmyjames)
v2.0.0 (2019-10-08)
This is a major release that supports CocoaPods and Android X.
It requires at minimum React Native SDK version 0.60.5. If you need to run it on a different version, check the Compatibility Matrix on the README for reference.
- Install the SDK with yarn
add react-native-auth0
or npmnpm install react-native-auth0 --save
. - Install the Pod for the iOS native module. Change into the
ios
directory of your application and runpod install
.
Every iOS application after React Native SDK version 0.60.0 has a podfile
file. If yours doesn't, please check the documentation on how to generate a valid one.
v1.6.0 (2019-09-23)
Added
v1.5.0 (2019-07-15)
Changed
- Enable WebAuth Logout for Android & Fix iOS Logout. #223 (lbalmaceda)
Fixed
- Fix error handling by using authentication error class #228 (lbalmaceda)
v1.4.2 (2019-04-24)
Changed
- Update telemetry format #213 (lbalmaceda)
v1.4.1 (2019-04-18)
Fixed
v1.4.0 (2019-02-07)
Changed
- Remove obsolete React dependency from podspec. #192 (rnevius)
- Added iOS SF/ASWeb AuthenticationSession support #187 (cocojoe)
- Allow authorize options to override default values #177 (kenzic)
v1.3.1 (2018-10-01)
Changed
v1.3.0 (2018-07-17)
Added
Fixed
- Add requiresMainQueueSetup to fix warning in RN 0.49+ #165 (frankrowe)
- Fixed broken podspec for Cocoapods installations #136 (danieljvdm)
v1.2.2 (2018-01-31)
Fixed
- Fix android web authentication #126 (lbalmaceda)
v1.2.1 (2017-10-11)
Fixed
v1.2.0 (2017-09-11)
Full Changelog Closed issues
Added
Fixed
v1.1.1 (2017-08-18)
Fixed
v1.1.0 (2017-08-18)
Full Changelog Closed issues
- Could not invoke A0Auth.showUrl #67
Added
Fixed
- Change customtabs version to the same as default build tools #78 (lukecwilliams)
v1.0.4 (2017-08-13)
Changed
- Remove override annotation on createJSModules method #70 (lukecwilliams)
v1.0.3 (2017-06-26)
Fixed
- Add missing import to the WebAuth controller file #50 (lbalmaceda)
v1.0.2 (2017-06-16)
Fixed
v1.0.1 (2017-06-15)
Fixed
- Bundle identifier must be made lowercase #38 (trondwernerhansen)
v1.0.0 (2017-06-14)
Install react-native-auth0
using npm
npm install react-native-auth0 --save
Or via yarn
yarn add --dev react-native-auth0
then you need to link the native module in react-native-auth0
react-native link react-native-auth0
This section is for those that want to use WebAuth, if you dont need it just ignore this section.
In the file android/src/app/AndroidManifest.xml
you must make sure the main activity of the app has launch mode value of singleTask
and that it has the following intent filter
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data
android:host="YOUR_AUTH0_DOMAIN"
android:pathPrefix="/android/${applicationId}/callback"
android:scheme="${applicationId}" />
</intent-filter>
So if you have samples.auth0.com
as your Auth0 domain you would have the following activity configuration:
<activity
android:name=".MainActivity"
android:label="@string/app_name"
android:launchMode="singleTask"
android:configChanges="keyboard|keyboardHidden|orientation|screenSize"
android:windowSoftInputMode="adjustResize">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data
android:host="samples.auth0.com"
android:pathPrefix="/android/${applicationId}/callback"
android:scheme="${applicationId}" />
</intent-filter>
</activity>
For more info please read react native docs
Inside the ios
folder find the file AppDelegate.[swift|m]
add the following to it
#import <React/RCTLinkingManager.h>
- (BOOL)application:(UIApplication *)application openURL:(NSURL *)url
sourceApplication:(NSString *)sourceApplication annotation:(id)annotation
{
return [RCTLinkingManager application:application openURL:url
sourceApplication:sourceApplication annotation:annotation];
}
Then in your Info.plist
file, find the value of the entry of CFBundleIdentifier
, e.g.
<key>CFBundleIdentifier</key>
<string>org.reactjs.native.example.$(PRODUCT_NAME:rfc1034identifier)</string>
and then register a URL type entry using the value of CFBundleIdentifier
as the value of CFBundleURLSchemes
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleTypeRole</key>
<string>None</string>
<key>CFBundleURLName</key>
<string>auth0</string>
<key>CFBundleURLSchemes</key>
<array>
<string>org.reactjs.native.example.$(PRODUCT_NAME:rfc1034identifier)</string>
</array>
</dict>
</array>
The value
org.reactjs.native.example.$(PRODUCT_NAME:rfc1034identifier)
is the default for apps created with RN cli, you will probably have a different value.
For more info please read react native docs
import Auth0 from 'react-native-auth0';
const auth0 = new Auth0({
domain: '{YOUR_AUTH0_DOMAIN}',
clientId: '{YOUR_CLIENT_ID}',
});
auth0.webAuth
.authorize({ scope: 'openid email' })
.then((credentials) => console.log(credentials))
.catch((error) => console.log(error));