Skip to content

Releases: auth0/nextjs-auth0

v4.24.0

Choose a tag to compare

@github-actions github-actions released this 01 Jul 11:05
7576eac

Added

  • feat: enforce IPSIE session_expiry ceiling on enterprise connections #2708 (Piyush-85)

v4.23.1

Choose a tag to compare

@github-actions github-actions released this 30 Jun 14:44
c8d9285

Fixed

  • fix: adding example for CTE & CTE impersonation & delegation #2692 (Piyush-85)
  • fix: forward state param to OIDC end-session URL in handleLogout #2728 (Piyush-85)
  • fix(mtls): revoke refresh token on logout and fix interactive flow routing #2727 (Piyush-85)

Security

  • fix: persist per-request max_age in TransactionState to enforce auth_… #2707 (Piyush-85)

v4.23.0

Choose a tag to compare

@github-actions github-actions released this 22 Jun 16:38
7dcb620

BREAKING CHANGES

  • fix: surface MfaRequiredError from passkeyGetToken and passwordlessVe… #2702 (Piyush-85)

Added

Fixed

  • fix: do not add trailing slash to path-based issuer URLs #2693 (sleitor)
  • fix: add pnpm-workspace.yaml with allowBuilds to unblock pnpm install… #2701 (Piyush-85)

v4.22.0

Choose a tag to compare

@github-actions github-actions released this 01 Jun 09:27
a3feef0

Added

Fixed

  • fix: allow path-based domain URLs for Okta custom authorization servers #2666 (sleitor)

v4.21.0

Choose a tag to compare

@github-actions github-actions released this 22 May 12:22
d6e9fc5

Added

  • feat: allow-list auth0-client header for forwarding #2668 (tusharpandey13)
  • feat(passwordless): passwordless example #2634 (Piyush-85)
  • feat(passwordless): add client-side passwordless module #2633 (Piyush-85)
  • feat(passwordless): Add Next.js route handlers for passwordless flows #2608 (Piyush-85)
  • feat(passwordless): add passwordlessStart and passwordlessVerify to AuthClient #2607 (Piyush-85)
  • feat(passwordless): add error classes and types for passwordless authentication #2606 (Piyush-85)
  • feat(passwordless): add connection, screen_hint, login_hint to AuthorizationParameters #2605 (Piyush-85)

Fixed

  • fix(cookies): include Secure/SameSite/HttpOnly on deletion Set-Cookie… #2651 (Piyush-85)

v4.20.0

Choose a tag to compare

@github-actions github-actions released this 05 May 05:59
dadd14f

Added

  • feat: support customizing profile and accessToken routes #2451 (eliw00d)

Fixed

  • fix: stale session reuse on proxy DPoP nonce retry #2582 (nandan-bhat)
  • fix: move NextResponse-dependent buildEnrollOptions to server-only module #2643 (sleitor)
  • fix: delete v3 appSession cookie on logout #2552 (gmurphey)
  • fix: respect allowInsecureRequests option in AuthClientProvider domain validation #2630 (sleitor)

v4.19.0

Choose a tag to compare

@github-actions github-actions released this 23 Apr 15:10
605eaf2

v4.19.0 (2026-04-22)

Added

  • feat: add mfa.stepUpWithPopup() for reactive MFA step-up via Universal Login #2524 (tusharpandey13)

Fixed

v4.18.0

Choose a tag to compare

@github-actions github-actions released this 17 Apr 13:04
c4b3920

Added

Fixed

v4.17.1

Choose a tag to compare

@github-actions github-actions released this 16 Apr 16:52
b06d30f

Fixed

  • fix: defer AuthClientProvider construction when AUTH0_DOMAIN not set at build time #2604 (sleitor)
  • fix: Next.js edge runtime build error for crypto module #2564 (Piyush-85)

v4.17.0

Choose a tag to compare

@github-actions github-actions released this 09 Apr 10:37
8eb6cd2

Release v4.17.0 (minor release)

Added

Fixed

  • fix: prevent rolling session from re-creating a deleted session on concurrent logout #2530 (sleitor)