1.6.2

Breaking changes

• Support multiple domains for tenant: There's an option to automatically associated a user to a tenant based on the user's email domain. Sometimes the same tenant can 'accept' multiple domains - so that's supported now!
  Please notice that this breaks compilation - considering this value is now an array and not a string.

Enhancements

• Appending user login IDs: We've added the option to assign multiple login IDs to a user, using the additionalLoginIDs attribute, upon creation and/or invitation of the user.
• First, middle and last names of a user: We added system attributes for first (givenName), middle (middleName) and last (familyName) of a user.
• Check roles or permissions of a user: Check if the user has at least one of the roles in a provided list, using the getMatchedRoles function. This also applies for checking permissions (getMatchedPermissions), and also for checking the existence on a project level and a specific tenant level (getMatchedTenantRoles , getMatchedTenantPermissions).
• Set the user's roles: We now support the option to set an existing user's roles. Instead of fetching existing roles, removing all of them and adding new ones 'from scratch' - use the setRoles user function.
• Setting custom claims for test users: You can now pass the LoginOptions object when working with test users, such as when using the generateMagicLinkForTestUser function.
• Documentation enhancements: Additional explanations were added to our SDK's README and examples, specifically around errors.

Bug fixes

• Cross-fetch support: Some services, such as Cloudflare, don't support all fetch capabilities. This is now fixed and such edge runtimes can work smoothly. Thank you @mattolson for the contribution!

1.6.1

Enhancements

• Batch invitations: Using the new inviteBatch command, you can sent invitations to multiple users at once.
• Invitation of users using their phone number: If needed, upon inviting a user - you can configure that the invitation is sent via SMS using the sendSMS boolean flag.
• Cloning a project: Projects can be programmatically cloned using the new clone project command. Note that this action is supported for pro and enterprise licensed customers.

1.6.0

Enhancements

• ReBAC support: Descope now supports an advanced and more elaborate concept of authorization, known as ReBAC. ReBAC, Relation-Based Access Control, allows defining the user's permissions based on its relationship to various objects, using a directed graph of connections between them. Read more in our README.
• Search users by email or phone: We enabled the option to search over the user email and phone attributes - regardless if those are used as Login IDs or not.
• Logout all user sessions: Descopers can now decide to terminate a specific user's sessions across existing devices, using the management SDK. You can do so by providing the user's Login ID (logoutUserByUserId) or their User ID (logoutUser).
• Support for edge-like environments: In order to use the Descope Node SDK in edge-like environments, we exposed the option to override fetch value upon SDK initiation (default is node-fetch-commonjs).

1.5.7

Enhancements

• Password Replace return value: We're now returning the JWT's response in the password.replace function, so that the session and refresh JWTs can be utilized (for example, in flows). This information will be returned as an jwtResponse object.
• Setting email and phone verification status upon creation: When creating a new user, you can now control whether the email and/or phone of that user are verified or not.
• Setting the Invitation URL via SDK: Using the new inviteUrl parameter, you can define a specific invitation URL when inviting a new user, that will override the default invitation URL set in your project's settings.

1.5.6

Enhancements

• Embedded links: We now support the option of generating an embedded link. Using the generateEmbeddedLink function, the Descoper can now generate a link that contains a user's token, thus requiring only verification to finalize the authentication.
  ⚠️ Please notice that this feature needs to be turned on in the console, as it's considered an advanced feature that requires extra planning and attention when used. Make sure only permitted personnel use it, and that it is audited appropriately in the relevant places.
• Search by user status: We've added the option to search over user statuses using the search function.
• Update project name: You can now update your project's name using the project updateName function.

1.5.5

Breaking changes

• Update of the configureMetadata and configureSettings functions: We've added two new parameters to the configureMetadata function - redirectUrl, domain. This is to complete the SSO configuration options when using the metadata URL option.
  We've also made these parameters strings in the configureSettings function (used for configuring SSO using connection details), so they should be passed as an empty string and not null.
  Please notice that for Typescript users, this breaks compilation for both the configureMetadata and configureSettings functions.

Enhancements

• Load tenant by ID: We added an option to load a specific tenant, using the load tenant function.

1.5.4

Enhancements

• Set a user's email or phone verification status: When updating a user, there's now an option to define if the phone or email provided are verified or not.

1.5.3

Bug fixes

• Tenant validation functions: Fixed a bug that resulted in some scenarios in which the validateTenantRoles and validateTenantPermissions functions returned the wrong results.

1.5.2

Enhancements

• Management CLI tool: We created a CLI tool for all management functions such as creating a user, deleting a tenant, exporting a flow, and more! Check it out 💪🏼
• Get a user's OAuth provider tokens: When using your own OAuth provider account, you can now choose to request additional scopes and have the provider's access tokens managed by Descope. When needed, those can be fetched using the getProviderToken function, which retrieves the token for your application to use.
• Support offline validations for JWTs: In case your working environment doesn't have constant internet connection - you can manually provide the public key to the SDK upon initialization. Read more about it in our README.

Bug fixes

• Incorrect arguments in SSO configuration: The role mapping payload was in the wrong format. This was quickly fixed and is now working.
• Expose interface and types: There were a few places where some object types were kept internal. We got feedback that some were important for internal code validations and easier handling - so we made sure those are now exposed.

1.5.1

Enhancements

• Set and expire user passwords: You can now expire a user's password using the expirePassword function, which will make the user reset it on their next authentication. There's also the option to set a new one using the setPassword function; notice that even when choosing a password, the user will still need reset it on their next authentication.
• Delete a tenant's SAML configuration: Using the deleteSettings function, you can define which tenant's SAML configuration should be deleted.

Bug fixes

• Add types to packages: TypeScript requires explicitly naming the package.json#exports types when using the new moduleResolution: node16 / nodenext / bundler. We fixed it so that it will work now (instead of getting ignored).