Enhancements
- ReBAC support: Descope now supports an advanced and more elaborate concept of authorization, known as ReBAC. ReBAC, Relation-Based Access Control, allows defining the user's permissions based on its relationship to various objects, using a directed graph of connections between them. Read more in our README.
- Search users by email or phone: We enabled the option to search over the user email and phone attributes - regardless if those are used as Login IDs or not.
- Flask decorators as extra package: We've added Flask as an extra package to the SDK. This means that it is not installed by default, but only when setting the relevant flag appropriately, and installing all relevant Flask dependencies.
- Search over tenants: Using the
search_alltenants command, you can now search for all tenants based on their attribute values, such as name, self-provisioning domains, custom attributes and more. - Logout all user sessions: Descopers can now decide to terminate a specific user's sessions across existing devices, using the management SDK. You can do so by providing the user's Login ID (
logout_user_by_user_id) or their User ID (logout_user). - Invitation of users using their phone number: If needed, upon inviting a user - you can configure that the invitation is sent via SMS using the sendSMS boolean flag.
- Cloning a project: Projects can be programmatically cloned using the new
cloneproject command. Note that this action is supported for pro and enterprise licensed customers. - README enhancements: Making our README more informative and full of examples for better explainability!
Bug fixes
- Improved exception type catches: To provide as much information as we can on token validation exceptions, we've changed our existing encapsulated errors to be more specific.