This release features asymmetric ZERO password authentication, by exploiting the asymmetric parts of public key cryptography, and creating cryptography challenges, allowing the client to request a challenge, sign it with his private key, submit the cryptographically signed content to the server, for then to have a JWT token returned back becoming his authentication and authorisation token for future requests.
The really interesting part of this little crypt trick, is that it allows you to implement zero username/password authentication schemes, where no clients needs to even supply usernames or passwords to your server to securely authenticate themselves for future requests.
Notice - This feature is a bit experimental in nature, and I don't recommend you using it for production scenarios (yet!), but I will expand upon it, and bugfix, to further stabilise it, since this is a "priority area" for Magic.