🚀 Features
- api-key:
requireNameto enforce name on keys - by @ping-maxwell in #3129 (79f5f)
- generic-oauth:
- Add support for additional token URL params in generic OAuth - by @CaoMeiYouRen in #3410 (2ac4f)
- oidc:
- Add refresh token support to discovery document and token endpoint - by @tinkerer-shubh in #3373 (6f0f6)
- Support JWKs with JWT plugin - by @NefixEstrada in #2755 (82b69)
- Add support for public clients with PKCE authentication - by @pekastel in #3091 (ff54a)
- oidc-provider:
- organization:
listUserInvitationsadds the ability to list all invitations for a given user - by @ping-maxwell in #3121 (3547c)
🐞 Bug Fixes
- Linking accounts for anon users with one tap and passkey - by @Kinfe123 in #3124 (a2029)
- Don't require email for account linking - by @arlyon in #3335 (9c3a1)
- Add
imageoption tosignUpEmailtypes and schema - by @acusti in #3357 (78351) - Implement standard Base64 encoding for HTTP Basic Auth in token refresh and validation - by @naimkhrof in #3388 (7364c)
- Schema generation when using advanced.databse.useNumberId - by @body20002 in #3311 (e02c2)
- admin: Before create hook was not triggered when creating a user through the admin plugin - by @Kinfe123 in #3418 (adf8b)
- api-key: Non-expiring API keys (with expiresAt set to null) were being deleted by mistake - by @reslear in #3413 (57c76)
- dropbox: Added support for the token access type option - by @Kinfe123 in #3419 (29c76)
- next-cookies: Don't throw in monorepo workspaces - by @ping-maxwell in #3381 (8bd66)
- oidc-provider: Relax offline_access scope validation by removing prompt=consent requirement - by @tinkerer-shubh in #3420 (d1308)