🚀 Features
- Add
additionalFieldsoption in verification table schema - by @noctarius in #6747 (eab5b) - Add patreon social provider - by @Spuffynism, benkingcode and Kinfe123 in #6245 (07cdd)
- one-time-token:
- phone-number:
- saml:
- Validate SAML crypto algorithms during initial phase - by @Paola3stefania in #6785 (b56d7)
- Enforce one-time use of SAML assertions - by @Paola3stefania in #6719 (2053f)
- sso:
- Add URL normalization and validation to all discovery URLs - by @jonathansamines, Paola Estefanía de Campos, @Paola3stefania and @Bekacru in #6503 (17ff1)
🐞 Bug Fixes
- Prevent stateless refresh with database configured - by @Bekacru in #6700 (a5e7c)
- Revert token masking in listSessions route - by @bytaesu in #6749 (f659c)
- Compatible with openapi 3.1 - by @himself65 and Copilot in #6705 (81eec)
- Properly merge updated data in account cookie - by @jslno in #6758 (5d303)
- Preserve
=padding in parsed cookies - by @Shridhad in #6789 (47884) - Unify SSO/OAuth account linking and add domain-based org assignment to all sign-in flows - by @Paola3stefania in #6652 (dd8a5)
- Respect BETTER_AUTH_TRUSTED_ORIGINS env variable - by @Paola3stefania in #6809 (47682)
- Delete verifications with hooks - by @jonathansamines in #6803 (059b5)
- Respect IP headers in dev/test environments - by @bytaesu in #6854 (d3ebf)
- api-key:
- line:
- organization:
- Validate role existence in inviteMember endpoint - by @GautamBytes and Gautam Manchandani in #6774 (c0c94)
- Allow internal organization creation when disabled for client - by @GautamBytes and Gautam Manchandani in #6857 (4b092)
- prisma-adapter:
- Extract
idto root level for delete operations - by @ping-maxwell in #6425 (c3eda)
- Extract