RBAC

The Stytch product will soon support role-based access control (RBAC)! See our RBAC guide at https://stytch.com/docs/b2b/guides/rbac/overview for more detailed explanations of our RBAC product.
RBAC policies must be set through the dashboard, but you can use various endpoints to assign Roles to Members and add implicit role assignments to Organizations and SSO connections (more details in the guide at https://stytch.com/docs/b2b/guides/rbac/role-assignment).
You can perform an RBAC authorization check when authenticating a JWT. This will use a locally cached version of the RBAC policy.
Some endpoints, such as Create Member, offer out-of-the-box handling of RBAC authorization checks if a session token or session JWT is passed in.

Other changes

Added support to core HTTP clients to send headers. This is used for certain routes that can be used in conjunction with RBAC for authorization, like magic_links.email.invite().
Some methods will now have a new optional $METHODRequestOptions field – this is used to supply authorization data for RBAC (see previous point).
authenticate_jwt and authenticate_jwt_local now accept an optional AuthorizationCheck parameter for performing RBAC checks. These will use a cached version of the project's RBAC policy in order to make an authZ verdict.
Built a LazyCache (which is intended to only be exposed internally that is used for fetching the project's RBAC policy only when needed – by default this expires every 5 minutes, but only refreshes upon receiving a request that will use the value. This means that if your project does not use RBAC, the cache will never fetch the policy.
Additionally, this update features a large amount of documentation updates which should better reflect what you can find at https://stytch.com/docs.

Full Changelog: v7.9.0...v8.0.0