v11.5.2 (2018-03-28)
Added
v11.5.1 (2018-03-22)
v11.5.0 (2018-03-22)
Changed
Fixed
- Fix inconsistent state assignment when parsing a hash #1309 (luisrudge)
- Fixed German translations #1307 (roschaefer)
- Fixing IE lack of support for
includes#1298 (luisrudge) - Fix Japanese translations #1295 (hiro1107)
v11.4.0 (2018-03-12)
Added
Changed
- Making HRD work in signup page and showing an error when HRD is detected in the forgot password page #1278 (luisrudge)
Fixed
- Fix inconsistent screen title #1288 (luisrudge)
- Always remove spaces from email and username #1280 (luisrudge)
v11.3.1 (2018-02-28)
Fixed
v11.3.0 (2018-02-22)
Fixed
- Fix Lock Passwordless feature parity (events and quick auth screen) #1267 (luisrudge)
- Removing legacy COA mapping + fixing access_denied mapping #1266 (luisrudge)
- Only call getSSOData when rememberLastLogin is true #1265 (luisrudge)
- Upgrade auth0-js to 9.3.0. See auth0-js' changelog here.
v11.2.3 (2018-02-08)
Fixed
v11.2.2 (2018-02-06)
Fixed
v11.2.1 (2018-02-02)
Fixed
v11.2.0 (2018-02-02)
Changed
- call /ssodata when inside the universal login page #1245 (luisrudge)
- Handling embedded and universal login in the same application #1243 (luisrudge)
v11.1.3 (2018-01-29)
Changed
- Update auth0.js auth0.js changelog
v11.1.2 (2018-01-26)
Changed
- Update auth0.js auth0.js changelog
v11.1.1 (2018-01-24)
Changed
- Update auth0.js auth0.js changelog
v11.1.0 (2018-01-16)
Changed
v11.0.0 (2017-12-21)
Lock v11 is designed for embedded login scenarios and is not supported in centralized login scenarios (i.e. Hosted Login Pages). You need to keep using Lock v10 in the Hosted Login Page.
We wrote a Migration Guide to make upgrading your app easy.
Breaking change
lock.getProfile now expects an access_token as the first parameter. You'll need to update your code to change the parameter sent (v10 expected an id_token).
Removed
The oidcConformant flag was used to force Lock v10 to not call legacy endpoints. Lock v11 never uses legacy endpoint so the flag is not needed anymore. If specified, it will be ignored.
Changed
Lock v11 default the scope parameter to openid profile email. This is to make the 'Last Logged in With' window work.
v10.23.1 (2017-10-12)
Fixed
v10.23.0 (2017-10-12)
Changed
- Pinning react version 15.6.2 #1142 (luisrudge)
- upgrade auth0.js #1137 (luisrudge)
- Upgrade react version #1135 (luisrudge)
Fixed
We're trying to figure it out how to help customers that want to upgrade to react@16. The ideal would be to move react and react-dom to peerDependencies, but this would be a breaking change for most of our customers, so we're thinking this through.
In the meantime, react@16 works just fine with this codebase. You'll just have to bundle both versions if you're not using yarn. If you are using yarn, however, you can use the resolutions field and pin react@16 to your repo.
{
"name": "test-test",
"version": "0.1.0",
"private": true,
"dependencies": {
"auth0-lock": "^10.23.0",
"react": "^16.0.0",
"react-dom": "^16.0.0",
"react-scripts": "^1.0.14"
},
"scripts": {
"start": "react-scripts start",
"build": "react-scripts build",
"test": "react-scripts test --env=jsdom",
"eject": "react-scripts eject"
},
"resolutions": {
"react": "16.0.0",
"react-dom": "16.0.0"
}
}
v10.22.0 (2017-09-26)
Added
Changed
v10.21.1 (2017-09-21)
Fixed
v10.21.0 (2017-09-21)
Added
- Add Estonian Translations #1099 (meikoudras)
Changed
- Changed the connectionResolver to run onSubmit instead of onBlur #1113 (luisrudge)
- Change translate for loginAtLabel #1110 (radu-carmina)
Fixed
- Use resolvedConnection where available #1111 (lukevmorris)
- Fix a few svg errors when used with global css rule #1103 (luisrudge)
- Links with # should use javascript:void(0) #1102 (luisrudge)
- Improve Danish translation #1097 (havgry)
- Fixed translations for Romanian and Slovenian #1092 (AdrianSima)
v10.20.0 (2017-08-11)
Added
Changed
Fixed
- Fix custom theme for custom connections #1083 (luisrudge)
- Fix spacing using custom signup fields #1076 (luisrudge)
- Fixed Slovak translations #1069 (stajo1)
v10.19.0 (2017-07-18)
Added
- Added
oidcConformantentry to the readme #1054 (luisrudge) - Added a custom connection resolver option #1052 (luisrudge)
- Added Korean translation #1051 (couldseeme)
Fixed
v10.18.0 (2017-06-23)
Added
- Add analytics events #1036 (francocorreasosa)
- Lang Afrikaans South Africa #1035 (jdunhin)
- Adding "show password" option #1029 (luisrudge)
Changed
Removed
Fixed
- Fixing empty popup on signup #1048 (luisrudge)
- Adding a flag for cross-auth #1044 (luisrudge)
- Fix custom connection scopes #1038 (luisrudge)
v10.17.0 (2017-06-14)
Added
- Added allowAutoComplete ui option #1022 (luisrudge)
- When in OIDC mode, enterprise connections always go to IdP page #1019 (luisrudge)
- Added Cross Origin Auth support in OIDC mode #1013 (luisrudge)
- Emit authorization_error when username/password fails (invalid_user_password) #999 (luisrudge)
Changed
- Improved Danish translation #1033 (denkristoffer)
- Scroll to the error message by default #1023 (m-idler)
- Enabled HTML formatting for flashMessages #1017 (dariobanfi)
- package.json: ~ range allowed for auth0-js dep #1015 (lexaurin)
Fixed
- Removed extra scroll on mobile view #1031 (beneliflo)
- Fixing tooltip error in the email pane #1030 (luisrudge)
- Fix react-addons-css-transition-group issue #1001 (eoinmurray)
- Fixed overrides sent to auth0.js #997 (sandrinodimattia)
v10.16.0 (2017-05-08)
Added
Changed
- Update badge location for better performance and bundle max-age changes #995 (ramasilveyra)
Fixed
- Fix long header title and Error messages overflow #990 (beneliflo)
- Fix grammar mistake RU #988 (uladar)
v10.15.1 (2017-04-25)
Fixed
v10.15.0 (2017-04-24)
Added
Changed
- Upgrade auth0-js to v8.6.0 #980 (luisrudge)
- Adding prettier and a precommit script to format the code 🎉 💄 #977 (luisrudge)
- Upgrading usage of prop-types to new package #971 (luisrudge)
- Use replaceState for better browser history experience #967 (selaux)
- Renaming internal
signOutmethods withlogoutto keep it consistent #966 (luisrudge) - Improve error handling of sync with better errors #961 (luisrudge)
- Adding
keyto the error "An error occurred when fetching data" #956 (luisrudge)
Fixed
- Fixed typo in cs.js #979 (fersman)
- fixed propType misspell in header.jsx #973 (nickpisacane)
- Fixed scrolling on mobile in landscape mode #963 (luisrudge)
v10.14.0 (2017-03-27)
Closed issues
- prefill option is lost after reset password #933
Added
- Throw an error when audience is used without oidcConformant flag #947 (luisrudge)
- Added Finnish translation #936 (kettunen)
- Added Ukrainian translation #931 (grsmv)
Changed
- Upgrade auth0js to v8.5.0 #952 (luisrudge)
- Disable social buttons when terms were not accepted on sign up #949 (luisrudge)
- Better explanation about the sso option #948 (luisrudge)
- Changed password leak error message #934 (ntotten)
- Add support for success and error messages to be in HTML #928 (luisrudge)
Fixed
- Fixing Italian dictionary #950 (ilmistra)
- Don't clear email field after reset password #945 (luisrudge)
- Disable autoCorrect and spellCheck in the username input #927 (luisrudge)
v10.13.0 (2017-03-13)
Closed issues
- State with
=,&characters is incorrectly parsed from url fragment #913 - Add support for Evernote strategy #895
Fixed
- Updated auth0 js version #924 (hzalaz)
- Adds evernote social icon #923 (vctrfrnndz)
- Add japanese translation for "OR" #921 (vctrfrnndz)
- Fix some french translations. #918 (lucasmichot)
- Replace querystring implementation with qs module #916 (elger)
- Use error.name to find the correct error message for invalid passwords #904 (luisrudge)
v10.12.3 (2017-03-07)
Fixed
- Update node engine restriction #909 (hzalaz)
- Fixed Czech translation #902 (FilipPyrek)
v10.12.2 (2017-03-03)
Fixed
v10.12.1 (2017-03-03)
Fixed
v10.12.0 (2017-03-02)
Closed issues
- Bug in email field validation #884
- Input field tab issue in IE #870
- Bring back the integratedWindowsLogin option #852
- Unwanted parameters in /authorize call #851
- Back button not displaying properly in IE 11 #767
Added
- Added checkbox CustomInput for additionalSignUpFields #860 (dariobanfi)
- Add slovak translation #846 (Passto)
Changed
- Update password sheriff to reduce bundle size #879 (hzalaz)
- Adding focusable=false to all svgs #873 (luisrudge)
- Migrating to webpack2 #871 (luisrudge)
- Review catalan translations #869 (oscarfonts)
- Reducing time to unpin loading pane #853 (luisrudge)
- Throw an error if login, signUp and forgotPassword screens are not allowed #850 (luisrudge)
- Kerberos network checking no longer depends on rememberLastLogin #805 (patrickmcgraw)
Fixed
- Updated auth0.js to v8.3.0 #889 (hzalaz)
- Fix issue when submiting a form with no email #886 (selaux)
- Fixing allowSignup and allowForgot options when loading tenant info #877 (luisrudge)
- Don't disable mfa-code input #872 (nikolaseu)
- Fix a box-sizing issue that happened when bootstrap was being used with lock #868 (luisrudge)
- Cleaning params sent to auth0js #863 (luisrudge)
- Only set prefill values when application is initialized #855 (luisrudge)
v10.11.0 (2017-01-30)
Closed issues
- Input error state does not get reset when changing page #843
- Show error when the domain part of the email does not match any enterprise connection #661
Added
- inject cordova plugin and force popup/sso in cordova or electron #835 (glena)
- Japanese translation #834 (stevensacks)
- disable submit button when the email does not match with any connection #757 (glena)
Changed
- Clear invalid fields on screen change #844 (glena)
- Bump the babel-preset-2015 version #838 (iamkevingreen)
v10.10.2 (2017-01-23)
Fixed
- Fix casing of null in IE (bumping auth0.js version) #827 (glena)
- Fix ES translations #826 (perpifran)
- Translated term mfaLoginTitle into Dutch #820 (dctoon)
- For autologin, if login screen is not available, it should show the error in the signup one instead of breaking #817 (glena)
v10.10.1 (2017-01-19)
Changed
v10.10.0 (2017-01-17)
Closed issues
- Lock v10.9.2 fails on IE 10 Windows 7 #801
Added
- Add resumeAuth method and autoParseHash flag #790 (luisrudge)
- Hide first screen title option #745 (glena)
Changed
Fixed
- Fix: popup does not close when signup fails #810 (glena)
- removes scope openid warning in OIDC conformant mode. fix #780 #803 (luisrudge)
- Clearing fields when lock closes #802 (luisrudge)
- Fix redirect/popup login when shown in the hosted login page #799 (glena)
Breaking changes
In lock v10.9 we introduced an issue in auth0.js that changed the casing of the calls to retrieve the user profile (using /userinfo or /tokeninfo), everything was converted to camel case. We fixed that issue in this auth0.js pull request and is part of this release of Lock. If you kept an v10.8 or older no changes are needed, for those who updated to v10.9 you need to revert the changes made to handle the case changes.
v10.9.2 (2017-01-11)
Fixed
- Bring back support for get profile in default mode #794 (glena)
- Don't emit error when registering for event 'signin ready' #784 (theopak)
v10.9.1 (2017-01-10)
Fixed
- Fix to comply legacy behaviour #787 (glena)
- For legacy flow, the scope should default to openid #783 (glena)
v10.9.0 (2017-01-09)
Added
Changed
- Removed browserify as dependency and removed process usage #779 (glena)
- Auth0js v8 - configuration validation + default scope #775 (glena)
v10.8.1 (2017-01-03)
Closed issues
- username/password login doesn't work with custom domains on the appliance #772
Fixed
v10.8.0 (2017-01-02)
Closed issues
- Request to add user-facing error message. #751
- Please throw an error for invalid events #748
- Old errors shown when reopening Lock #739
- Send login_hint when detecting previous session #729
defaultADUsernameFromEmailPrefixis not implemented #713- [v10] Enterprise connections don't strip domain from email #543
Added
- Allow to override socialButtonStyle on show #766 (glena)
- Added new error code: session_missing #760 (glena)
- Add events validation and fail if it is not a valid one #756 (glena)
- Added flag defaultADUsernameFromEmailPrefix #754 (glena)
- Send login_hint when detecting previous session #753 (glena)
- Create fa.js #752 (doroudi)
Changed
Fixed
v10.7.3 (2016-12-19)
Fixed
v10.7.2 (2016-12-01)
Fixed
- Fix how the tenant and application info url is build to avoid format issues #740 (glena)
- Fix: Single saml connection with no domain shows undefined in button #738 (glena)
v10.7.1 (2016-11-25)
Fixed
- fix options override on show #732 (glena)
- One questionmark is enough #731 (retorquere)
v10.7.0 (2016-11-22)
Added
- Add missing Norwegian translations #721 (francisrath)
Changed
- Update auth0.js to v7.5.0 #730 (hzalaz)
- "Email" type for email input #724 (glena)
- Enterprise: force username for AD connections #714 (glena)
Deprecated
v10.6.1 (2016-11-09)
Fixed
v10.6.0 (2016-11-07)
Changed
- Update auth0.js to 7.4.0 #705 (hzalaz)
- allow to override language, dict, logo and primary color on show method #680 (glena)
- Webpack for bundling #663 (glena)
Fixed
v10.5.1 (2016-10-28)
Closed issues
- [Lock 10.5.0] Prefill fails when using username #685
- [Lock 10.5.0] "TypeError: next is not a function" when closing social connection popup #682
Fixed
- Disabled username verification for prefill #686 (glena)
- 'TypeError: next is not a function' when closing social connection popup #684 (glena)
- Fix focus visual feedback in email and username inputs #681 (gnandretta)
v10.5.0 (2016-10-24)
Closed issues
- [v10.4.0] Cannot read property 'get' of undefined. #658
- Lock not showing rule errors in redirect mode #637
- Single AD connection without domain shows undefined in message #627
- Issues with Overlay mode + signUpLink setting on a SPA #619
- [UX] Password field shouldn't show error message immediately (on focus). #540
Added
- Create vi.js in /src/i18n #662 (IoHL)
- Added support for custom oauth2 connections #648 (glena)
- Create ca.js #645 (alexandresaiz)
- Support connectionScopes for oauth2 connections #643 (glena)
- Allow to display a flash message on lock.show #639 (glena)
- MFA when using oauth/ro endpoint #628 (dafortune)
Changed
- Password field shouldn't show error message immediately (on focus) #668 (glena)
- Update auth0.js to latest #665 (hzalaz)
- Added default values to the dictionary and warn about missing keys #651 (glena)
- Fix Issues with Overlay mode + signUpLink setting on a SPA #650 (glena)
- Only require non-empty value for username when DB connection is custom or import is enabled #646 (glena)
- Update uglify task to generate sourcemaps #638 (cristiandouce)
Fixed
- Fix [v10.4.0] Cannot read property 'get' of undefined. #658 #660 (glena)
- Changed to regular spaces. #653 (nicosabena)
- Single AD connection without domain shows undefined in message #642 (glena)
- show properly terms on desktop and mobile #641 (beneliflo)
- Fix typo in the word "corporate" #632 (wags)
- Change the term email to e-mail and emailadres to e-mailadres #629 (ToonDC)
v10.4.1 (2016-10-21)
Changed
- Update auth0.js to v7.3.0
v10.4.0 (2016-09-27)
Closed issues
- theme.logo regression in 10.3.0 #617
Changed
Fixed
- Fix bad reference for unrecoverable_error event emitter #625 (cristiandouce)
- Fixes for 10.3.0 regression #618 (doapp-ryanp)
v10.3.0 (2016-09-19)
Closed issues:
- v10: KerberosScreen failing on internal Network #590
- Languages not available on cdn.eu.auth0.com #576
- The lock v10 with ionic2 page can not scroll. #532
- Signup terms checkbox overlays password field on small devices. #525
- Lock + Meteor breaks when trying to require & use blueimp-md5 #466
- White space on bottom when running/simulating on mobile device #376
Fixed:
- Bump blueimp-md5@2.3.1 #613 (cristiandouce)
- Handle uncaught unrecoverable_error #609 (eddiezane)
- fixed loading unaligned with label submit #606 (beneliflo)
- Fix EscKeyDownHandler bug in Container when
closableis false #604 (kevinzwh) - Fix checkbox terms #597 (beneliflo)
- Fixes corporate network connection usage #594 (CriGoT)
- fixed ionic page scroll #591 (beneliflo)
Added:
- Add min/max username validation from application info settings #611 (cristiandouce)
- Introduce clientBaseUrl and languageBaseUrl options to deprecate assetsUrl #601 (cristiandouce)
- Added Hungarian translations #599 (nagyv)
- Add french translation #596 (RomainFallet)
- Added Swedish (sv) translation. #593 (kuljaninemir)
Changed:
- use ReactCSSTransitionGroup for global messages #595 (robbiewxyz)
Deprecation notice:
This version introduces languageBaseUrl and clientBaseUrl in replacement of assetsUrl.
- The application will be fetched from
${clientBaseUrl}/${clientID}.jsand will default to the CDN url including the region (e.g.https://cdn.eu.auth0.com/client). The region is inferred from thedomain. - The language will be fetched from
${languageBaseUrl}/${lang}.jsand will default to the CDN without the region (e.g.https://cdn.auth0.com/js/lock/${lockVersion}/). - The new options have priority over
assetsUrl. - If
assetsUrlis provided, keep the current behavior: fetch application from${assetsUrl}/client/${clientID}.jsand languages from{assetsUrl}/js/lock/${lockVersion}/${language}.js.
v10.2.3 (2016-10-21)
- Use auth0.js version 7.3.0
v10.2.2 (2016-08-31)
- Decode window.location.href before parsing hash (#583)
- Change the default value for hash in WebApi.parseHash() internal method (#587)
v10.2.1 (2016-08-18)
- Allow dots in HRD username and clear errors before leaving the HRD screen (#574)
v10.2.0 (2016-08-18)
- Show a label in the submit button by default (#524)
- Show the Auth0 badge only in modal mode and on the bottom left of the overlay (#552)
- Replace the log in / sign up segmented control for tabs (#553)
- German translation corrections (#549)
- Add
responseMode: "form_post"option (#526) - Add the
hash_parsedevent (#535) - Add
zhtranslation (#548) - Allow to override some options in the
showmethod (#550) - Add
nbtranslation (#560)
v10.1.0 (2016-08-09)
- Add
detranslation (#546)
v10.0.2 (2016-08-05)
- Fix header in Edge (#528)
- Allow to reuse a given container id (#533)
- Stop showing last login screen when the initial screen is not login (#534)
- Fix email input in IE 10 (#537)
v10.0.1 (2016-07-27)
- Stopped dropping keys on email input in IE (#505)
- Protect against svgs background colors set by other stylesheets (#506)
- Ensure header styling looks fine in IE (#507)
v10.0.0 (2016-07-20)
- The
parseHashmethod was removed given that now it is automatically handled by Lock.
- Stopped hiding errors that are raised from event listeners.
- Handle the new variants of password policy errors during sign up.
v10.0.0-rc.2 (2016-07-05)
- Fixed issue with the blueimp library when bundling with webpack.
- Stopped fetching SSO data when SSO is disabled.
- The location hash is no longer cleared every time Lock is initialized.
- The validator function for additional sign up fields now allows to specify a hint that will be displayed when the field is invalid.
v10.0.0-rc.1 (2016-06-22)
- Show Auth0 badge in the bottom only for free plans.
v10.0.0-beta.5 (2016-06-21)
- Fixed bug that prevented custom sign up fields from being validated.
- Upgraded to React v15.
- Upgraded auth0.js to v7.0.3.
- Added the
languageoption. Translations forit,pt-br,ruandesare provided out of the box. Thanks @yvonnewilson, @dirceu, @lilapustovoyt and @darkyen! - Lock now will emit the following events.
show: emitted when Lock is shown. Has no arguments.hide: emitted when Lock is hidden. Has no arguments.unrecoverable_error: emitted when there is an unrecoverable error, for instance when no connection is available. Has the error as the only argument.authenticated: emitted after a successful authentication. Has the authentication result as the only argument.authorization_error: emitted when authorization fails. Has the error as the only argument. Note theauthenticatedandauthorization_errorevents replace the callback in the constructor.
- Display a tooltip on invalid inputs with a hint on how to fix the error.
v10.0.0-beta.4 (2016-05-17)
- A proper error message is shown when no connection is available.
- Removed JSONP support.
- Support for the new Bitbucket and Dropbox social connections.
- Additional sign up fields can now be prefilled and have a
selecttype, which allows the user to choose the value from a predefined list of options.
v10.0.0-beta.3 (2016-05-10)
- Allow to translate password strength messages.
- Don't fetch profile automatically after a successful login.
- Display just an email input in the forgot password screen. Before, an username input was displayed when the connection required an username.
v10.0.0-beta.2 (2016-04-25)
- Fetch bigger gravatars, so they look better on high-density screens.
- Don't fetch SSO data when SSO is disabled.
- Bunch of small UI issues.
- NPM package require. Now
require('auth0-lock')will work (previously you had to dorequire('auth0-lock/lib/classic')).
- Renamed
closemethod tohide. - Renamed
connectionsoption toallowedConnections. - Renamed
signUp.footerTextdict key tosignUp.terms.
- Support for enterprise connections.
- Allow to specify the the default datbase connection via the
defaultDatabaseConnectionoption. - Optionally request users to agree to terms and conditions before
signing up via the
mustAcceptTermsoption.
v10.0.0-beta.1 (2016-03-23)
First preview release, see https://auth0.com/docs/libraries/lock/v10 for details.