v5.4.0

Full Changelog

Notes for this release:

• \Auth0\SDK\Auth0 now accepts a $config key called skip_userinfo that uses the decoded ID token for the user profile instead of a call to the /userinfo endpoint. This will save an HTTP call during login and should have no affect on most applications.

Closed issues

• Auth0::exchange() assumes a valid id_token #317
• Feature Request: Support sending auth0-forwarded-for header #208

Added

• Authentication class cleanup and tests #322 (joshcanhelp)
• Add Grants Management endpoint #321 (joshcanhelp)
• Add Auth0-Forwarded-For header for RO grant #320 (joshcanhelp)
• Improve API Telemetry #319 (joshcanhelp)
• Add Mock API Request Capability and Mocked Connections Tests #314 (joshcanhelp)

Changed

• Test suite improvements #313 (joshcanhelp)
• Improve repo documentation #312 (joshcanhelp)

Deprecated

• Official deprecation for JWKFetcher method #328 (joshcanhelp)
  • \Auth0\SDK\Helpers\JWKFetcher::fetchKeys()
• Official deprecation for User methods #327 (joshcanhelp)
  • \Auth0\SDK\API\Management\Users::search()
  • \Auth0\SDK\API\Management\Users::unlinkDevice()
• Official deprecation of ClientGrants method #326 (joshcanhelp)
  • \Auth0\SDK\API\Management\ClientGrants::get()
• Official deprecation of legacy InformationHeaders methods #325 (joshcanhelp)
  • \Auth0\SDK\API\Helpers\InformationHeaders::setEnvironment()
  • \Auth0\SDK\API\Helpers\InformationHeaders::setDependency()
  • \Auth0\SDK\API\Helpers\InformationHeaders::setDependencyData()
• Official deprecation of legacy Authentication methods #324 (joshcanhelp)
  • \Auth0\SDK\API\Authentication::setApiClient()
  • \Auth0\SDK\API\Authentication::sms_code_passwordless_verify()
  • \Auth0\SDK\API\Authentication::email_code_passwordless_verify()
  • \Auth0\SDK\API\Authentication::impersonate()

Fixed

• Fix Auth0::exchange() to handle missing id_token #318 (joshcanhelp)