1. Full Reference
  2. Changelog

This changelog includes important updates to PropelAuth. For larger features, we’ll provide links where you can find more details. For any item with the Beta label, if you are interested in testing it out, please email us at support@propelauth.com.


FeatureAdded an API to create access tokens for testing purposes. Previously, you would need to use our frontend libraries to get tokens, and the tokens were all short-lived. Now you can make an API call to get an access token for a specified user, with a custom expiration.
FeatureAdded refreshAuthInfo to @propelauth/react so you can force refresh the auth information
FeatureImproved useAuthInfo so that you can now destructure without needing to check loading first
FeatureAdded new redirect function redirectToSetupSAMLPage
FeatureFor each redirect function (e.g. redirectToLoginPage), we now also provide a getter function to get the underlying URL (e.g. getLoginPageURL). This allows for more flexible usage.
BugfixFixed issue with fetch_org in the Rust crate where it’s return type was incorrect
BugfixUpdating your email no longer sends a confirmation if you had “email confirmation not required” in that environment


ReleaseReleased support for Chrome Extensions alongside Plasmo
BetaBeta support for API authentication. You can generate API keys for your customers tied to either your users, your organizations, or both.
BugfixFixed issue with propelauth-py which made it fail to build on some OS’s
BugfixFixed issue with Google login where it wasn’t always updating the user object with their name


BetaBeta release for our Component Library!
ReleaseUpdated our example apps section with new examples and forkable git repos
FeatureUpdated our libraries with a new optional boolean field askUserToUpdatePasswordOnLogin in all three of: createUser, migrateUser, and updatePassword. This forces the user to set/update their password.
FeatureYou can now disable password authentication in the dashboard.
FeatureAdded options for you to specify how long your users remain logged in and whether it’s based on inactivity or just a fixed amount of time
FeatureAdded deeper organization configuration options, like requiring all users to be in at least one org.


ReleaseAdded backend support for Cloudflare Workers
FeatureAdded support for Ngrok as a replacement for localhost in the test environment
FeatureAdded organization settings in the hosted pages, enabling your users to toggle domain allow/denylists
BugfixFixed a few styling issues in the hosted pages


ReleaseAdded backend support for Rust with support for Axum and Actix.
FeatureAdded APIs to make it easier to programmatically manage your users (managing/deleting orgs, updating user metadata, etc.)
FeatureAdded a new webhook on user login.
BugfixCleaned up the workflow around verifying a domain. You can now verify ownership via a TXT record on a special subdomain, instead of using the root domain.
BetaUser login duration can be configured now. You can either specify an absolute amount of time the user is logged in, or a period of inactivity, after which they will be logged out.


FeatureUsernames now support unicode characters.
FeatureAdded AuthProviderForTest to our React library that’s useful for testing (thanks to mykeels for the suggestion).
FeatureAdded an option for copying user IDs out of the dashboard.
BugfixUpdated copy on the default create org page


ReleaseCustom Roles & Permissions (RBAC) is live! This feature enables you to create custom roles and permissions. We also updated all our libraries to add advanced authorization with these roles and permissions.
FeatureAdded the concept of an active organization (see getActiveOrgFn). For users in multiple organizations, this allows you to set the organization they are operating within and works with the roles and permissions update.
BetaAdded option to disable signups from personal email domains (e.g. gmail.com, yahoo.com, etc).


FeatureAdded the ability to disable 2FA/MFA for your users either programmatically or through our dashboard
FeatureAdded the ability to customize what you call “Organizations”. This will automatically update all the hosted UIs and user facing error messages.
FeatureWhen logging a user in, you can specify where to redirect the user outside of the default redirect URL.
BugfixYou can now create organizations even if the feature is disabled. This allows for a smoother process of migrating to organizations if you are already live.
BetaAdded more options to the concept of organizations. You can require that your users are in at least one organization, require that users must log in directly to their organization, and more. Reach out if you’d like to try this out.
BetaAdded more granular controls over which domains/subdomains can access authentication information. This includes creating staging environments that can be reached by localhost, having a small set of subdomains that are NOT allowed to check if a user is logged in (for vendors you might not trust), and more.


ReleaseSelf-service SAML is live! This feature allows your customers to log in to your product using their existing identity provider, like Okta, Google, OneLogin, and more.
FeatureAdded support for Azure AD to our list of SAML IDPs, including documentation for your customers
FeatureAdded additional APIs for our backend libraries for enabling/disabling/deleting users. Also handles logging users out remotely.


FeatureAdded new APIs for disabling, enabling, and deleting users. Disabling/Deleting a user will both log them out and prevent them from logging back in.
FeatureAdded option for your users to test their SAML connections before enabling them.
FeatureAdded new APIs for explicitly picking which organizations can login via SAML. This can also be done via the dashboard, or you can enable it globally for all organizations.
Bugfix@propelauth/react library was re-rendering more than it needed to.
ReleaseCreated demo site where you can experiment with different themes without needing to sign up.


ReleaseRelease of our new hosted authentication pages. Includes more customizations, more themes, and more self-service options for your users.
FeatureAdded new APIs for migrating users from an external system.
FeatureAdded new APIs for manually managing organizations and RBAC.
FeatureReleased v1.2.4 of @propelauth/javascript which prevents fetching auth information if we’ve fetched recently.
BetaAdded Okta and JumpCloud support within our SAML beta.


FeatureOur hosted authentication pages can now be embedded in your application via an iframe.
FeatureAdded more options for you to manage your users directly in your dashboard, like resending confirmation emails or manually confirming the email.
FeatureAllow your users to revoke organization invitations and see invitations that expired.
FeatureYou can now search directly for a user by ID (in the dashboard).
BetaAdded self-service wizards for existing IDPs within our SAML beta. This walks your users through the steps of setting up a SAML connection.


FeatureAllow subdomains of your application to also fetch authentication information. In other words, if you set https://example.com as your application URL, you can now set up additional authenticated applications at any subdomain like https://app.example.com.
FeatureAdded option to disallow users from creating their own organizations. They can still manage the organization and invite new users, but it allows you to create and setup organizations on their behalf.
BugfixAdded event_type to webhooks to make it easier to distinguish
BugfixAdded additional options to verify your domain name
BetaAdded non-hierarchical roles (RBAC) support to our custom roles beta


ReleaseAdded @propelauth/node library to support serverless use cases or frameworks that don’t accept Express middleware.
FeatureOur backend libraries can now check org membership by name instead of just id, allowing for better subdomain-per-customer support.
FeatureYou can now manage your user’s organizations through our dashboard, instead of just programmatically.
BugfixAllow you to submit logos as SVGs.

And more…

If you have any questions about features or changes before July 15, please reach out at support@propelauth.com.