releases.shpreview
Auth0/Auth0 Changelog

Auth0 Changelog

$npx -y @buildinternet/releases show auth0-changelog
Mon
Wed
Fri
AprMayJunJulAugSepOctNovDecJanFebMarApr
Less
More
Releases219Avg67/moVersionsv202547 → v202614
Dec 18, 2025

We’re excited to announce the Open Early Access (EA) of Custom Token Exchange. OAuth 2.0 Token Exchange allows to trade one security token for another (typically an Access Token). With Custom Token Exchange, you can run Auth0 Actions as part of that exchange, giving you a flexible way to inject custom logic and implement your own authentication and authorization semantics. This lets you validate and authorize the request, and precisely set the user for every token exchange transaction.

Key highlights of this release:

  • Automatic Entitlement: The feature is now automatically available to all Enterprise and B2B Pro customers to be used for testing and production (no manual enablement required).
  • Organizations Support: Full compatibility with Organizations. You can now pass the organization parameter in the request or use the new setOrganization function within your Action.
  • Enhanced Security: Includes Multi-Factor Authentication (MFA) support during the exchange.

To learn more, read the reference documentation.

We’re excited to announce the Open Early Access (EA) of Custom Token Exchange. OAuth 2.0 Token Exchange allows to trade one security token for another (typically an Access Token). With Custom Token Exchange, you can run Auth0 Actions as part of that exchange, giving you a flexible way to inject custom logic and implement your own authentication and authorization semantics. This lets you validate and authorize the request, and precisely set the user for every token exchange transaction.

Key highlights of this release:

  • Automatic Entitlement: The feature is now automatically available to all Enterprise and B2B Pro customers to be used for testing and production (no manual enablement required).
  • Organizations Support: Full compatibility with Organizations. You can now pass the organization parameter in the request or use the new setOrganization function within your Action.
  • Enhanced Security: Includes Multi-Factor Authentication (MFA) support during the exchange.

To learn more, read the reference documentation.

We're excited to announce a significant update to the Security Center, marking the first major enhancement since last year's introduction of Thresholds and Alerts! These new capabilities drastically improve your ability to monitor, analyze, and respond to security threats with greater precision and speed.

What's New:

  • Granular Filtering by Applications and Connections: You can now filter security metrics within the Overview and Threat Monitoring pages by specific applications and connections. This allows for a more detailed examination of your tenant traffic, enabling faster incident triage and more effective troubleshooting by visualizing subsets of data.
  • Deeper Insights into Top Threat Behaviors: We've introduced new charts to highlight the top 5 connections and IPs associated with various security metrics. These groupings provide quick insights into potential anomalies and common threat behaviors, empowering you to identify and address risks more efficiently.
  • Consolidated Threat Monitoring View: The Threat Monitoring page has been revamped to offer a more intuitive and unified experience. This updated view, combined with the new filtering options by application and connection, streamlines your ability to track and respond to threats effectively.

These enhancements are available on all public cloud envirovments and gradually rolling out to private cloud environments.

Explore the updated Security Center today to take control of your security insights and strengthen your security posture!

Dec 17, 2025

The MyAccount API Explorer now has an updated experience! Using MyAccount API, customers can build self-service management experiences at scale, powered directly from their applications.

To learn more about the MyAccount API feature, click here.

The improved MyAccount API Explorer experience includes:

  • modernization of the look & feel
  • interactivity between the response schema and response example
  • full endpoint URL readily available to copy
  • ability to quickly navigate to other API Explorers

Navigate to: https://auth0.com/docs/api/myaccount to try it out!

We’re excited to announce that we added Flows Auth0 Send Email Action!

This new feature allows you to send emails from Flows using the customized Email Provider at your Auth0 Tenant.

What's new:

  • Email Providers: take advantage of the supported email providers that can be configured at your Auth0 Tenant.
  • Custom Email Provider: write custom code to send your emails to unsupported email providers using the Custom Email Provider Action.
  • Custom Properties: customize the settings for the outgoing emails including sender, recipient, subject, message, and variables.
  • Liquid Syntax: use Liquid syntax at your email subject and message.

The MyAccount API Explorer now has an updated experience! Using MyAccount API, customers can build self-service management experiences at scale, powered directly from their applications.

To learn more about the MyAccount API feature, click here.

The improved MyAccount API Explorer experience includes:

  • modernization of the look & feel
  • interactivity between the response schema and response example
  • full endpoint URL readily available to copy
  • ability to quickly navigate to other API Explorers

Navigate to: https://auth0.com/docs/api/myaccount to try it out!

We’re excited to announce that we added Flows Auth0 Send Email Action!

This new feature allows you to send emails from Flows using the customized Email Provider at your Auth0 Tenant.

What's new:

  • Email Providers: take advantage of the supported email providers that can be configured at your Auth0 Tenant.
  • Custom Email Provider: write custom code to send your emails to unsupported email providers using the Custom Email Provider Action.
  • Custom Properties: customize the settings for the outgoing emails including sender, recipient, subject, message, and variables.
  • Liquid Syntax: use Liquid syntax at your email subject and message.

The MyAccount API Explorer now has an updated experience! Using MyAccount API, customers can build self-service management experiences at scale, powered directly from their applications.

To learn more about the MyAccount API feature, click here.

The improved MyAccount API Explorer experience includes:

  • modernization of the look & feel
  • interactivity between the response schema and response example
  • full endpoint URL readily available to copy
  • ability to quickly navigate to other API Explorers

Navigate to: https://auth0.com/docs/api/myaccount to try it out!

We’re excited to announce that we added Flows Auth0 Send Email Action!

This new feature allows you to send emails from Flows using the customized Email Provider at your Auth0 Tenant.

What's new:

  • Email Providers: take advantage of the supported email providers that can be configured at your Auth0 Tenant.
  • Custom Email Provider: write custom code to send your emails to unsupported email providers using the Custom Email Provider Action.
  • Custom Properties: customize the settings for the outgoing emails including sender, recipient, subject, message, and variables.
  • Liquid Syntax: use Liquid syntax at your email subject and message.

The MyAccount API Explorer now has an updated experience! Using MyAccount API, customers can build self-service management experiences at scale, powered directly from their applications.

To learn more about the MyAccount API feature, click here.

The improved MyAccount API Explorer experience includes:

  • modernization of the look & feel
  • interactivity between the response schema and response example
  • full endpoint URL readily available to copy
  • ability to quickly navigate to other API Explorers

Navigate to: https://auth0.com/docs/api/myaccount to try it out!

We’re excited to announce that we added Flows Auth0 Send Email Action!

This new feature allows you to send emails from Flows using the customized Email Provider at your Auth0 Tenant.

What's new:

  • Email Providers: take advantage of the supported email providers that can be configured at your Auth0 Tenant.
  • Custom Email Provider: write custom code to send your emails to unsupported email providers using the Custom Email Provider Action.
  • Custom Properties: customize the settings for the outgoing emails including sender, recipient, subject, message, and variables.
  • Liquid Syntax: use Liquid syntax at your email subject and message.

The MyAccount API Explorer now has an updated experience! Using MyAccount API, customers can build self-service management experiences at scale, powered directly from their applications.

To learn more about the MyAccount API feature, click here.

The improved MyAccount API Explorer experience includes:

  • modernization of the look & feel
  • interactivity between the response schema and response example
  • full endpoint URL readily available to copy
  • ability to quickly navigate to other API Explorers

Navigate to: https://auth0.com/docs/api/myaccount to try it out!

We’re excited to announce that we added Flows Auth0 Send Email Action!

This new feature allows you to send emails from Flows using the customized Email Provider at your Auth0 Tenant.

What's new:

  • Email Providers: take advantage of the supported email providers that can be configured at your Auth0 Tenant.
  • Custom Email Provider: write custom code to send your emails to unsupported email providers using the Custom Email Provider Action.
  • Custom Properties: customize the settings for the outgoing emails including sender, recipient, subject, message, and variables.
  • Liquid Syntax: use Liquid syntax at your email subject and message.
Dec 15, 2025
Deprecation of Weak TLS 1.2 Cipher Suites

To ensure the highest security standards for your identity infrastructure, we are retiring specific weak TLS 1.2 cipher suites. This change affects all connections to Auth0 service endpoints and web applications, specifically:

  • Tenant Domains: All default (e.g., [tenant].auth0.com) and Custom Domains for both Public and Private Cloud.
  • Auth0 Tools: The Dashboard (manage.auth0.com), Marketplace, and Support Center.
  • Infrastructure: The Auth0 CDN.

Cipher Suites Scheduled for Removal: The following ciphers are being deprecated. For cross-reference, we have provided the unique Hex Code, IANA name, and a link to the OpenSSL equivalent.

Additional information is available through the Auth0 dashboard and Support Center notification.

Deprecation of Weak TLS 1.2 Cipher Suites

To ensure the highest security standards for your identity infrastructure, we are retiring specific weak TLS 1.2 cipher suites. This change affects all connections to Auth0 service endpoints and web applications, specifically:

  • Tenant Domains: All default (e.g., [tenant].auth0.com) and Custom Domains for both Public and Private Cloud.
  • Auth0 Tools: The Dashboard (manage.auth0.com), Marketplace, and Support Center.
  • Infrastructure: The Auth0 CDN.

Cipher Suites Scheduled for Removal: The following ciphers are being deprecated. For cross-reference, we have provided the unique Hex Code, IANA name, and a link to the OpenSSL equivalent.

Additional information is available through the Auth0 dashboard and Support Center notification.

Deprecation of Weak TLS 1.2 Cipher Suites

To ensure the highest security standards for your identity infrastructure, we are retiring specific weak TLS 1.2 cipher suites. This change affects all connections to Auth0 service endpoints and web applications, specifically:

  • Tenant Domains: All default (e.g., [tenant].auth0.com) and Custom Domains for both Public and Private Cloud.
  • Auth0 Tools: The Dashboard (manage.auth0.com), Marketplace, and Support Center.
  • Infrastructure: The Auth0 CDN.

Cipher Suites Scheduled for Removal: The following ciphers are being deprecated. For cross-reference, we have provided the unique Hex Code, IANA name, and a link to the OpenSSL equivalent.

Additional information is available through the Auth0 dashboard and Support Center notification.

Deprecation of Weak TLS 1.2 Cipher Suites

To ensure the highest security standards for your identity infrastructure, we are retiring specific weak TLS 1.2 cipher suites. This change affects all connections to Auth0 service endpoints and web applications, specifically:

  • Tenant Domains: All default (e.g., [tenant].auth0.com) and Custom Domains for both Public and Private Cloud.
  • Auth0 Tools: The Dashboard (manage.auth0.com), Marketplace, and Support Center.
  • Infrastructure: The Auth0 CDN.

Cipher Suites Scheduled for Removal: The following ciphers are being deprecated. For cross-reference, we have provided the unique Hex Code, IANA name, and a link to the OpenSSL equivalent.

Additional information is available through the Auth0 dashboard and Support Center notification.

Deprecation of Weak TLS 1.2 Cipher Suites

To ensure the highest security standards for your identity infrastructure, we are retiring specific weak TLS 1.2 cipher suites. This change affects all connections to Auth0 service endpoints and web applications, specifically:

  • Tenant Domains: All default (e.g., [tenant].auth0.com) and Custom Domains for both Public and Private Cloud.
  • Auth0 Tools: The Dashboard (manage.auth0.com), Marketplace, and Support Center.
  • Infrastructure: The Auth0 CDN.

Cipher Suites Scheduled for Removal: The following ciphers are being deprecated. For cross-reference, we have provided the unique Hex Code, IANA name, and a link to the OpenSSL equivalent.

Additional information is available through the Auth0 dashboard and Support Center notification.

Dec 12, 2025

We are excited to announce that Advanced Customizations for Universal Login (ACUL) is now generally available. ACUL enables developers to create custom, client-rendered user interfaces for Universal Login using their preferred frontend technologies.

Key capabilities in this release:

  • Full Screen Parity: Support for customizing all Universal Login screens and flows, including Login, Signup, MFA, Password Reset, and more.
  • New SDKs: Production-ready React and TypeScript SDKs to accelerate development.
  • Visual Editor: A new Dashboard UI for managing screen configurations and assets.
  • Improved Developer Tooling: Major updates to Auth0 CLI to support scaffolding (auth0 acul init), local mocking, testing, and CI/CD deployments.
  • Production-Ready Sample App: A robust sample repository featuring implementations of 34 authentication screens built with React 19 and Tailwind 4.

ACUL allows you to leverage all the security benefits of Universal Login, such as bot protection and threat intelligence, while providing complete control over the visual presentation and user journey.

Read the Documentation

We are excited to announce that Advanced Customizations for Universal Login (ACUL) is now generally available. ACUL enables developers to create custom, client-rendered user interfaces for Universal Login using their preferred frontend technologies.

Key capabilities in this release:

  • Full Screen Parity: Support for customizing all Universal Login screens and flows, including Login, Signup, MFA, Password Reset, and more.
  • New SDKs: Production-ready React and TypeScript SDKs to accelerate development.
  • Visual Editor: A new Dashboard UI for managing screen configurations and assets.
  • Improved Developer Tooling: Major updates to Auth0 CLI to support scaffolding (auth0 acul init), local mocking, testing, and CI/CD deployments.
  • Production-Ready Sample App: A robust sample repository featuring implementations of 34 authentication screens built with React 19 and Tailwind 4.

ACUL allows you to leverage all the security benefits of Universal Login, such as bot protection and threat intelligence, while providing complete control over the visual presentation and user journey.

Read the Documentation

Previous1011121314Next
Latest
Apr 17, 2026
Source
auth0.com/changelog
Tracking Since
Sep 25, 2024
Last fetched Apr 18, 2026
.json·.md·.atom