Auth0 Changelog

We’re thrilled to introduce the Limited Early Access release of Additional Signing Algorithm for Okta and OIDC enterprise connections! This release expands flexibility for both Private Key JWT client authentication and ID token verification by adding support for stronger signing algorithms beyond RS256, including:

• RS512
• PS256
• ES256

For Private Key JWT, Auth0 now lets you choose which algorithm is used to sign client assertion JWTs when authenticating requests to an upstream IdP. For ID token verification, Auth0 can validate tokens signed with a wider set of algorithms, ensuring compatibility across OIDC flows. Together, these enhancements give customers more control over cryptographic choices, making it easier to align with security policies and adapt as standards evolve

This release is currently rolling out to all environments. To enable the Additional Signing Algorithms Limited Early Access release in your Auth0 tenant once available in your environment, please contact your Technical Account Manager to request access.

We’re thrilled to introduce the Limited Early Access release of Additional Signing Algorithm for Okta and OIDC enterprise connections! This release expands flexibility for both Private Key JWT client authentication and ID token verification by adding support for stronger signing algorithms beyond RS256, including:

• RS512
• PS256
• ES256

For Private Key JWT, Auth0 now lets you choose which algorithm is used to sign client assertion JWTs when authenticating requests to an upstream IdP. For ID token verification, Auth0 can validate tokens signed with a wider set of algorithms, ensuring compatibility across OIDC flows. Together, these enhancements give customers more control over cryptographic choices, making it easier to align with security policies and adapt as standards evolve

This release is currently rolling out to all environments. To enable the Additional Signing Algorithms Limited Early Access release in your Auth0 tenant once available in your environment, please contact your Technical Account Manager to request access.

We’re thrilled to introduce the Limited Early Access release of Additional Signing Algorithm for Okta and OIDC enterprise connections! This release expands flexibility for both Private Key JWT client authentication and ID token verification by adding support for stronger signing algorithms beyond RS256, including:

• RS512
• PS256
• ES256

For Private Key JWT, Auth0 now lets you choose which algorithm is used to sign client assertion JWTs when authenticating requests to an upstream IdP. For ID token verification, Auth0 can validate tokens signed with a wider set of algorithms, ensuring compatibility across OIDC flows. Together, these enhancements give customers more control over cryptographic choices, making it easier to align with security policies and adapt as standards evolve

This release is currently rolling out to all environments. To enable the Additional Signing Algorithms Limited Early Access release in your Auth0 tenant once available in your environment, please contact your Technical Account Manager to request access.

We’re very excited to announce the availability of Native Passkey Management, extending the management of authentication methods using APIs. Customers can now delete passkeys using APIs and list all enrolled authentication methods for a user.

Customers can build end-to-end management of the passkeys directly into their native applications.

Native Passkey Management is in Limited EA - reach out to your Auth0 contact to get started today.

To get started with MyAccount please read our documentation

As part of the Continuous Session Protection, you can now configure ephemeral (non-persistent) sessions using Actions. This allows enterprise customers to dynamically control whether a session is stored in a persistent cookie or only in memory.

Ephemeral sessions:

• Exist only in memory and are cleared when the browser or app is closed
• Are ideal for high-sensitivity workflows such as step-up authentication or use on public devices
• Can be configured per session using api.session.setCookieMode("non-persistent") in post-login Actions

This feature is available to all Enterprise tenants in Public Early Access and requires no enrolment.

Learn more: https://auth0.com/docs/manage-users/sessions/sessions-with-actions#set-session-persistence-with-actions and https://auth0.com/docs/manage-users/sessions/session-lifecycle

Use Ephemeral Sessions with Actions to configure Keep Me Sign In

We are excited to announce the release of the Auth0 React Native SDK v5, a foundational rewrite designed to provide a best-in-class developer experience for one of the world's most popular mobile frameworks. This major update delivers a simpler, more powerful way to integrate secure authentication into your React Native applications while ensuring compatibility with the latest evolution of the ecosystem.

Highlights:

• Stay on the Cutting Edge of React Native: Deploy with confidence knowing your authentication layer is ready for the future. The SDK is fully compatible with React 19 and Expo 53, and now includes Beta support for React Native's New Architecture (Turbo Modules). This allows you to leverage the latest performance and UI capabilities of the ecosystem without compromising on security.
• Accelerate Development with a Better DX: We've refactored the entire SDK from the ground up to create a more intuitive and efficient developer experience. With a simpler API surface, unified cross-platform error handling, and an Android layer rewritten in modern Kotlin, you can integrate Auth0 faster and spend less time debugging.
• Build for More Platforms with react-native-web: The new, robust architecture enables first-class support for react-native-web. Now you can share more of your authentication logic between your native mobile and web applications, streamlining development and ensuring a consistent user experience everywhere.

Get Started Today. The Auth0 React Native SDK v5 is now generally available.

As a major version release, v5 includes breaking changes aimed at improving the long-term health and usability of the SDK. To upgrade, please consult our comprehensive Migration Guide to v5.

For a full list of new features, improvements, and breaking changes, view the complete release notes on GitHub.

You can now use Organizations with your native passkey flows! User sign-in and registration flows can now pass the organization to complete sign up in the organization context. Like Universal Login flows, auto-enrollment into an organization during sign-in is also supported.

Organizations Support for Native Passkeys is in Limited EA - reach out to your Auth0 contact to get started today.

To get started with Passkey APIs and use them with Organizations, please see our documentation or read our blog for getting started with native applications.

You can now use Organizations with your native passkey flows! User sign-in and registration flows can now pass the organization to complete sign up in the organization context. Like Universal Login flows, auto-enrollment into an organization during sign-in is also supported.

Organizations Support for Native Passkeys is in Limited EA - reach out to your Auth0 contact to get started today.

To get started with Passkey APIs and use them with Organizations, please see our documentation or read our blog for getting started with native applications.

We are excited to announce the release of the Auth0 React Native SDK v5, a foundational rewrite designed to provide a best-in-class developer experience for one of the world's most popular mobile frameworks. This major update delivers a simpler, more powerful way to integrate secure authentication into your React Native applications while ensuring compatibility with the latest evolution of the ecosystem.

Highlights:

• Stay on the Cutting Edge of React Native: Deploy with confidence knowing your authentication layer is ready for the future. The SDK is fully compatible with React 19 and Expo 53, and now includes Beta support for React Native's New Architecture (Turbo Modules). This allows you to leverage the latest performance and UI capabilities of the ecosystem without compromising on security.
• Accelerate Development with a Better DX: We've refactored the entire SDK from the ground up to create a more intuitive and efficient developer experience. With a simpler API surface, unified cross-platform error handling, and an Android layer rewritten in modern Kotlin, you can integrate Auth0 faster and spend less time debugging.
• Build for More Platforms with react-native-web: The new, robust architecture enables first-class support for react-native-web. Now you can share more of your authentication logic between your native mobile and web applications, streamlining development and ensuring a consistent user experience everywhere.

Get Started Today. The Auth0 React Native SDK v5 is now generally available.

As a major version release, v5 includes breaking changes aimed at improving the long-term health and usability of the SDK. To upgrade, please consult our comprehensive Migration Guide to v5.

For a full list of new features, improvements, and breaking changes, view the complete release notes on GitHub.

We’re very excited to announce the availability of Native Passkey Management, extending the management of authentication methods using APIs. Customers can now delete passkeys using APIs and list all enrolled authentication methods for a user.

Customers can build end-to-end management of the passkeys directly into their native applications.

Native Passkey Management is in Limited EA - reach out to your Auth0 contact to get started today.

To get started with MyAccount please read our documentation

As part of the Continuous Session Protection, you can now configure ephemeral (non-persistent) sessions using Actions. This allows enterprise customers to dynamically control whether a session is stored in a persistent cookie or only in memory.

Ephemeral sessions:

• Exist only in memory and are cleared when the browser or app is closed
• Are ideal for high-sensitivity workflows such as step-up authentication or use on public devices
• Can be configured per session using api.session.setCookieMode("non-persistent") in post-login Actions

This feature is available to all Enterprise tenants in Public Early Access and requires no enrolment.

Learn more: https://auth0.com/docs/manage-users/sessions/sessions-with-actions#set-session-persistence-with-actions and https://auth0.com/docs/manage-users/sessions/session-lifecycle

Use Ephemeral Sessions with Actions to configure Keep Me Sign In

You can now use Organizations with your native passkey flows! User sign-in and registration flows can now pass the organization to complete sign up in the organization context. Like Universal Login flows, auto-enrollment into an organization during sign-in is also supported.

Organizations Support for Native Passkeys is in Limited EA - reach out to your Auth0 contact to get started today.

To get started with Passkey APIs and use them with Organizations, please see our documentation or read our blog for getting started with native applications.

We are excited to announce the release of the Auth0 React Native SDK v5, a foundational rewrite designed to provide a best-in-class developer experience for one of the world's most popular mobile frameworks. This major update delivers a simpler, more powerful way to integrate secure authentication into your React Native applications while ensuring compatibility with the latest evolution of the ecosystem.

Highlights:

• Stay on the Cutting Edge of React Native: Deploy with confidence knowing your authentication layer is ready for the future. The SDK is fully compatible with React 19 and Expo 53, and now includes Beta support for React Native's New Architecture (Turbo Modules). This allows you to leverage the latest performance and UI capabilities of the ecosystem without compromising on security.
• Accelerate Development with a Better DX: We've refactored the entire SDK from the ground up to create a more intuitive and efficient developer experience. With a simpler API surface, unified cross-platform error handling, and an Android layer rewritten in modern Kotlin, you can integrate Auth0 faster and spend less time debugging.
• Build for More Platforms with react-native-web: The new, robust architecture enables first-class support for react-native-web. Now you can share more of your authentication logic between your native mobile and web applications, streamlining development and ensuring a consistent user experience everywhere.

Get Started Today. The Auth0 React Native SDK v5 is now generally available.

As a major version release, v5 includes breaking changes aimed at improving the long-term health and usability of the SDK. To upgrade, please consult our comprehensive Migration Guide to v5.

For a full list of new features, improvements, and breaking changes, view the complete release notes on GitHub.

We’re very excited to announce the availability of Native Passkey Management, extending the management of authentication methods using APIs. Customers can now delete passkeys using APIs and list all enrolled authentication methods for a user.

Customers can build end-to-end management of the passkeys directly into their native applications.

Native Passkey Management is in Limited EA - reach out to your Auth0 contact to get started today.

To get started with MyAccount please read our documentation

As part of the Continuous Session Protection, you can now configure ephemeral (non-persistent) sessions using Actions. This allows enterprise customers to dynamically control whether a session is stored in a persistent cookie or only in memory.

Ephemeral sessions:

• Exist only in memory and are cleared when the browser or app is closed
• Are ideal for high-sensitivity workflows such as step-up authentication or use on public devices
• Can be configured per session using api.session.setCookieMode("non-persistent") in post-login Actions

This feature is available to all Enterprise tenants in Public Early Access and requires no enrolment.

Learn more: https://auth0.com/docs/manage-users/sessions/sessions-with-actions#set-session-persistence-with-actions and https://auth0.com/docs/manage-users/sessions/session-lifecycle

Use Ephemeral Sessions with Actions to configure Keep Me Sign In

You can now use Organizations with your native passkey flows! User sign-in and registration flows can now pass the organization to complete sign up in the organization context. Like Universal Login flows, auto-enrollment into an organization during sign-in is also supported.

Organizations Support for Native Passkeys is in Limited EA - reach out to your Auth0 contact to get started today.

To get started with Passkey APIs and use them with Organizations, please see our documentation or read our blog for getting started with native applications.

We are excited to announce the release of the Auth0 React Native SDK v5, a foundational rewrite designed to provide a best-in-class developer experience for one of the world's most popular mobile frameworks. This major update delivers a simpler, more powerful way to integrate secure authentication into your React Native applications while ensuring compatibility with the latest evolution of the ecosystem.

Highlights:

• Stay on the Cutting Edge of React Native: Deploy with confidence knowing your authentication layer is ready for the future. The SDK is fully compatible with React 19 and Expo 53, and now includes Beta support for React Native's New Architecture (Turbo Modules). This allows you to leverage the latest performance and UI capabilities of the ecosystem without compromising on security.
• Accelerate Development with a Better DX: We've refactored the entire SDK from the ground up to create a more intuitive and efficient developer experience. With a simpler API surface, unified cross-platform error handling, and an Android layer rewritten in modern Kotlin, you can integrate Auth0 faster and spend less time debugging.
• Build for More Platforms with react-native-web: The new, robust architecture enables first-class support for react-native-web. Now you can share more of your authentication logic between your native mobile and web applications, streamlining development and ensuring a consistent user experience everywhere.

Get Started Today. The Auth0 React Native SDK v5 is now generally available.

As a major version release, v5 includes breaking changes aimed at improving the long-term health and usability of the SDK. To upgrade, please consult our comprehensive Migration Guide to v5.

For a full list of new features, improvements, and breaking changes, view the complete release notes on GitHub.

We’re very excited to announce the availability of Native Passkey Management, extending the management of authentication methods using APIs. Customers can now delete passkeys using APIs and list all enrolled authentication methods for a user.

Customers can build end-to-end management of the passkeys directly into their native applications.

Native Passkey Management is in Limited EA - reach out to your Auth0 contact to get started today.

To get started with MyAccount please read our documentation

As part of the Continuous Session Protection, you can now configure ephemeral (non-persistent) sessions using Actions. This allows enterprise customers to dynamically control whether a session is stored in a persistent cookie or only in memory.

Ephemeral sessions:

• Exist only in memory and are cleared when the browser or app is closed
• Are ideal for high-sensitivity workflows such as step-up authentication or use on public devices
• Can be configured per session using api.session.setCookieMode("non-persistent") in post-login Actions

This feature is available to all Enterprise tenants in Public Early Access and requires no enrolment.

Learn more: https://auth0.com/docs/manage-users/sessions/sessions-with-actions#set-session-persistence-with-actions and https://auth0.com/docs/manage-users/sessions/session-lifecycle

Use Ephemeral Sessions with Actions to configure Keep Me Sign In

We’re very excited to announce the availability of Native Passkey Management, extending the management of authentication methods using APIs. Customers can now delete passkeys using APIs and list all enrolled authentication methods for a user.

Customers can build end-to-end management of the passkeys directly into their native applications.

Native Passkey Management is in Limited EA - reach out to your Auth0 contact to get started today.

To get started with MyAccount please read our documentation