releases.shpreview
Auth0/Auth0 Changelog

Auth0 Changelog

$npx @buildinternet/releases show auth0-changelog
Mon
Wed
Fri
AprMayJunJulAugSepOctNovDecJanFebMarApr
Less
More
Releases510Avg156/moVersionsv202547 → v202614
Oct 16, 2025

The first public beta of the Auth0 Nuxt SDK is now available for developers building web apps on the Nuxt framework!

Key Highlights

  • Idiomatic Nuxt 3 Experience: Simple, composable functions (useAuth0) that feel native to Nuxt developers, dramatically reducing time-to-first-login.
  • Advanced Security Out-of-the-Box: We've included support for the latest security standards from day one, including PAR, RAR, and Backchannel Logout.
  • Powerful API Authentication: Seamlessly obtain tokens for backend APIs using the TokenVault integration.

Resources

Here are the helpful resources to explore the new Nuxt SDK and get started:

This SDK is still in Beta and we need your feedback! Please share any feedback, questions or comments on GitHub.

The first public beta of the Auth0 Nuxt SDK is now available for developers building web apps on the Nuxt framework!

Key Highlights

  • Idiomatic Nuxt 3 Experience: Simple, composable functions (useAuth0) that feel native to Nuxt developers, dramatically reducing time-to-first-login.
  • Advanced Security Out-of-the-Box: We've included support for the latest security standards from day one, including PAR, RAR, and Backchannel Logout.
  • Powerful API Authentication: Seamlessly obtain tokens for backend APIs using the TokenVault integration.

Resources

Here are the helpful resources to explore the new Nuxt SDK and get started:

This SDK is still in Beta and we need your feedback! Please share any feedback, questions or comments on GitHub.

The first public beta of the Auth0 Nuxt SDK is now available for developers building web apps on the Nuxt framework!

Key Highlights

  • Idiomatic Nuxt 3 Experience: Simple, composable functions (useAuth0) that feel native to Nuxt developers, dramatically reducing time-to-first-login.
  • Advanced Security Out-of-the-Box: We've included support for the latest security standards from day one, including PAR, RAR, and Backchannel Logout.
  • Powerful API Authentication: Seamlessly obtain tokens for backend APIs using the TokenVault integration.

Resources

Here are the helpful resources to explore the new Nuxt SDK and get started:

This SDK is still in Beta and we need your feedback! Please share any feedback, questions or comments on GitHub.

The first public beta of the Auth0 Nuxt SDK is now available for developers building web apps on the Nuxt framework!

Key Highlights

  • Idiomatic Nuxt 3 Experience: Simple, composable functions (useAuth0) that feel native to Nuxt developers, dramatically reducing time-to-first-login.
  • Advanced Security Out-of-the-Box: We've included support for the latest security standards from day one, including PAR, RAR, and Backchannel Logout.
  • Powerful API Authentication: Seamlessly obtain tokens for backend APIs using the TokenVault integration.

Resources

Here are the helpful resources to explore the new Nuxt SDK and get started:

This SDK is still in Beta and we need your feedback! Please share any feedback, questions or comments on GitHub.

The first public beta of the Auth0 Nuxt SDK is now available for developers building web apps on the Nuxt framework!

Key Highlights

  • Idiomatic Nuxt 3 Experience: Simple, composable functions (useAuth0) that feel native to Nuxt developers, dramatically reducing time-to-first-login.
  • Advanced Security Out-of-the-Box: We've included support for the latest security standards from day one, including PAR, RAR, and Backchannel Logout.
  • Powerful API Authentication: Seamlessly obtain tokens for backend APIs using the TokenVault integration.

Resources

Here are the helpful resources to explore the new Nuxt SDK and get started:

This SDK is still in Beta and we need your feedback! Please share any feedback, questions or comments on GitHub.

The first public beta of the Auth0 Nuxt SDK is now available for developers building web apps on the Nuxt framework!

Key Highlights

  • Idiomatic Nuxt 3 Experience: Simple, composable functions (useAuth0) that feel native to Nuxt developers, dramatically reducing time-to-first-login.
  • Advanced Security Out-of-the-Box: We've included support for the latest security standards from day one, including PAR, RAR, and Backchannel Logout.
  • Powerful API Authentication: Seamlessly obtain tokens for backend APIs using the TokenVault integration.

Resources

Here are the helpful resources to explore the new Nuxt SDK and get started:

This SDK is still in Beta and we need your feedback! Please share any feedback, questions or comments on GitHub.

The first public beta of the Auth0 Nuxt SDK is now available for developers building web apps on the Nuxt framework!

Key Highlights

  • Idiomatic Nuxt 3 Experience: Simple, composable functions (useAuth0) that feel native to Nuxt developers, dramatically reducing time-to-first-login.
  • Advanced Security Out-of-the-Box: We've included support for the latest security standards from day one, including PAR, RAR, and Backchannel Logout.
  • Powerful API Authentication: Seamlessly obtain tokens for backend APIs using the TokenVault integration.

Resources

Here are the helpful resources to explore the new Nuxt SDK and get started:

This SDK is still in Beta and we need your feedback! Please share any feedback, questions or comments on GitHub.

Oct 10, 2025

We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.

Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.

What this means for you:

  • Automation: You can now programmatically fetch and parse the list, eliminating the need for manual updates.
  • Accuracy: The structured data ensures you're always using the latest and most accurate IP addresses.
  • Clarity: The changelogs highlight specific additions and removals, so you can easily see what has been updated.

You can access this information at: https://cdn.auth0.com/ip-ranges.json

For more details, please see our documentation on IP allow list.

When validating JWT assertions used for client application authentication, Auth0 will impose stricter requirements and accept only a tenant's issuer identifier as a single JSON string value in the "aud" (audience) claim.

The possibility of providing an "aud" claim with either one of the approaches listed below is deprecated, and at a future date will cause the service to consider such JWT assertions invalid:

  • A JSON array of strings, provided that one of the entries contains a valid issuer identifier or endpoint URL for the respective tenant and endpoint the client authenticates against.
  • A single JSON string representing a valid endpoint URL for the respective tenant and endpoint the client authenticates against.

OIDC enterprise connections configured to use Private Key JWT in authenticated requests to the upstream identity provider will also be able to use the applicable issuer identifier represented as a JSON string in the "aud" claim included in JWT assertions.

We have provided additional information and timelines for enforcing this change across tenants through a dashboard and support center notification.

We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.

Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.

What this means for you:

  • Automation: You can now programmatically fetch and parse the list, eliminating the need for manual updates.
  • Accuracy: The structured data ensures you're always using the latest and most accurate IP addresses.
  • Clarity: The changelogs highlight specific additions and removals, so you can easily see what has been updated.

You can access this information at: https://cdn.auth0.com/ip-ranges.json

For more details, please see our documentation on IP allow list.

When validating JWT assertions used for client application authentication, Auth0 will impose stricter requirements and accept only a tenant's issuer identifier as a single JSON string value in the "aud" (audience) claim.

The possibility of providing an "aud" claim with either one of the approaches listed below is deprecated, and at a future date will cause the service to consider such JWT assertions invalid:

  • A JSON array of strings, provided that one of the entries contains a valid issuer identifier or endpoint URL for the respective tenant and endpoint the client authenticates against.
  • A single JSON string representing a valid endpoint URL for the respective tenant and endpoint the client authenticates against.

OIDC enterprise connections configured to use Private Key JWT in authenticated requests to the upstream identity provider will also be able to use the applicable issuer identifier represented as a JSON string in the "aud" claim included in JWT assertions.

We have provided additional information and timelines for enforcing this change across tenants through a dashboard and support center notification.

We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.

Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.

What this means for you:

  • Automation: You can now programmatically fetch and parse the list, eliminating the need for manual updates.
  • Accuracy: The structured data ensures you're always using the latest and most accurate IP addresses.
  • Clarity: The changelogs highlight specific additions and removals, so you can easily see what has been updated.

You can access this information at: https://cdn.auth0.com/ip-ranges.json

For more details, please see our documentation on IP allow list.

When validating JWT assertions used for client application authentication, Auth0 will impose stricter requirements and accept only a tenant's issuer identifier as a single JSON string value in the "aud" (audience) claim.

The possibility of providing an "aud" claim with either one of the approaches listed below is deprecated, and at a future date will cause the service to consider such JWT assertions invalid:

  • A JSON array of strings, provided that one of the entries contains a valid issuer identifier or endpoint URL for the respective tenant and endpoint the client authenticates against.
  • A single JSON string representing a valid endpoint URL for the respective tenant and endpoint the client authenticates against.

OIDC enterprise connections configured to use Private Key JWT in authenticated requests to the upstream identity provider will also be able to use the applicable issuer identifier represented as a JSON string in the "aud" claim included in JWT assertions.

We have provided additional information and timelines for enforcing this change across tenants through a dashboard and support center notification.

We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.

Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.

What this means for you:

  • Automation: You can now programmatically fetch and parse the list, eliminating the need for manual updates.
  • Accuracy: The structured data ensures you're always using the latest and most accurate IP addresses.
  • Clarity: The changelogs highlight specific additions and removals, so you can easily see what has been updated.

You can access this information at: https://cdn.auth0.com/ip-ranges.json

For more details, please see our documentation on IP allow list.

When validating JWT assertions used for client application authentication, Auth0 will impose stricter requirements and accept only a tenant's issuer identifier as a single JSON string value in the "aud" (audience) claim.

The possibility of providing an "aud" claim with either one of the approaches listed below is deprecated, and at a future date will cause the service to consider such JWT assertions invalid:

  • A JSON array of strings, provided that one of the entries contains a valid issuer identifier or endpoint URL for the respective tenant and endpoint the client authenticates against.
  • A single JSON string representing a valid endpoint URL for the respective tenant and endpoint the client authenticates against.

OIDC enterprise connections configured to use Private Key JWT in authenticated requests to the upstream identity provider will also be able to use the applicable issuer identifier represented as a JSON string in the "aud" claim included in JWT assertions.

We have provided additional information and timelines for enforcing this change across tenants through a dashboard and support center notification.

We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.

Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.

What this means for you:

  • Automation: You can now programmatically fetch and parse the list, eliminating the need for manual updates.
  • Accuracy: The structured data ensures you're always using the latest and most accurate IP addresses.
  • Clarity: The changelogs highlight specific additions and removals, so you can easily see what has been updated.

You can access this information at: https://cdn.auth0.com/ip-ranges.json

For more details, please see our documentation on IP allow list.

When validating JWT assertions used for client application authentication, Auth0 will impose stricter requirements and accept only a tenant's issuer identifier as a single JSON string value in the "aud" (audience) claim.

The possibility of providing an "aud" claim with either one of the approaches listed below is deprecated, and at a future date will cause the service to consider such JWT assertions invalid:

  • A JSON array of strings, provided that one of the entries contains a valid issuer identifier or endpoint URL for the respective tenant and endpoint the client authenticates against.
  • A single JSON string representing a valid endpoint URL for the respective tenant and endpoint the client authenticates against.

OIDC enterprise connections configured to use Private Key JWT in authenticated requests to the upstream identity provider will also be able to use the applicable issuer identifier represented as a JSON string in the "aud" claim included in JWT assertions.

We have provided additional information and timelines for enforcing this change across tenants through a dashboard and support center notification.

We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.

Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.

What this means for you:

  • Automation: You can now programmatically fetch and parse the list, eliminating the need for manual updates.
  • Accuracy: The structured data ensures you're always using the latest and most accurate IP addresses.
  • Clarity: The changelogs highlight specific additions and removals, so you can easily see what has been updated.

You can access this information at: https://cdn.auth0.com/ip-ranges.json

For more details, please see our documentation on IP allow list.

When validating JWT assertions used for client application authentication, Auth0 will impose stricter requirements and accept only a tenant's issuer identifier as a single JSON string value in the "aud" (audience) claim.

The possibility of providing an "aud" claim with either one of the approaches listed below is deprecated, and at a future date will cause the service to consider such JWT assertions invalid:

  • A JSON array of strings, provided that one of the entries contains a valid issuer identifier or endpoint URL for the respective tenant and endpoint the client authenticates against.
  • A single JSON string representing a valid endpoint URL for the respective tenant and endpoint the client authenticates against.

OIDC enterprise connections configured to use Private Key JWT in authenticated requests to the upstream identity provider will also be able to use the applicable issuer identifier represented as a JSON string in the "aud" claim included in JWT assertions.

We have provided additional information and timelines for enforcing this change across tenants through a dashboard and support center notification.

We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.

Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.

What this means for you:

  • Automation: You can now programmatically fetch and parse the list, eliminating the need for manual updates.
  • Accuracy: The structured data ensures you're always using the latest and most accurate IP addresses.
  • Clarity: The changelogs highlight specific additions and removals, so you can easily see what has been updated.

You can access this information at: https://cdn.auth0.com/ip-ranges.json

For more details, please see our documentation on IP allow list.

Previous4243444546Next
Latest
Apr 23, 2026
Source
auth0.com/changelog
Tracking Since
Sep 25, 2024
Last checked Apr 24, 2026
.json·.md·.atom