1.5.0

Enhancements

• User custom attributes 💫 : We're glad to announce that we now support adding custom attributes to the user object! The default user object is great, but sometimes you want to keep a bit more information on it for your app's needs.
• Creation of the attributes are done from the Descope Console, and you can find them in the user object under the custom_attributes property. Option to set, update and delete the values are also available from the SDK.
• Add a Login ID to the user upon update: When updating a user's phone or email (via OTP / Magic Link / Enchanted Link), you can decide if to make that new value part of the user's Login IDs so that they can later on authenticate with them.
  There can be times where an existing user with the new identifier already exists in your user database - so a merging strategy needs to be defined as well.
  All of this can be done using the add_to_login_ids parameter.
• Import and export of Flows and Themes: If you want to export or import flows and themes from one project to another - you can do so now with supporting commands, such as export_flow. Examples can be found in the SDK's README.
• Get tenant SSO configuration: Using the get_settings function, you can now fetch a specific tenant's SSO configuration. Example on how to do so in the repo's README, under the 'Manage SSO Settings' section.
• User attribute updates: You can now update the user's picture using the new user update_picture command, and user custom attributes using the update_custom_attribute command.
• Timeouts for request: We added configurable timeouts to our request. Default is set by the DEFAULT_TIMEOUT_SECONDS property and is set to 60 seconds. (@tebeka)

Bug fixes

• Test user functions: Deleting and authenticating test users didn't work in some cases as they were using the wrong methods. We fixed it and now it should work smoothly.

1.1.1

Bug fixes

• Automatic configuration of base URL: Some Python frameworks require setting the base URL parameter manually to Descope's API. We have now fixed this behavior to automatically set the base URL correctly.

1.1.0

Breaking changes

• PEP8 naming convention alignment: We made sure our Python SDK is aligned to the PEP8 naming convention; this includes the following breaking changes:
  • auth/webauthn.py - transactionID argument of the sign_up_finish function has changed to transaction_id
  • management/jwt.py - updateJWT function has changed to update_jwt

Enhancements

• Passwords for user authentication: Descope now supports usage of passwords. You can design your authentication flow to include password authentication, update a user's password when expired, and more.
• User testing utility for your E2E tests: When using authentication methods such as OTP / Magic Link / Enchanted Link, it can get cumbersome to automatically test those as part of the app's testing process. To close this loop - we released a utility with which you can create test users. Those special users are enabled to generate codes or links without the need of 3rd party messaging services.
  You can create, fetch and delete test users - all part of your integration tests code! More information, along with examples, can be found in the SDK's README.
• Invite users via management commands: Use the new invite User command to programmatically invite users to your project. Just like in the console, you can control which tenants and roles will be associated to the invited users.
• Masked email and phone dynamic values: We updated some of the authentication methods' responses to return a masked value of the user's verification identifier. Use the masked_address parameter when working with OTP / Magic Link / Enchanted Link to present it in Flow Screens or your own proprietary UI.
• Pagination support for Users: We now support the ability to paginate the search_all User response. Use the page parameter to define how many results should return in each page.
• Documentation enhancements: Tiny enhancements to our SDK's README.

1.0.0

Breaking changes

• SameSite=Strict Cookies: We changed the configuration of cookies so that they are SameSite=Strict.
  For more information on how to configure custom domains correctly - visit our documentation.
• Naming alignments: We aligned our naming in multiple places to be snake-case instead of camel-case, along with parameter naming alignment. These changes include:
  • loginOptions > login_options
  • refreshToken > refresh_token
  • DeliveryMethod.PHONE > DeliveryMethod.SMS

Enhancements

• JWT returns in validate_session: The validate_session function will now return the parsed JWT response.
• Upgraded SSO configuration options: We upgraded SSO management function, so that they now support configuring the domain parameter, which is used for auto registering new users to a specific tenant, if their identifiers are from the defined domain.

Bug fixes

• Logic fix in validate_and_refresh_session function: A fix to allow either and not both actions in method was applied.

0.9.1

Breaking changes

• 🚨 Session and Refresh token split 🚨: Session validation and refresh have been split in order to allow more control over session management.
  3 new functions have been added with a more predictable and straightforward behavior; the new functions have no optional parameters.

* `validate_session` - only validates the session.
* `refresh_session` - refreshes a session.
* `validate_and_refresh_session` - combines the two, validate and refresh as needed.

These function replace the following which have been removed:

* `validate_session_request` - replaced by `validate_and_refresh_session` with the change of requiring both tokens, and the two new functions added for more granular control.
* `refresh_token`: replaced by `refresh_session`, behavior remains with more consistent naming and input validation.

Enhancements

• Documentation enhancements: Additional explanations were added to our SDK's README.
• Rate limiting: In order to maintain our stable performance, and provide a good experience to all of our customers, we added SDK and API rate limits. You can read more in our documentation.

0.9.0

Breaking changes

• Rename of External ID to Login ID: In order to clarify and align the various user identifiers used in our system - we've decided to rename externalId to login_id.
• Enchanted Link attribute change: Updated the identifier attribute to linkId, to make it clearer for the Descoper to use.

Enhancements

• Management APIs: Various Management APIs were added to the package. This allows automation of actions on Users, Tenants, Access Keys and many more! 💯
  Some cool functionalities include:
  • Searching over all users
  • Adding roles and permissions, and assigning them to a user
  • Creating a tenant and configuriing its SAML mapping
• Key Response structure update: A v2 of the key response API; in order to support other frameworks, such as OpenID Connect, the key response's structure was updated, and keys are now a sub-attribute of keys.
  • Format in v1: [{...}]
  • Format in v2: {"keys": [{...}]}
• Custom Claims: Custom Claims can now be added to the JWT, using the updateJwt API.
• Readme updates: Updated the README of the repo, to make newcomers' lives even easier than before!

Bug fixes

• Username removed as parameter from SSO User Attributes Mapping: Username was a deprecated parameter in the SSO User Attributes Mapping dropdown. We removed it to resolve the confusion.

0.3.0

What's Changed

• Change exchange to POST by @dorsha in #63
• Change access key and refresh session to POST by @dorsha in #64
• 1. adjust email_validator for the new version (disable call for dns q… by @guyp-descope in #65
• fix: use cov xml file for result by @omercnet in #62
• chore(deps): update dependency black to v22.10.0 by @descope in #67
• Extend API to support custom claims by @aviadl in #68
• Change SAML start to be post by @dorsha in #70
• Change oauth authorize to be post by @dorsha in #71
• Fix oauth/saml start to be POST with query params by @dorsha in #72
• Add useful headers by @dorsha in #73
• Stepup take 2 by @aviadl in #74
• Adjust jwt response for access key with authz by @guyp-descope in #75
• fix(deps): update dependency cryptography to v38.0.3 [security] by @descope in #76
• fix(deps): update dependency pyjwt to v2.6.0 by @descope in #77
• chore(deps): update dependency pytest-cov to v4 by @descope in #69
• chore(deps): update dependency pytest to v7.2.0 by @descope in #79
• Add webauthn SignUpOrIn function by @shilgapira in #80
• Have both logout and logout_all as optinos by @slavikm in #81
• Add MFA support by @aviadl in #82
• chore(deps): update dependency liccheck to v0.7.3 by @descope in #83
• Management by @itaihanski in #84
• Add issuer support as url by @dorsha in #85
• Get management key from env var or config params by @shilgapira in #87
• Enchanted link support by @aviadl in #86
• Ensure management key is set before passing calls to management APIs by @shilgapira in #90
• Set localhost as default base_url (instead of prod link) by @guyp-descope in #88
• update poetry lockfile by @omercnet in #89

New Contributors

• @itaihanski made their first contribution in #84

Full Changelog: 0.2.0...0.3.0

0.2.0

What's Changed

• Pin dependencies by @descope in #49
• fix(readme): fix readme links to full URLs by @omercnet in #51
• chore: fix dev deps by @omercnet in #53
• Added support for /me by @slavikm in #52
• Add exchange access key function by @shilgapira in #54
• Add validate_permissions and validate_roles logic by @guyp-descope in #55
• fix: updating github action by @omercnet in #60
• fix the jet response object returned during validate_session_request by @guyp-descope in #58
• Change logout to be post by @dorsha in #59
• use valid return_url by @talaharoni in #61
• fix(deps): update dependency pyjwt to v2.5.0 by @descope in #57
• fix(deps): update dependency email-validator to v1.3.0 by @descope in #56

New Contributors

• @shilgapira made their first contribution in #54
• @dorsha made their first contribution in #59
• @talaharoni made their first contribution in #61

Full Changelog: 0.1.0...0.2.0

0.1.0

What's Changed

• Initial Python sdk code by @guyp-descope in #1
• Update the authorized license list + fix doc for the signin_otp function by @guyp-descope in #2
• Add magic link support to python by @aviadl in #3
• Fix routing to have /auth/ prefix by @aviadl in #4
• Support OAuth authentication method by @guyp-descope in #5
• Configure Renovate by @renovate in #6
• Update schneegans/dynamic-badges-action action to v1.4.0 by @renovate in #8
• Update actions/setup-python action to v4 by @renovate in #9
• fix packaging and add pyproject.toml fie by @guyp-descope in #10
• Upload artifacts by @meirwah in #12
• elaborate error msg by @meirwah in #13
• create and store images for example servers by @meirwah in #15
• change port by @meirwah in #16
• Update common.py by @meirwah in #18
• Update otp_web_sample_app.py by @meirwah in #17
• Update common.py by @meirwah in #19
• created baseline readme by @jeff-descope in #11
• Sdk take 2 by @guyp-descope in #20
• Split by auth method by @asafshen in #21
• remove cookies parameter on do_post and do_get by @guyp-descope in #23
• SDK with custom host and optional Verify by @meirwah in #22
• Change example routes by @meirwah in #24
• remove the usage of decorators in otp web sample app by @guyp-descope in #25
• Modify jwt response by @aviadl in #27
• Fix sample app, to place data on cookie propely by @aviadl in #28
• remove dsr usage on sample /private api by @guyp-descope in #29
• Restructure the jwt_response object by @guyp-descope in #30
• fix import by @guyp-descope in #32
• Rename example route by @meirwah in #33
• update console link by @Bars92 in #34
• update SDK URL to prod by @meirwah in #35
• (WIP) Docteam edits by @jeff-descope in #36
• Expose refresh token as a public method by @aviadl in #38
• fix issue #421 - aligned delivery-method-verification with the GO sdk by @guyp-descope in #37
• expose refresh token on DescopeClient by @asafshen in #39
• Replace basice auth with bearer by @aviadl in #40
• Update documentation by @guyp-descope in #41
• Fix doc (magiclink) by @guyp-descope in #42
• fix the parameters to magiclink verify func by @guyp-descope in #43
• Change all endpoints to the correct one by @aviadl in #46
• Validate session allows session token or refresh token to be empty by @slavikm in #47
• Switch to poetry by @omercnet in #48
• Update dependency jquery to v3.6.1 by @descope in #45
• chore(release): Change publish action to prod pypi by @omercnet in #50

New Contributors

• @guyp-descope made their first contribution in #1
• @aviadl made their first contribution in #3
• @renovate made their first contribution in #6
• @meirwah made their first contribution in #12
• @jeff-descope made their first contribution in #11
• @asafshen made their first contribution in #21
• @Bars92 made their first contribution in #34
• @slavikm made their first contribution in #47
• @omercnet made their first contribution in #48
• @descope made their first contribution in #45

Full Changelog: https://github.com/descope/python-sdk/commits/0.1.0