3.9.0

Full Changelog

Notes on this release

• Added a complete Spanish translation!
• Email changes for WordPress users now work properly and are rejected clearly if Auth0 rejects the change. This does not affect the email verification process in WordPress; the email is changed only after the verification happens. A current API token is not required but your Application does need to allow for a Client Credentials grant with the Management API (this configured for you by default, more information here).
• Sibling sub-domains are now allowed for the Login Redirect URL. Anything within the same domain name as the site URL can now be saved.
• Default Auth0 IP addresses are now allowed by default on the user migration endpoints. Adding or changing the IP addresses for the "Migration IPs Whitelist" field will not affect default IPs.
• User migration endpoints were improved to provide better errors when requests are rejected and more clear custom database scripts that can be used as an example when setting up the migration manually. Switching this setting on or off does not make any changes in the Auth0 dashboard or to the existing token, it only makes the endpoints available or not.
• The Social Amplificator functionality has been removed.

Added

• Update Translations #615 (joshcanhelp)
• Allow subdomains in redirect and refactor validation tests #601 (joshcanhelp)
• Whitelist Auth0 IPs by default and show in wp-admin #596 (joshcanhelp)
• Fix migration login route output and add tests #595 (joshcanhelp)
• Added filter to allow for changing the output of die_on_login #593 (coperator)
• Spanish translation by Carlos Longarela #526 (CarlosLongarela)

Changed

• Refactor migration route handling and add tests #606 (joshcanhelp)
• Remove unnecessary callback; add notice if plugin is already setup #604 (joshcanhelp)
• Refactor migration token validation and match entire token on endpoints #602 (joshcanhelp)
• Update translations #599 (joshcanhelp)
• Refactor and tests for user migration get user route #598 (joshcanhelp)
• Move custom DB scripts to separate files #592 (joshcanhelp)

Deprecated

• Deprecations for ip_range setting #618 (joshcanhelp)
• Deprecate Social Amplificator classes + methods #612 (joshcanhelp)

Removed

• Remove unused IP range setting #616 (joshcanhelp)
• Remove Social Amplificator functionality #607 (joshcanhelp)

Fixed

• Fix Migration Token Generation; Add JSON Content-Type header #617 (joshcanhelp)
• Fix escaped passwords sent to Auth0 #611 (joshcanhelp)
• Fix notice when settings constant is defined too late #600 (joshcanhelp)
• Fix email update on Auth0 #594 (joshcanhelp)

Closed issues

• Invalid State error 100% of the time #597
• Update docs #591
• Correct dimensions for custom login icon #586
• Basic settings edit box doesn't show values from AUTH0_ENV_* constants #569
• Better documentation of User Migration endpoints with manual setup #542
• Keep getting logged out once SSO is turned on #541