07 March 2022 (v2.68)

You can now deploy reCAPTCHA v3 protection on the following methods of the Core SDK:

It can also be deployed the reCAPTCHA V3 protection on the following widgets of the UI SDK:

We have added an option to deactivate password updates with a fresh access_token (issued since less than 5 minutes).

If this option is disabled, the password can only be updated with the old password value or with a code (received on the user identifier after a password reset request).

The session token is now also invalidated after a user logout. This token is only present when the Single Sign-On feature is activated.

Our signup endpoint and methods are now protected with the Identity Fraud Protection module to also block malicious IP addresses that try to attack it.

The retrieve and search audit logs endpoint has been modified to retrieve the logs in descending order (according to their created_at attribute).

The email sent after a step up request with an email second factor can now be configured separately. The activation email template is still available and can be configured as a separate template as well to be able to offer the best overall experience to your users.

We have improved our KakaoTalk login integration to be able to retrieve user information directly from KakaoTalk (email,phone_number,gender …​). We also support Kakaotalk sync integration and we are now able to retrieve CI (Connecting Information) directly in the user profile in a new field provider_metadata.

This field can be retrieved thanks to the identity API and methods (For example the get a user profile) and the management API with the get a user endpoint.