v1.1.0 - Oct 26, 2021: New /logout API endpoint

This release is our first since the public launch of Next Identity v1.0, and includes the following new features, enhancements, and bug fixes.

New Features

Next Identity API

🆕 /logout API endpoint

Now your application can hit the /logout endpoint to log users out of all active sessions.

Enhancements

Next Identity Journeys

⭐ /pre-register endpoint improvements

Various improvements to the pre-registration experience, including:

• 200 responses will now return the uuid of the user that was created
• Adds security restrictions regarding which clients can access the endpoint
• Improves redirection behavior when passing the redirect_uri value

⭐/userinfo endpoint improvement

The /userinfo endpoint will now return custom attributes if defined at the client settings level.

Next Identity API

⭐ /forgot-password endpoint security improvement

The auth_type and user_id parameters are now required and match the API reference and intended behavior for the /forgot-password endpoint to increase API security.

⭐ /users/find and /users/update endpoint security improvement

Logic has been added to improve security of these endpoints by restricting access of certain client types.

Bug Fixes

This release also includes minor bug fixes for a variety of Next Identity API endpoints and Next Identity Journey screens, including:

• /token: changes to refresh-token activity
• /resend-verification: added coverage for additional entity types
• Next Identity Journeys Resend Verification screen and handling of expired sessions