v1.1.0 - Oct 26, 2021: New /logout API endpoint
This release is our first since the public launch of Next Identity v1.0, and includes the following new features, enhancements, and bug fixes.
New Features
Next Identity API
🆕 /logout API endpoint
/logout API endpointNow your application can hit the /logout endpoint to log users out of all active sessions.
Enhancements
Next Identity Journeys
⭐ /pre-register endpoint improvements
/pre-register endpoint improvementsVarious improvements to the pre-registration experience, including:
200responses will now return theuuidof the user that was created- Adds security restrictions regarding which clients can access the endpoint
- Improves redirection behavior when passing the
redirect_urivalue
⭐/userinfo endpoint improvement
/userinfo endpoint improvementThe /userinfo endpoint will now return custom attributes if defined at the client settings level.
Next Identity API
⭐ /forgot-password endpoint security improvement
/forgot-password endpoint security improvementThe auth_type and user_id parameters are now required and match the API reference and intended behavior for the /forgot-password endpoint to increase API security.
⭐ /users/find and /users/update endpoint security improvement
/users/find and /users/update endpoint security improvementLogic has been added to improve security of these endpoints by restricting access of certain client types.
Bug Fixes
This release also includes minor bug fixes for a variety of Next Identity API endpoints and Next Identity Journey screens, including:
/token: changes to refresh-token activity/resend-verification: added coverage for additional entity types- Next Identity Journeys Resend Verification screen and handling of expired sessions