7.15.0

Changed

• perf: Update getCredential to only refresh credential once per request #453 (ComputerTinker)

7.14.0

Changed

• refactor: add additional Telescope state check #447 (samuelhgf)
• chore(deps): replace temporary psalm-laravel-plugin fork with official #448 (alies-dev)

7.13.0

Added

• Add support for Laravel 11 #445 (evansims)

Changed

• Verify that Telescope is enabled via configuration helper #444 (samuelhgf)

7.12.0

Added

• Implement support for Back-Channel Logout #435 (evansims)
• Restore configurable route paths #436 (evansims)

Fixed

• Resolve CacheBridgeAbstract::save() not storing values when cache misses #434 (seruymt)

7.11.0

Added

• Significant performance improvements by eliminating redundant user queries.
• Compatibility support for Laravel Telescope. See docs/Telescope.md for more information.
• A refactored Events API has been introduced. See docs/Events.md for more information.
• AUTH0_SESSION_STORAGE and AUTH0_TRANSIENT_STORAGE now support a cookie value to enable the native Auth0-PHP SDK cookie session handler. See docs/Cookies.md for more information.

Fixed

• Addressed an issue where, under certain circumstances, the first user authentication attempt after a session invalidation could fail.

Changed

• Session regeneration/invalidation has been refactored.
• Discarded sessions are now deleted when they are invalidated by the SDK, rather than wait for Laravel to garbage collect.
• Session storage has been refactored. Session data is now stored as a JSON array in a single auth0_session entry in the Laravel session store, rather than in multiple keys.

Documentation

• A demonstration Eloquent user model and repository implementation has been added to docs/Eloquent.md.
• A new docs/Sessions.md document has been added for guidance on the various session driver options available.

7.10.1

Fixed

• Addressed an issue where, under certain circumstances, permissions state could be lost after authenticating.

7.10.0

Added

• Organization Name support added for Authentication API and token handling ¹

Changed

• Guards are now registered with the priority middleware list.
• Bumped auth0-php dependency version range to ^8.7.
• Updated telemetry to indicate new laravel package name (previously laravel-auth0.)

Fixed

• Addressed issue where placeholder AUTH0_ dotenv values could erroneously be interpreted as true configuration values.

Note
¹ To use this feature, an Auth0 tenant must have support for it enabled. This feature is not yet available to all tenants.

7.9.1

Fixed

• Resolved an issue where, under certain circumstances, the AuthenticationGuard middleware could get erroneously added to the api middleware group, causing a session to be established in a stateless request. (#415)

7.9.0

Added

• SDK configuration (config/auth0.php) now supports a configurationPath property for specifying a custom search path for .auth0.*.json and .env* files. (#407)
• Auth0\Laravel\Guards\GuardAbstract now extends Illuminate\Contracts\Auth\Guard. (#410)

Fixed

• Resolved host environment variables not being loaded as expected when a .env file is also used. (#408)
• Resolved surrounding quote characters not being trimmed from environment variables and .env files during processing. (#409)

7.8.1

Fixed

• Resolved an issue where parsing .env files could sometimes throw an exception when handling non-key-value pair strings. (#395)