Releases: puzed/darkauth
Releases · puzed/darkauth
v1.21.0
v1.21.0 introduces app token organization switching capabilities and strengthens security controls around organization management APIs.
✨ Features
🔐 Organization Management
- Added support for switching organizations via app access token flow in the SDK, enabling programmatic organization switching without user interaction
🛠 Improvements
📚 Documentation
- Enhanced documentation for app token organization switching flow to guide developers on implementing token-based organization switches
🐛 Fixes
🔑 API Security
- Enforced requirement for app access tokens on organization switch APIs to prevent unauthorized organization switching attempts
Docker
docker pull ghcr.io/puzed/darkauth:v1.21.0
v1.20.3
This release introduces comprehensive organization switching capabilities, completes user key management features, and refines the user portal experience.
✨ Features
🏢 Organization Management
- Added silent session organization switching via SDK for seamless tenant transitions
- Implemented app token support for programmatic organization switching
- Added account organization switcher in user portal for manual tenant selection
🔐 Key Management
- Implemented passkey credential management with unlock flows
- Added complete key delivery metadata exposure in client API
- Completed trusted browser unlock flow with WebAuthn integration
- Added self-service key unlock UI with passkey support
📋 Account & Portal
- Implemented self-service account profile updates
- Redesigned user portal navigation with simplified security settings
- Expanded branding portal previews in admin interface
- Added manual email verification support in admin flows
🎨 Branding & Marketing
- Added screenshot gallery to brochureware
- Refined documentation visuals and styling
- Added admin branding asset management
🌐 Standards & Documentation
- Added OAuth metadata endpoints for
.well-knowncompliance - Launched standalone documentation site
- Aligned SDK examples with organization switching patterns
🛠 Improvements
🔗 Integration Refinements
- Refined organization admin flows in admin interface
- Enhanced organization enterprise schema and session handling
- Improved trusted device approval security hardening
📦 Infrastructure
- Split pull request workflow checks for better CI/CD performance
- Enhanced Playwright browser installation and configuration
- Improved screenshot workflow stabilization with timeout configuration
🐛 Fixes
🏢 Organization Features
- Fixed repeat consent flow during organization switching
- Prevented removal of last organization administrator role
- Enforced organization-aware OTP policy consistently
- Fixed CORS handling for SDK session refresh during org switches
- Allowed authorization during organization switching
🔐 Security & Key Management
- Hardened trusted device approvals process
- Fixed passkey PRF salt decoding in UI
- Included client key scope in client lists
- Honored forced OTP status in UI
🖥️ UI/UX
- Fixed key unlock action layout wrapping
- Showed trusted device unlock request action properly
- Synced DarkAuth favicons across interfaces
🔄 CI/CD & Testing
- Refreshed screenshots with site deployment updates
- Fixed login selector issues in screenshot tests
- Stabilized OTP authentication screenshot flows
🧪 Tests
✅ Coverage
- Covered user key management journeys end-to-end
- Added key management guardrails coverage
- Disambiguated federation preview assertions
- Isolated install token lifecycle state
📸 Infrastructure
- Updated portal screenshot flows for redesigned routes
- Stabilized screenshot CI and documentation flows
- Closed screenshot servers cleanly with proper teardown
📝 Documentation
📚 Specifications
- Completed user key management specification
- Updated trusted device unlock flow documentation
- Covered key management security changes
- Aligned SDK organization switching examples
Docker
docker pull ghcr.io/puzed/darkauth:v1.20.3
v1.20.2
This patch release improves organization switching behavior by skipping repeat consent when switching to an organization the session already covers.
🐛 Fixes
🔄 Organization Switching
- Skipped repeat organization switch consent when session already covers the client and scopes
- Fixed CORS support for session organization endpoint to restrict cross-origin requests
🔐 Authorization Flow
- Removed automatic consent re-prompt when switching to an organization with existing session coverage
- Updated SDK default organization switching mode from "silent" to "authorize" for consistency
Docker
docker pull ghcr.io/puzed/darkauth:v1.20.2
Docker
docker pull ghcr.io/puzed/darkauth:v1.20.2
v1.20.1
DarkAuth v1.20.1 includes a critical fix for session organization endpoint CORS support.
🐛 Fixes
🔐 CORS Configuration
Fixed CORS policy to properly allow the session organization endpoint for registered public single-page application origins.
Docker
docker pull ghcr.io/puzed/darkauth:v1.20.1
v1.20.0
This release improves organization switching behavior and documentation for SDK users.
✨ Features
🔄 Organization Switching
- Added support for silently switching session organization without user interaction
📝 Documentation
📚 SDK Examples
- Aligned organization switching examples to reflect current best practices
Docker
docker pull ghcr.io/puzed/darkauth:v1.20.0
v1.19.1
This patch release adds critical safety improvements to organization administrator role management, preventing accidental removal of the last administrator in an organization.
🐛 Fixes
🔐 Organization Administrator Role Guard
- Prevented users from removing the last organization administrator role through the user interface
- Enforced organization administrator role guard at the API level to ensure data integrity
Docker
docker pull ghcr.io/puzed/darkauth:v1.19.1
v1.19.0
Release v1.19.0 introduces refined organization management experiences and improved SDK integration capabilities.
✨ Features
🏢 Organization Management
- Added organization switcher to user account portal for seamless multi-organization access
- Implemented manual email verification in admin UI for administrator control over user email status
🔧 Admin Capabilities
- Refined organization admin workflows with organization combobox selector
- Enhanced audit logs and SCIM token management with organization context
🛠 Improvements
🔐 Session Management
- Extended CORS support for SDK session refresh token requests across origins
🐛 Fixes
- Corrected SDK session refresh CORS handling to allow cross-origin token refresh operations
Docker
docker pull ghcr.io/puzed/darkauth:v1.19.0
v1.18.0
This release introduces comprehensive organization enterprise capabilities with multi-tenant features, federation support, and enhanced authentication flows.
✨ Features
🏢 Organization Enterprise Architecture
- Added organization enterprise database schema with role flags, federation organization scope, SCIM organization scope, and audit enterprise connections
- Implemented organization-aware authentication flows including federation connections and enterprise SCIM improvements
- Added organization switching capabilities across user and admin interfaces
🔐 Enterprise Authentication
- Implemented federation connections for enterprise authentication scenarios
- Added email linking functionality for enterprise users
- Created audit wrapper for enterprise connection tracking
🎛️ Admin & User Management
- Built organization management flows in admin UI with enterprise connection configuration
- Added user UI components for viewing and switching between organizations
- Implemented organization-scoped authorization system
📱 SDK Enhancements
- Extended TypeScript client SDK with organization-aware session support
- Added organization context to session management and authentication flows
🛠 Improvements
🔐 Security Policy Enforcement
- Enhanced OTP policy to enforce organization boundaries
- Improved authorization endpoint to support organization switching
🎨 User Interface
- Wrapped key unlock actions with improved layout structure
- Updated DarkAuth favicons for consistency
🧪 Tests & Documentation
📋 Quality Assurance
- Aligned organization fixtures in test suite for consistency
📝 Specifications
- Added planning documentation for organization refactor architecture
Docker
docker pull ghcr.io/puzed/darkauth:v1.18.0
v1.17.0
This release enhances the DarkAuth admin portal, improves branding and documentation visuals, and fixes critical authorization workflows.
✨ Features
🎨 Admin Interface Enhancements
- Added comprehensive branding asset management to admin portal
- Expanded admin branding portal with live previews for customization options
- Implemented admin-level controls for organization branding configuration
📚 Documentation & Brochureware
- Refined documentation visuals for improved clarity and consistency
- Added screenshot gallery showcasing key platform features and user flows
- Enhanced brochureware to better communicate platform capabilities
🛠 Improvements
🌐 User Interface
- Synced DarkAuth favicons across all applications for consistent branding
- Refreshed CI-generated screenshots to reflect updated branding
🐛 Fixes
🔐 Authorization & Security
- Fixed organization switching within authorize flow to allow proper account transfers
- Resolved favicon synchronization issues affecting brand consistency
Docker
docker pull ghcr.io/puzed/darkauth:v1.17.0
v1.16.0
A significant update focused on enhancing the user portal experience with a modern redesign, self-service account management, and improved security settings.
✨ Features
🎨 User Portal Redesign
- Redesigned user portal navigation for improved accessibility and usability
- Added self-service account profile updates through new API endpoints
- Streamlined user security settings interface
🏢 Admin Portal Enhancements
- Expanded admin UI branding portal with enhanced preview capabilities
🧪 Tests
📋 E2E Coverage
- Added comprehensive end-to-end test coverage for redesigned user portal routes
- Updated portal screenshot flows to reflect new navigation structure
📝 Documentation
📚 User Portal Planning
- Documented user portal account UX specifications and design decisions
Docker
docker pull ghcr.io/puzed/darkauth:v1.16.0