Changelog

​

v22.0.5

Released 2026-03-19 Patch Changes

• Remove token from URL as authenticate() call is made rather than after success. This prevents rare double calling if the user reloads the page while the call was being made.

​

v22.0.4

Released 2026-03-05 Patch Changes

• Fix DiscoveredOrganization.mfa_required.member_options types

​

v22.0.3

Released 2026-02-27 Patch Changes

• Tweak watermark spacing
• Improve data fetching for TOTP enrollment

​

v22.0.2

Released 2026-02-13 Patch Changes

• Fix font size issue on some anchor buttons

​

v22.0.1

Released 2026-02-11 This is a major release, containing a redesign of our frontend components and package structure. We recommend reading our upgrade guide when updating to this version.

​

Breaking changes

• @stytch/vanilla-js is no longer required. All imports from vanilla-js should be made through @stytch/react or @stytch/nextjs if you use those SDKs
• config.products must use Products and B2BProducts enum, not strings
• Styling is now done through a new presentation configuration object
• Code is now transpiled only up to our browser support level to reduce sizes

​

Update highlights

• Redesigned frontend components that are more modern, accessible and configurable
• Components have now been reviewed and tested for accessibility
• shadcn UI theming compatibility out of the box
• Automatic light / dark mode switching now supported
• Significantly smaller bundle sizes through modern transpilation targets and tree shaking
• Clientside validation for configs now only occur in development build to reduce bundle size from validation message strings

Patch Changes

• Updated dependencies

​

v22.0.0

Released 2026-02-11 This version was released with broken packaging. We recommend upgrading to 22.0.1 if you have this version. Patch Changes

• Updated dependencies

​

v21.18.1

Released 2026-01-05 Patch Changes

• Add external_id to Member and User types and add organization_external_id to Organization type

​

v21.18.0

Released 2025-12-18 Minor Changes

• Support passing domain option to passkey auth in StytchLoginConfig

​

v21.17.0

Released 2025-12-05 Minor Changes

• Add keepSessionAlive boolean flag to StytchClientOptions. When set, the client will automatically refresh the session as long as the client is active
• Add TypeScript typings for strings prop / param. The types is available as Strings and is opt in. We recommend using them like const strings: Strings = { 'button.usePassword': 'Log in with password' }. Strings is a partial since we recommend you only include strings that you need, but if you need every string mapped (such as in a full localization), you can use Required<Strings>.

Patch Changes

• B2B: Add support for ALL_ALLOWED organization email_jit_provisioning setting

​

v21.16.0

Released 2025-11-25 Minor Changes

• Add support for the OAuth Attach flow

​

v21.15.2

Released 2025-11-14 Patch Changes

• Fix endpoint options still being preferred for custom endpoint config
• Fix last used Oauth method not updated when Google One Tap fallback button is clicked
• Add types for Member.is_admin

​

v21.15.1

Released 2025-11-03 Patch Changes

• Fix missing breached password error message for zxcvbn password config in pre-built UI
• Fix error message when B2B discovery EML auth encounters an error in prebuilt UI

​

v21.15.0

Released 2025-10-16 Minor Changes

• When initializing StytchClient, the endpointOptions object is now deprecated apiDomain and testApiDomain are now configured using customBaseUrl directly on the root object fppaDomain and dfpCdnDomain are now configured as dfppaUrl and dfpCdnUrl directly on the root object
• Sourcemaps are now included

​

v21.14.0

Released 2025-10-14 Minor Changes

• Add options to the Admin Portal Member Management and SSO Connections configuration to specify the redirect URL when inviting members and testing SSO connections
• Add the ability for users to go back from the MFA enrollment screen to change their enrollment method

​

v21.13.0

Released 2025-10-09 Minor Changes

• Store last used OAuth and SSO method locally and move it to the top of the list the next time users visit the log in page. Add “provider.lastUsed” translation string for “Last used” text indicating the last used auth method.

​

v21.12.0

Released 2025-09-24 Minor Changes

• Update labels to use <label> element and improve accessibility New formField.phone.label string for phone number input label and formField.countryCode.label for country code label formField.password.ariaLabel string has been folded into formField.password.label and can be removed

Patch Changes

• Update localization library lingui to 5.5.0
• Update error message

​

v21.11.1

Released 2025-09-11 Patch Changes

• bug fixes

​

v21.11.0

Released 2025-09-11 Minor Changes

• refactor trusted auth token attestation in IDPConsentScreen components

​

v21.10.0

Released 2025-08-29 Minor Changes

• Add Encrypted SAML Assertion support

​

v21.9.0

Released 2025-08-27 Minor Changes

• Export parseOAuthParams function for passing to OAuthAuthorize endpoints

​

v21.8.0

Released 2025-08-14 Minor Changes

• feat: add device history support to all authentication methods

​

v21.7.0

Released 2025-07-23 Minor Changes

• Add in Hook and HOC for accessing user roles

​

v21.6.1

Released 2025-07-11 Patch Changes

• Fix an issue with localization in the PasswordError component when using custom password strength rules

​

v21.6.0

Released 2025-07-02 Minor Changes

• Allow specifying text overrides and text translastion via the strings configuration.

​

v21.5.3

Released 2025-06-18 Patch Changes

• Use API-generated error types

​

v21.5.2

Released 2025-06-17 Patch Changes

• Update documentation for B2B Passwords Reset By Email method

​

v21.5.1

Released 2025-06-09 Patch Changes

• Add error handling for claimed domains in the Discovery flow when no valid organizations are found

​

v21.5.0

Released 2025-04-24 Minor Changes

• Add a new assumeHydrated prop to the StytchProvider and StytchB2BProvider components. This prop allows the provider to assume whether or not the app might be hydrated in a browser environment after initially being rendered in a server environment. When true, the provider eagerly reads from the browser’s local cache to retrieve cached session and related data. When false, the provider defers this initialization until after the first render, to avoid hydration errors. This prop defaults to false in @stytch/nextjs, which preserves the behavior from previous versions. We recommend setting assumeHydrated={false} if your app hydrates server-rendered content on the client. Otherwise, it is safe to set assumeHydrated={true}. If you’re unsure or notice hydration errors in your app, set assumeHydrated={false}. Unless you set assumeHydrated={true}, you should continue to check the initialized state of the provider by checking the isInitialized value (returned from hooks like useStytchUser, useStytchSession, useStytchMember, useStytchMemberSession, useStytchOrganization, and useStytchIsAuthorized) or *IsInitialized prop (injected by HOCs like withStytchUser, withStytchSession, withStytchMember, withStytchMemberSession, and withStytchOrganization) before relying on any other values.

​

v21.4.4

Released 2025-04-15 Patch Changes

• Make some minor improvements to JSDoc comments
• Add missing default generic type parameters

​

v21.4.3

Released 2025-04-07 Patch Changes

• Fix some README typos

​

v21.4.2

Released 2025-03-18 Patch Changes

• feat: Add support for accessTokenExchange to B2B Sessions Client

​

v21.4.1

Released 2025-02-19 Patch Changes

• Avoid warnings about useLayoutEffect with server rendering

​

v21.4.0

Released 2025-02-15 Minor Changes

• feat: Connected Apps OAuth Authorization component support (BETA)

​

v21.3.0

Released 2025-02-13 Minor Changes

• Added User Impersonation to Consumer
• Add dfpCdnDomain endpoint configuration

​

v21.2.0

Released 2025-01-16 Minor Changes

• Add support for TypeScript-based Stytch project configurations

Patch Changes

• Fix error message when mounting Admin Portal components without a StytchB2BProvider

​

v21.1.1

Released 2025-01-08 Patch Changes

• Fixed <StytchB2B /> error message

​

v21.1.0

Released 2024-09-06 Minor Changes

• Add AdminPortalSCIM component component to @stytch/nextjs/b2b/adminPortal

​

v21.0.0

Released 2024-08-21 Major Changes

• Updated API routes to use api.stytch.com for live and test.stytch.com for test, replacing web.stytch.com. If you use Content Security Policy (CSP) headers, ensure the URL is updated. This was done to reduce the number of network calls and simplify internal routing, resulting in faster API response times—improving request speeds by up to 40 milliseconds roundtrip.

​

v20.3.3

Released 2024-08-12 Patch Changes

• Load Admin Portal components from vanilla-js directly

​

v20.3.2

Released 2024-08-09 Patch Changes

• Fix admin portal component props

​

v20.3.1

Released 2024-08-06 Patch Changes

• Guard references to localStorage and sessionStorage

​

v20.3.0

Released 2024-08-02 Minor Changes

• Add AdminPortalMemberManagement component to @stytch/nextjs/b2b/adminPortal

​

v20.2.0

Released 2024-07-19 Minor Changes

• Add AdminPortalOrgSettings component to @stytch/nextjs/b2b/adminPortal

​

v20.1.0

Released 2024-06-28 Minor Changes

• Add AdminPortalSSO component to @stytch/nextjs/b2b/adminPortal

​

v20.0.0

Released 2024-06-06 Patch Changes

• Updated dependencies

​

v19.0.0

Released 2024-04-18 Major Changes

• Update minimum peer dependency on @stytch/vanilla-js to ^4.9.0

​

v18.0.0

Released 2024-03-12 Patch Changes

• Updated dependencies

​

v17.0.1

Released 2024-01-31 Patch Changes

• Fix B2B headless entrypoint to import @stytch/vanilla-js rather than bundle it

​

v17.0.0

Released 2024-01-04 Minor Changes

• Add useStytchOrganization hook for B2B

​

v16.0.1

Released 2024-01-03 Patch Changes

• Fix an issue where fromCache would not update to false after cached data was refreshed

​

v16.0.0

Released 2024-01-02 Patch Changes

• Updated dependencies

​

v15.0.0

Released 2023-12-18 Minor Changes

• Mark stytch.member as deprecated in favor of stytch.self Adds RBAC functionality

​

v14.0.0

Released 2023-11-14 Patch Changes

• Updated dependencies

​

v13.0.0

Released 2023-11-07 Minor Changes

• B2C Passkeys Headless Support & UI components

​

v12.0.0

Released 2023-10-04 Major Changes

• Change export of B2B Headless Client to seperate subpackage to improve tree-shaking performance Two public export locations have changed:
  import { createStytchB2BHeadlessClient } from '@stytch/nextjs/b2b';
  
  Is now updated to
  import { createStytchB2BHeadlessClient } from '@stytch/vanilla-js/b2b/headless';
  
  import { createStytchB2BUIClient } from '@stytch/nextjs/b2b';
  
  Is now updated to
  import { createStytchB2BUIClient } from '@stytch/vanilla-js/b2b/ui';
  

​

v11.0.0

Released 2023-09-20 Patch Changes

• Add Device Fingerprinting to the React Native SDK

​

v10.0.0

Released 2023-09-19 Patch Changes

• Updated dependencies

​

v9.0.1

Released 2023-08-28 Patch Changes

• Add docs for new verified fields on Member objects, and fix some docs links

​

v9.0.0

Released 2023-08-08 Major Changes

• Breaking Changes: The intermediate session token (IST) will no longer be accepted as an argument for the discovery list organizations, intermediate sessions exchange, and create organization via discovery endpoints. The IST will be passed in automatically. ISTs are stored as browser cookies or persisted on device when they are generated after calls to discovery authenticate endpoints, such as email magic link discovery authenticate, or primary authenticate endpoints in the case where MFA is required, such as email magic link authenticate or SSO authenticate. New Features: Our B2B product now supports multi-factor authentication (MFA) with one-time passcodes (OTPs) via SMS. MFA policies can be set on the Organization level or on the Member level. See the Stytch docs for more information.

​

v8.0.0

Released 2023-07-14 Patch Changes

• Updated dependencies

​

v7.0.0

Released 2023-06-27 Patch Changes

• Updated dependencies

​

v6.0.1

Released 2023-06-27 Patch Changes

• Exclude @stytch/vanilla-js/b2b in rollup

​

v6.0.0

Released 2023-05-26 Minor Changes

• B2B Passwords UI components

​

v5.0.2

Released 2023-05-19 Patch Changes

• Fix for the onEvent callback while creating a new organization in the B2B SDK UI. Missing export for the nextjs B2B package

​

v5.0.1

Released 2023-05-01 Patch Changes

• Missing export in the nextjs SDK for the UI component

​

v5.0.0

Released 2023-04-28 Minor Changes

• Releasing UI components for our B2B SDKs.

​

v4.0.0

Released 2023-04-17 Patch Changes

• Make organization name and slug optional for discovery organization create

​

v3.0.2

Released 2023-04-12 Patch Changes

• Add locale argument to B2B email magic link methods

​

v3.0.1

Released 2023-04-06 Patch Changes

• Include the b2b directory in package.json for the B2B SDK entrypoint

​

v3.0.0

Released 2023-03-29 Minor Changes

• Add B2B Discovery headless client and session exchange method

​

v2.0.3

Released 2023-03-21 Patch Changes

• Fix session/user persisting after logging out

​

v2.0.2

Released 2023-03-21 Patch Changes

• SDK-877 Fix session/user persisting after logging out

​

v2.0.1

Released 2023-03-07 Patch Changes

• Add React Native OAuth callback, PKCE fix

​

v2.0.0

Released 2023-03-01 Minor Changes

• Launching B2B SDKs

​

v1.2.0

Released 2023-01-28 Patch Changes

• Updated dependencies

​

v0.6.0

Released 2023-01-20 Minor Changes

• Add support for template ID parameters to Magic link Login or create and Send methods, Email OTP Login or create and Send methods, and Reset Password Start

​

v0.5.0

Released 2022-10-31 Patch Changes

• Add type definitions for User Metadata fields

​

v0.4.6

Released 2022-10-07 Patch Changes

• Add support for custom email domains in magic link confirmation screen

​

v0.4.5

Released 2022-10-05 Patch Changes

• Reset Password component

​

v0.4.4

Released 2022-09-30 Patch Changes

• Send methods in the SDK