Skip to main content

v5.45.1

Released 2026-03-20 Patch Changes
  • Remove token from URL as authenticate() call is made rather than after success. This prevents rare double calling if the user reloads the page while the call was being made.

v6.0.5

Released 2026-03-19 Patch Changes
  • Remove token from URL as authenticate() call is made rather than after success. This prevents rare double calling if the user reloads the page while the call was being made.

v6.0.4

Released 2026-03-05 Patch Changes
  • Fix DiscoveredOrganization.mfa_required.member_options types

v6.0.3

Released 2026-02-27 Patch Changes
  • Tweak watermark spacing
  • Improve data fetching for TOTP enrollment

v6.0.2

Released 2026-02-13 Patch Changes
  • Fix font size issue on some anchor buttons

v6.0.1

Released 2026-02-11 This is a major release, containing a redesign of our frontend components and package structure. We recommend reading our upgrade guide when updating to this version.

Breaking changes

  • @stytch/vanilla-js now ships standard custom elements which need to be registered before usage
  • @stytch/vanilla-js/ui is now merged into the main export
  • config.products must use Products and B2BProducts enum, not strings
  • Styling is now done through a new presentation configuration object
  • Code is now transpiled only up to our browser support level to reduce sizes

Update highlights

  • Redesigned frontend components that are more modern, accessible and configurable
  • Components have now been reviewed and tested for accessibility
  • shadcn UI theming compatibility out of the box
  • Automatic light / dark mode switching now supported
  • Significantly smaller bundle sizes through modern transpilation targets and tree shaking
  • Clientside validation for configs now only occur in development build to reduce bundle size from validation message strings
  • @stytch/vanilla-js now exports standard web components (custom element), allowing for easy integration with other frameworks like Vue.js and Svelte
Patch Changes
  • Updated dependencies

v6.0.0

Released 2026-02-11
This is a major version bump with potential breaking changes.
This version was released with broken packaging. We recommend upgrading to 6.0.1 if you have this version. Patch Changes
  • Updated dependencies

v5.45.0

Released 2026-01-29 Minor Changes
  • Propagates Custom Org Roles in Admin Portal.

v5.44.2

Released 2026-01-13 Patch Changes
  • Fix custom API endpoint always being accessed even when unconfigured

v5.44.1

Released 2026-01-05 Patch Changes
  • Add external_id to Member and User types and add organization_external_id to Organization type

v5.44.0

Released 2025-12-18 Minor Changes
  • Support passing domain option to passkey auth in StytchLoginConfig
Patch Changes
  • Fix B2B Oauth authenticateByUrl handling
  • Don’t filter out passwords on B2B step-up auth

v5.43.0

Released 2025-12-05 Minor Changes
  • Add keepSessionAlive boolean flag to StytchClientOptions. When set, the client will automatically refresh the session as long as the client is active
  • Include custom org roles in local authorization checks
  • Add TypeScript typings for strings prop / param. The types is available as Strings and is opt in. We recommend using them like const strings: Strings = { 'button.usePassword': 'Log in with password' }. Strings is a partial since we recommend you only include strings that you need, but if you need every string mapped (such as in a full localization), you can use Required<Strings>.
Patch Changes
  • B2B: Add support for ALL_ALLOWED organization email_jit_provisioning setting

v5.42.0

Released 2025-11-25 Minor Changes
  • Add support for the OAuth Attach flow

v5.41.1

Released 2025-11-14 Patch Changes
  • Fix endpoint options still being preferred for custom endpoint config
  • Fix last used Oauth method not updated when Google One Tap fallback button is clicked
  • Add types for Member.is_admin

v5.41.0

Released 2025-11-03 Minor Changes
  • Add StytchClient.authenticateByUrl method for handling URL containing auth token. You can call this method on the page users are redirected to after logging in via OAuth, SSO or magic link. Stytch SDK will automatically evoke the correct authenticate method.
  • feat: Add support for RFC 8707 style resource parameter parsing to IDP code
Patch Changes
  • Guarantee response_type will always be present again
  • Fix missing breached password error message for zxcvbn password config in pre-built UI
  • Fix error message when B2B discovery EML auth encounters an error in prebuilt UI

v5.40.0

Released 2025-10-16 Minor Changes
  • When initializing StytchClient, the endpointOptions object is now deprecated apiDomain and testApiDomain are now configured using customBaseUrl directly on the root object fppaDomain and dfpCdnDomain are now configured as dfppaUrl and dfpCdnUrl directly on the root object
  • Sourcemaps are now included

v5.39.0

Released 2025-10-14 Minor Changes
  • Add the ability for users to go back from the MFA enrollment screen to change their enrollment method
  • Add options to the Admin Portal Member Management and SSO Connections configuration to specify the redirect URL when inviting members and testing SSO connections

v5.38.1

Released 2025-10-10 Patch Changes
  • Fix missing empty state text in admin portal onboarding access control lists

v5.38.0

Released 2025-10-09 Minor Changes
  • Update designs for Passkey prebuild UI component Passkey components will now respect theming Improve Passkey component error handling New localization strings for Passkey components - button.edit, button.save and passkey.editing.label. These are used in accessibility labels for non-visual users. New configurable theme colors: colors.accent and colors.warning Fix types for stytchClient.user.get() - it cannot return Promise<null>
  • Store last used OAuth and SSO method locally and move it to the top of the list the next time users visit the log in page. Add “provider.lastUsed” translation string for “Last used” text indicating the last used auth method.
Patch Changes
  • Fix bugs in passkey error handling
  • Fix missing focus styling around buttons. Fix show/hide password button accessibility label. Add button.hidePassword and button.showPassword to localizable strings for the label.

v5.37.1

Released 2025-09-29 Patch Changes
  • Updated dependencies

v5.37.0

Released 2025-09-24 Minor Changes
  • Add submitted email to MagicLinkLoginOrCreateEvent and B2BMagicLinkEmailLoginOrSignup callback events.
Patch Changes
  • Fix passkey auth on login page

v5.36.0

Released 2025-09-24 Minor Changes
  • Add Reinvite user button to Admin Portal Member Management
  • Update labels to use <label> element and improve accessibility New formField.phone.label string for phone number input label and formField.countryCode.label for country code label formField.password.ariaLabel string has been folded into formField.password.label and can be removed
Patch Changes
  • Fix image alignment on some success screens
  • Update localization library lingui to 5.5.0
  • Update error message
  • Deduplicate and update dependencies

v5.35.1

Released 2025-09-11 Patch Changes
  • bug fixes

v5.35.0

Released 2025-09-11 Minor Changes
  • refactor trusted auth token attestation in IDPConsentScreen components

v5.34.0

Released 2025-08-29 Minor Changes
  • Add Encrypted SAML Assertion support

v5.33.0

Released 2025-08-27 Minor Changes
  • Introduce trustedAuthTokenParams to IDP component
  • Export parseOAuthParams function for passing to OAuthAuthorize endpoints
Patch Changes
  • Add parseOAuthParams util function for parsing OAuth parameters

v5.32.0

Released 2025-08-21 Minor Changes
  • Add organization_slug to MemberSession type

v5.31.2

Released 2025-08-18 Patch Changes
  • Publicize the B2B IDP types

v5.31.1

Released 2025-08-14 Patch Changes
  • Updated dependencies

v5.31.0

Released 2025-08-14 Minor Changes
  • feat: add device history support to all authentication methods

v5.30.0

Released 2025-08-14 Minor Changes
  • Add locale to UI options and pass through to client endpoints as appropriate
Patch Changes
  • Add event tracking on IDP render

v5.29.1

Released 2025-08-08 Patch Changes
  • Fixes a bug with the treatment of custom scopes in Consumer IdentityProvider component

v5.29.0

Released 2025-07-23 Minor Changes
  • Add in Hook and HOC for accessing user roles
  • Handle network errors in Text Customization
  • Handle zxcvbn rules in Text Customization

v5.28.0

Released 2025-07-21 Minor Changes
  • Add StartEmailUpdate to initiate self-serve member email updates

v5.27.0

Released 2025-07-17 Minor Changes
  • Adds support for the logo style config to IdP Consent UI component

v5.26.0

Released 2025-07-16 Minor Changes
  • Adds in support for custom scopes to Consumer applications
Patch Changes
  • Make session handling more resiliant to changing domains
  • Fix issue where SDKB2BDiscoveryIntermediateSessionsExchange can sometimes double trigger

v5.25.2

Released 2025-07-11 Patch Changes
  • Fix: re-include OIDC prompt parameter support that was erroneously removed.
  • Fix an issue with localization in the PasswordError component when using custom password strength rules

v5.25.1

Released 2025-07-02 Patch Changes
  • Updated dependencies

v5.25.0

Released 2025-07-02 Minor Changes
  • Allow specifying text overrides and text translastion via the strings configuration.

v5.24.6

Released 2025-06-18 Patch Changes
  • Use API-generated error types

v5.24.5

Released 2025-06-17 Patch Changes
  • Update documentation for B2B Passwords Reset By Email method

v5.24.4

Released 2025-06-09 Patch Changes
  • Add error handling for claimed domains in the Discovery flow when no valid organizations are found

v5.24.3

Released 2025-06-05 Patch Changes
  • Remove validations for requiring response_type in OAuthAuthorize params

v5.24.2

Released 2025-06-04 Patch Changes
  • Add better indication for resent OTPs
  • Add Access Token Exchange headless method for Consumer Sessions
  • Fix a bug with internal handling of non-StytchAPIError errors

v5.24.1

Released 2025-05-22 Patch Changes
  • More gracefully handle a null or undefined public token
  • More gracefully handle instances where sessionOptions is missing from the StytchB2BUIConfig
  • Update the error message provided on incorrect password
  • Respect selected theme colors on the eye icons within password input

v5.24.0

Released 2025-05-19 Minor Changes
  • Add cancel_on_tap_outside option to control whether Google One Tap prompt is automatically dismissed when user taps outside

v5.23.5

Released 2025-05-16 Patch Changes
  • Add created_at and updated_at fields to the Member object type definition

v5.23.4

Released 2025-05-08 Patch Changes
  • Fix an issue where OAuth accounts could sometimes not be enabled for user onboarding in Admin Portal

v5.23.3

Released 2025-05-07 Patch Changes
  • Add id to SSO Discovery button

v5.23.2

Released 2025-05-06 Patch Changes
  • Add support for idp_user_id attribute mapping when creating SSO connections via Admin Portal

v5.23.1

Released 2025-05-05 Patch Changes
  • Update SSO configuration instructions to reference project name rather than organization name

v5.23.0

Released 2025-04-30 Minor Changes
  • Add inviteTemplateId to Admin Portal Member Management configuration to specify the template used for email invitations

v5.22.8

Released 2025-04-29 Patch Changes
  • When assigning roles to SSO connections in Admin Portal, allow SSO group names to contain spaces rather than treat them as a space-delimited list of groups

v5.22.7

Released 2025-04-24 Patch Changes
  • Update error messages when Stytch client is created using incorrect method in a server environment

v5.22.6

Released 2025-04-23 Patch Changes
  • Improve error message when sending an email fails

v5.22.5

Released 2025-04-17 Patch Changes
  • Updated dependencies

v5.22.4

Released 2025-04-16 Patch Changes
  • Updated dependencies

v5.22.3

Released 2025-04-15 Patch Changes
  • Updated dependencies

v5.22.2

Released 2025-04-10 Patch Changes
  • Wrap long organization names without spaces in B2B discovery menu

v5.22.1

Released 2025-04-10 Patch Changes
  • Updated dependencies

v5.22.0

Released 2025-04-08 Minor Changes
  • Add B2B_SSO_DISCOVER_CONNECTIONS callback for SSO discovery
Patch Changes
  • Fix issue where organization and application logos were both hidden when both were specified
  • Show loading state when navigating to SSO login page directly from email input during SSO discovery

v5.21.1

Released 2025-04-07 Patch Changes
  • Improve error messages when a supplied email address is marked as inactive
  • Fix some README typos

v5.21.0

Released 2025-04-04 Minor Changes
  • Add support for VerifyEmailTemplateID to Password Configs
Patch Changes
  • Fix an erroneous error message about JIT provisioning when an existing member attempts to log into an organization using cross-org passwords
  • Use configured login and redirect URLs when automatically invoking SSO during post-discovery step up
  • Fix links in dev-facing error messages

v5.20.3

Released 2025-04-02 Patch Changes
  • Preserve email address input in B2B UI when choosing “use a password instead”
  • Detect and log an error when a consumer Stytch client is instantiated with a public token for a B2B project and vice versa
  • Show back arrow on B2B discovery error screens

v5.20.2

Released 2025-04-01 Patch Changes
  • Relax email address validation

v5.20.1

Released 2025-03-27 Patch Changes
  • Updated dependencies

v5.20.0

Released 2025-03-26 Minor Changes
  • Allow specifying an organization slug via configuration when using the organization-specific auth flow, rather than relying on the URL. Specify an organization slug using config.organizationSlug.

v5.19.1

Released 2025-03-26 Patch Changes
  • Fix incorrect error message when re-sending a B2B email one-time passcode fails
  • Informative error for discovery logins that are disallowed due to claimed email domains

v5.19.0

Released 2025-03-24 Minor Changes
  • Added testApiDomain to endpointOptions for the StytchClient.

v5.18.7

Released 2025-03-20 Patch Changes
  • Fix IDP logout behavior when user is already logged out
  • Fix logic to show email domains list in Admin Portal user onboarding

v5.18.6

Released 2025-03-18 Patch Changes
  • feat: Add support for accessTokenExchange to B2B Sessions Client

v5.18.5

Released 2025-03-17 Patch Changes
  • fix: Allow empty scope in OAuth Authorization flows
  • Updates our PrimaryAuthMethod logic to only remove passwords in the Tenanted Case

v5.18.4

Released 2025-03-13 Patch Changes
  • Fix SCIM token rotation in Admin Portal

v5.18.3

Released 2025-03-12 Patch Changes
  • Bundle TypeScript declaration files
  • Focus OTP input after code is rejected
  • Fix ordering of auth methods within tabs to more closely respect configuration

v5.18.2

Released 2025-03-07 Patch Changes
  • Restrict OTP input to accept numbers only
  • Allow OAuth accounts to be added from the member’s existing tenants in Admin Portal

v5.18.1

Released 2025-03-05 Patch Changes
  • Updated dependencies

v5.18.0

Released 2025-02-21 Minor Changes
  • feat: Add support for OIDC Single Logout flow to <IdentityProvider /> and <B2BIdentityProvider /> components

v5.17.3

Released 2025-02-21 Patch Changes
  • Adjust spacing in discovered organizations UI

v5.17.2

Released 2025-02-20 Patch Changes
  • Add dividers between inputs and buttons in B2B UI

v5.17.1

Released 2025-02-19 Patch Changes
  • Add signing_private_key and updated_at fields to SAML connection types

v5.17.0

Released 2025-02-15 Minor Changes
  • feat: Connected Apps OAuth Authorization component support (BETA)

v5.16.0

Released 2025-02-13 Minor Changes
  • Added User Impersonation to Consumer
  • Add dfpCdnDomain endpoint configuration
Patch Changes
  • Improve appearance of nested headings within Admin Portal UI
  • Update watermark branding
  • Hide sections from Admin Portal user onboarding when corresponding auth methods are not allowed to be enabled

v5.15.0

Released 2025-02-07 Minor Changes
  • Support SSO as a valid auth product in B2B Discovery UI

v5.14.1

Released 2025-02-05 Patch Changes
  • Remove extra spacing between consecutive OAuth/SSO buttons in B2B login UI
  • Upgrade dependencies used in Admin Portal UI

v5.14.0

Released 2025-01-31 Minor Changes
  • Add UI callbacks for more B2B StytchClient events
Patch Changes
  • Make GitHub icon more legible against dark backgrounds
  • Improve appearance of discovered organizations UI
  • Passkeys Fixes

v5.13.0

Released 2025-01-29 Minor Changes
  • Add directCreateOrganizationForNoMembership option to B2B login UI
Patch Changes
  • Ensure provider parameters and scopes are used with Google OAuth buttons when One Tap is also enabled
  • Improve loading behavior on organization login screen
  • Always hide “create an organization” button when disabled in UI config

v5.12.0

Released 2025-01-17 Minor Changes
  • Added Automatic Impersonation Token Consumption to SDK UI

v5.11.0

Released 2025-01-16 Minor Changes
  • Add support for TypeScript-based Stytch project configurations
  • Add support for HttpOnly cookies, when enabled in the project configuration
  • Allow configuring API endpoint domain for live projects via endpointOptions.apiDomain

v5.10.6

Released 2025-01-16 Patch Changes
  • Add discoveryRedirectUrl to B2BPasswordOptions

v5.10.5

Released 2025-01-16 Patch Changes
  • Updated dependencies

v5.10.4

Released 2025-01-15 Patch Changes
  • Avoid flash when loading SCIM component in Admin Portal

v5.10.3

Released 2025-01-13 Patch Changes
  • Updated dependencies

v5.10.2

Released 2025-01-08 Patch Changes
  • Improve UX for Admin Portal’s SSO connection configure

v5.10.1

Released 2024-12-19 Patch Changes
  • In Admin Portal member management, indicate when an organization requires MFA of all members

v5.10.0

Released 2024-12-16 Minor Changes
  • Added the ability to sort RBAC roles in Admin Portal
Patch Changes
  • Added the option to change sso_jit_provisioning in Admin Portal’s Organization Settings
  • Add OAuth Tenant settings to Admin Portal’s Organization Settings
  • Improve Admin Portal’s Organization settings User onboarding UI

v5.9.4

Released 2024-12-05 Patch Changes
  • Add DFPPA to OTP Email Login Or Create

v5.9.3

Released 2024-12-03 Patch Changes
  • Fix organization slug matching when using wildcard domains in test environments
  • Improve Admin Portal’s JIT Provisioning UX

v5.9.2

Released 2024-11-26 Patch Changes
  • Relax the requirement for products specified in the UI config to have a corresponding *Options configuration set if the product can use default options.

v5.9.1

Released 2024-11-26 Patch Changes
  • Admin Portal’s SSO Connection Details page now has a Test Connection button for active SSO connections.
  • Allows discovery password reset flows to work without providing an explicit password reset url

v5.9.0

Released 2024-11-20 Minor Changes
  • Update text on Password Reset Flows
Patch Changes
  • Fix issue where B2B UI login methods in certain combinations were shown in a different order than specified

v5.8.0

Released 2024-11-13 Minor Changes
  • Support email OTP in B2B UI
  • Add Email OTP Allowed Auth Method

v5.7.0

Released 2024-11-12 Minor Changes
  • Add in Cross-Org Password Flows to SDK UI

v5.6.2

Released 2024-11-11 Patch Changes
  • Improved error message for ad_blocker_detected
  • Remove workaround for setting cookies in older versions of Firefox
  • Error messages in the StytchLogin component no longer overflows the container

v5.6.1

Released 2024-11-01 Patch Changes
  • Gracefully handle localStorage exceptions

v5.6.0

Released 2024-10-30 Minor Changes
  • Adds support for GitHub as a B2B OAuth provider.
Patch Changes
  • Admin Portal’s Okta SAML SSO configuration can now be manually configured

v5.5.4

Released 2024-10-24 Patch Changes
  • Admin Portal’s SSO configuration page now has improved IdP specific instructions.

v5.5.3

Released 2024-10-22 Patch Changes
  • Remove unused errorMessage field.

v5.5.2

Released 2024-10-16 Patch Changes
  • Fix issue removing all SSO implicit role assignments via Admin Portal organization settings

v5.5.1

Released 2024-10-14 Patch Changes
  • Fix Google One Tap for B2B

v5.5.0

Released 2024-10-08 Minor Changes
  • Add Role Assignments component to Admin Portal’s SCIM management component
Patch Changes
  • Add support for external SSO connections to Admin Portal
  • Fix race condition when entering phone number

v5.4.0

Released 2024-10-02 Minor Changes
  • Add ability to create and update external SSO connections
Patch Changes
  • Ensure errors are caught when certain network requests fail in Admin Portal
  • Improve discovery menu UI for longer organization names
  • Improve Error messages for Admin Portal components
  • Fix edit SCIM group role assignments in Admin Portal’s Automatic Role Assignments section

v5.3.1

Released 2024-09-17 Patch Changes
  • Allow users to perform actions for their own account in Admin portal’s Member management
  • In Admin Portal the Automatic Role assignments section’s Save button is disabled if no changes are made.
  • Improve UX for Admin Portal SCIM configure
  • Custom redirect URL query parameters are no longer cleared
  • Remove Vessel from B2C Setup a new crypto wallet screen
  • Warn members that they cannot edit their own email address in the Admin Portal

v5.3.0

Released 2024-09-06 Minor Changes
  • Add Admin Portal SCIM UI. The Admin Portal SCIM UI can be rendered using the mountAdminPortalSCIM function from @stytch/vanilla-js/b2b/adminPortal.
Patch Changes
  • Added focus/hover to search bar in Admin Portal
  • Improved navigation in Admin Portal
  • Improved UX in Admin Portal
  • Improved UX for Admin Portal’s Organization Settings
  • Left align Add Role assignment button in Admin Portal Org settings
  • Admin Portal buttons are now more consistent
  • Admin Portal’s improved Switch component
  • Admin Portal tables now use fixed widths
  • Warn members before they remove their own ability to assign roles in Admin Portal
  • Reordered components in Admin Portal Member Management details

v5.2.0

Released 2024-08-29 Minor Changes
  • Support HubSpot and Slack as B2B OAuth providers
Patch Changes
  • Handle discovered organizations supporting JIT provisioning by OAuth tenant

v5.1.2

Released 2024-08-28 Patch Changes
  • Updated dependencies

v5.1.1

Released 2024-08-26 Patch Changes
  • Updated dependencies

v5.1.0

Released 2024-08-23 Minor Changes
  • Invoke StytchEventType.AuthenticateFlowComplete when authentication UI flows are complete. This includes any steps that take place after obtaining a valid session, like saving recovery codes after MFA enrollment.
Patch Changes
  • Fix font size for AdminPortalOrgSettings heading

v5.0.0

Released 2024-08-21
This is a major version bump with potential breaking changes.
Major Changes
  • Upgrades the Vanilla JS SDK to use a new backend implementation with increased performance, support tooling, and end-to-end observability

v4.18.2

Released 2024-08-21 Patch Changes
  • Updated dependencies

v4.18.1

Released 2024-08-14 Patch Changes
  • Update strings in Admin Portal UI

v4.18.0

Released 2024-08-14 Minor Changes
  • Implements Sign in With Ethereum (SIWE) for crypto wallets
  • Adds ability to view and unlink retired emails to HeadlessB2BOrganizationClient and HeadlessB2BSelfClient.

v4.17.1

Released 2024-08-12 Patch Changes
  • Mark Admin Portal Organization UI config properties as optional
  • Fix bug when organization has no active SCIM connections

v4.17.0

Released 2024-08-09 Minor Changes
  • Add container.borderWidth and container.padding to the Admin Portal style configuration
  • Support custom role display names and descriptions in organization settings and SSO Admin Portal components
Patch Changes
  • Honor more custom themed input and button properties
  • Added SCIM groups to Admin portal Organization settings

v4.16.2

Released 2024-08-06 Patch Changes
  • Guard references to localStorage and sessionStorage

v4.16.1

Released 2024-08-05 Patch Changes
  • Fix transparent watermark background

v4.16.0

Released 2024-08-02 Minor Changes
  • Add Admin Portal Member Management UI. The Admin Portal Member Management UI can be rendered using the mountAdminPortalMemberManagement function from @stytch/vanilla-js/b2b/adminPortal.
  • Updated theme config to support disabled buttons
  • Adds dfppaDomain to optional SDK client configuration
Patch Changes
  • Fix visual bug for Powered by Stytch banner
  • Fixed adding an SSO connection with no groups in Admin Portal Organization settings
  • Update Admin Portal font sizes and spacings
  • Fix Admin Portal styling conflicts with other applications using Material UI
  • Hide secondary authentication organization settings when not configurable in Admin Portal

v4.15.0

Released 2024-07-25 Minor Changes
  • Add SCIM Headless Methods

v4.14.1

Released 2024-07-25 Patch Changes
  • Updated dependencies

v4.14.0

Released 2024-07-19 Minor Changes
  • Add Admin Portal Org Settings UI. The Admin Portal Org Settings UI can be rendered using the mountAdminPortalOrgSettings function from @stytch/vanilla-js/b2b/adminPortal.
Patch Changes
  • Allow users to change number of rows per page in Admin Portal tables

v4.13.3

Released 2024-07-12 Patch Changes
  • Prevent login UI buttons from submitting parent forms
  • Improve role selection in Admin Portal

v4.13.2

Released 2024-07-11 Patch Changes
  • fix: SSO DFPPA Functionality
  • Gracefully handle narrower widths with phone number input

v4.13.1

Released 2024-07-02 Patch Changes
  • Updated dependencies

v4.13.0

Released 2024-06-28 Minor Changes
  • Add Admin Portal SSO UI. The Admin Portal SSO UI can be rendered using the mountAdminPortalSSO function from @stytch/vanilla-js/b2b/adminPortal.
Patch Changes
  • Improve error messages when entering phone number.

v4.12.2

Released 2024-06-27 Patch Changes
  • Fix phone input attribute and autocomplete warnings
  • Update recovery code download file to include organization name

v4.12.1

Released 2024-06-18 Patch Changes
  • Improved error message for EML in B2B UI component

v4.12.0

Released 2024-06-06 Minor Changes
  • Give each OAuth provider a customScopes and providerParams in UI component config

v4.11.3

Released 2024-05-29 Patch Changes
  • Svg icons will now resize properly
  • Updated Icons in Login and EML inbox flows to be vanilla SVGs.
  • Fix empty or block when there are no SSO connections
  • Updated UI for the Stytch Watermark.

v4.11.2

Released 2024-05-13 Patch Changes
  • Updated dependencies

v4.11.1

Released 2024-05-07 Patch Changes
  • Loosen typings for various options to accept both string literals and TypeScript enums
  • Show error when slug is missing or no slug pattern matches during B2B Organization auth flow

v4.11.0

Released 2024-04-26 Minor Changes
  • Add stytch.organization.getBySlug method to B2B clients

v4.10.1

Released 2024-04-25 Patch Changes
  • Updated dependencies

v4.10.0

Released 2024-04-25 Minor Changes
  • B2B Google One Tap is now available in the Javascript SDK and pre-built UI components! You can enable One Tap in the UI components by editing the B2BOAuthOptions in your UI config - we’ve updated the providers type to accommodate One Tap. If you add { type: 'google', one_tap: true } to your providers list, we’ll show the Google One Tap prompt in the top right of the user’s browser. In the Javascript SDK, you can use the stytch.oauth.googleOneTap.start() and stytch.oauth.googleOneTap.discovery.start() methods to render the One Tap prompt, depending on if you are using an organization-specific or discovery flow.

v4.9.1

Released 2024-04-23 Patch Changes
  • Ensure we display friendly error messages where possible

v4.9.0

Released 2024-04-18 Minor Changes
  • Add stytch.onStateChange event listener to headless clients
  • Add getInfo method to user, session, member, and organization

v4.8.0

Released 2024-04-12 Minor Changes
  • Enable FedCM for use with Google One Tap by default. For users using supported browsers (including Google Chrome and other Chromium-based browsers), Google One Tap will now use FedCM to provide a sign in experience using native browser prompts. Due to changes in Google’s One Tap SDK, this affects One Tap using both floating and embedded positioning. Notably, users of Chrome and other Chromium-based browsers will no longer see a embedded One Tap UI by default. Google will begin to remove support for this UI later this year. We recommend adopting the new default behavior, but we have added new position options if you require different behavior:
    • floating remains the default option and uses Google’s One Tap SDK’s default behavior. It uses FedCM (native browser UI) where available, or renders a floating UI in the top right corner otherwise.
    • floatingOrEmbedded uses FedCM where available, or renders an embedded UI in the existing SDK login form otherwise. This is the new default behavior of the embedded position, which has been deprecated and renamed for clarity.
    • embeddedOnly renders the embedded UI in the existing SDK login form if FedCM is not available, or not at all otherwise. This option is not recommended for new applications. For applications that used embedded positioning and do not want to show floating or native browser UI, this option may be useful.
    • forceLegacyEmbedded retains the legacy behavior by disabling FedCM support even where it is available. This option is not recommended and will stop being honored by Google in the future, at which time you will need to select a different option.
    The embedded position will still be recognized and treated as floatingOrEmbedded, but we recommend updating your configuration to use the new name or a different option.

v4.7.8

Released 2024-04-11 Patch Changes
  • Fix an issue where a B2B member enrolled in MFA with an unverified phone number was prompted to re-enter a phone number instead of the OTP that was sent to verify their number

v4.7.7

Released 2024-04-02 Patch Changes
  • Updated dependencies

v4.7.6

Released 2024-04-02 Patch Changes
  • Updated dependencies

v4.7.5

Released 2024-03-27 Patch Changes
  • Fix race condition that could lead to high CPU usage with multiple tabs open

v4.7.4

Released 2024-03-22 Patch Changes
  • Updated dependencies

v4.7.3

Released 2024-03-18 Patch Changes
  • Updated dependencies

v4.7.2

Released 2024-03-18 Patch Changes
  • Added DFP functionality to users search in passwords screen

v4.7.1

Released 2024-03-12 Patch Changes
  • Ensure API errors are handled internally

v4.7.0

Released 2024-03-12 Minor Changes
  • Release RN B2C UI

v4.6.0

Released 2024-03-04 Minor Changes
  • Add support for SMS OTP and TOTP MFA flows in B2B login UI components. This includes prompting members to complete MFA when they are required to use it to authenticate, and enrolling members who are required to enroll in MFA but have not yet done so. The new mfaProductOrder and mfaProductInclude options can be used to customize the experience further.

v4.5.5

Released 2024-03-01 Patch Changes
  • Disable use of FedCM with Google OneTap

v4.5.4

Released 2024-02-27 Patch Changes
  • Fix incorrect imports

v4.5.3

Released 2024-02-13 Patch Changes
  • Fixed a display bug for B2B on host websites modifying box-sizing

v4.5.2

Released 2024-02-08 Patch Changes
  • Updated dependencies

v4.5.1

Released 2024-02-08 Patch Changes
  • Fix encoding of Solana wallet signatures in UI components

v4.5.0

Released 2024-02-06 Minor Changes
  • Add disableCreateOrganization option to B2B UI config

v4.4.4

Released 2024-02-02 Patch Changes
  • Work around an issue where cookies intermittently do not persist in Firefox

v4.4.3

Released 2024-01-31 Patch Changes
  • Updated dependencies

v4.4.2

Released 2024-01-29 Patch Changes
  • Fix an issue where ISTs were being deleted before they could be used

v4.4.1

Released 2024-01-25 Patch Changes
  • Re-order and align phone number country code list with allowed countries

v4.4.0

Released 2024-01-22 Minor Changes
  • Adds headless methods for interacting with b2b recovery codes

v4.3.2

Released 2024-01-19 Patch Changes
  • Updated dependencies

v4.3.1

Released 2024-01-18 Patch Changes
  • Honor hideHeaderText configuration for B2B UI

v4.3.0

Released 2024-01-12 Minor Changes
  • Add support for theming inputs in UI components

v4.2.1

Released 2024-01-09 Patch Changes
  • Updated dependencies

v4.2.0

Released 2024-01-04 Minor Changes
  • Add organization.getSync and organization.onChange methods to B2B client

v4.1.2

Released 2024-01-04 Patch Changes
  • Fix B2B discovery flow when SSO is enabled with auth methods besides magic links

v4.1.1

Released 2024-01-03 Patch Changes
  • Fix an issue where fromCache would not update to false after cached data was refreshed

v4.1.0

Released 2024-01-02 Minor Changes
  • Add B2B TOTPs (Create/Authenticate)

v4.0.0

This is a major version bump with potential breaking changes.
Major Changes
  • Improvements to error types in the JS and React Native SDKs
Minor Changes
  • Mark stytch.member as deprecated in favor of stytch.self Adds RBAC functionality
Patch Changes
  • Allow “Login without a password” to immediately login a user who followed a valid password reset link
  • Remove bundled dependencies from package manifest

v3.2.5

Released 2023-12-04 Patch Changes
  • Adding better handling for Passkey cross device errors.

v3.2.4

Released 2023-11-29 Patch Changes
  • Switch from using React to Preact

v3.2.3

Released 2023-11-27 Patch Changes
  • Add an updated config object for logging members in directly when they have a single membership

v3.2.2

Released 2023-11-21 Patch Changes
  • Remove phone number dependency to improve bundle size in vanilla-js
  • Add an optional config property in the B2B SDK to skip the discovery flow if a member is part of a single organization

v3.2.1

Released 2023-11-17 Patch Changes
  • Add Update/Delete Registrations UI
  • Passkeys: Add Update/Delete Registration UI

v3.2.0

Released 2023-11-14 Minor Changes
  • Enable passthrough OAuth paramters from UI configuration

v3.1.1

Released 2023-11-07 Patch Changes
  • fix: AbortController Logic Passkey Authenticate

v3.1.0

Released 2023-11-07 Minor Changes
  • B2C Passkeys Headless Support & UI components

v3.0.3

Released 2023-10-31 Patch Changes
  • Remove PasswordEMLCombinedDiscovery
  • Resolved a critical severity vulnerability with the @babel/traverse dependency

v3.0.2

Released 2023-10-26 Patch Changes
  • Update B2B Password Reset by Session to stay logged in
  • remove unnecessary organization_id param from passwords.resetBySession in B2B client
  • Minor copy change on the B2B Passwords UI component

v3.0.1

Released 2023-10-10 Patch Changes
  • Bug fix for clearing the local storage state and cookies when a stale session exists while using the SDK across subdomains

v3.0.0

Released 2023-10-04
This is a major version bump with potential breaking changes.
Major Changes
  • Change export of B2B Headless Client to separate subpackage to improve tree-shaking performance 
    import { StytchB2BHeadlessClient } from '@stytch/vanilla-js/b2b';
    Is now updated to 
    import { StytchB2BHeadlessClient } from '@stytch/vanilla-js/b2b/headless';

v2.2.2

Released 2023-09-29 Patch Changes
  • Don’t delete cookies from datalayer, let SubscriptionService handle instead.

v2.2.1

Released 2023-09-22 Patch Changes
  • Updated dependencies

v2.2.0

Released 2023-09-20 Minor Changes
  • Add DFP Protectd Auth JS final release
Patch Changes
  • Add Device Fingerprinting to the React Native SDK
  • Don’t delete cookies from the datalayer just because the localstorage is empty
  • Add support for Observation and decisioning mode for DFP

v2.1.1

Released 2023-09-19 Patch Changes
  • Updated dependencies

v2.1.0

Released 2023-09-19 Minor Changes
  • Add Device Fingerprinting Bot Detection to SDKs

v2.0.5

Released 2023-09-06 Patch Changes
  • Add new option to confiugre domain cookie should be set to
  • Fixed a display bug on host websites modifying box-sizing
  • fix bug with alignment of PhoneInput

v2.0.4

Released 2023-08-30 Patch Changes
  • Fix PKCE logic for password resets log in without password flow

v2.0.3

Released 2023-08-29 Patch Changes
  • updateStateAndTokens call in resetBySession and resetExistingPassword
  • fix bug where password reset email for returning passwordless user is not sent

v2.0.2

Released 2023-08-28 Patch Changes
  • Add docs for new verified fields on Member objects, and fix some docs links

v2.0.1

Released 2023-08-14 Patch Changes
  • Define behavior for when SSO is only allowed auth method during discovery

v2.0.0

Released 2023-08-08
This is a major version bump with potential breaking changes.
Major Changes
  • Breaking Changes: The intermediate session token (IST) will no longer be accepted as an argument for the discovery list organizations, intermediate sessions exchange, and create organization via discovery endpoints. The IST will be passed in automatically. ISTs are stored as browser cookies or persisted on device when they are generated after calls to discovery authenticate endpoints, such as email magic link discovery authenticate, or primary authenticate endpoints in the case where MFA is required, such as email magic link authenticate or SSO authenticate. New Features: Our B2B product now supports multi-factor authentication (MFA) with one-time passcodes (OTPs) via SMS. MFA policies can be set on the Organization level or on the Member level. See the Stytch docs for more information.

v1.1.4

Released 2023-08-03 Patch Changes
  • Updated UI to include error message for breached passwords. Added missing breach_detection_on_create key in the strength check response

v1.1.3

Released 2023-08-01 Patch Changes
  • Updated types for the password strength method. Updated UI for the password strength check while using LUDS

v1.1.2

Released 2023-07-19 Patch Changes
  • Yahoo OAuth Fix (build)

v1.1.1

Released 2023-07-19 Patch Changes
  • Yahoo OAuth

v1.1.0

Released 2023-07-14 Minor Changes
  • The intermediate session token will now be stored as a cookie after calls to the B2B magic link discovery authenticate endpoint and the OAuth discovery authenticate endpoint.

v1.0.5

Released 2023-07-12 Patch Changes
  • Added new OAuth Providers

v1.0.4

Released 2023-07-12 Patch Changes
  • Updated dependencies

v1.0.3

Released 2023-07-11 Patch Changes
  • Update input type and mode for OTPs

v1.0.2

Released 2023-06-30 Patch Changes
  • Fix a bug where Floating One Tap stays around after StytchLogin unmounts.

v1.0.1

Released 2023-06-28 Patch Changes
  • Exposes API errors to the UI when attempting to create a new password instead of logging in with a passwordless method

v1.0.0

Released 2023-06-27
This is a major version bump with potential breaking changes.
Major Changes
  • An additional configuration property to let developers render the Stytch SDK UI through the Shadow DOM. This is a major version change on the @stytch/vanilla-js package as the previous versions would render the UI through the Shadow DOM by default. It will now default to false. When the Shadow DOM is disabled, this also fixes an issue with the SDK UI to allow for emails and passwords to be auto-filled, along with support for browser password managers.

v0.14.5

Released 2023-06-23 Patch Changes
  • update the consumer password flow to not let users change their email while signing up or logging in with their password
  • Add B2B OAuth
  • B2B OAuth UI

v0.14.4

Released 2023-06-14 Patch Changes
  • Fixes a bug with autocomplete in email fields on mobile.

v0.14.3

Released 2023-06-13 Patch Changes
  • bug fix for the B2B SDK UI: only showing the allowed auth methods when an organization has restricted auth methods

v0.14.2

Released 2023-06-06 Patch Changes
  • Updated dependencies

v0.14.1

Released 2023-05-31 Patch Changes
  • Updated dependencies

v0.14.0

Released 2023-05-26 Minor Changes
  • B2B Passwords UI components

v0.13.4

Released 2023-05-19 Patch Changes
  • Fix for the onEvent callback while creating a new organization in the B2B SDK UI. Missing export for the nextjs B2B package

v0.13.3

Released 2023-05-09 Patch Changes
  • Fix support for the Passwords UI flow when developers have enabled LUDS in their passwords strength check config

v0.13.2

Released 2023-05-05 Patch Changes
  • Updated dependencies

v0.13.1

Released 2023-05-02 Patch Changes
  • Fixed a bug in the Consumer UI component while trying to click on the “Login without a password” button on the Forgot Password screen
  • Fixes for minor styling issues in our consumer SDK UI components

v0.13.0

Released 2023-04-28 Minor Changes
  • Releasing UI components for our B2B SDKs.

v0.12.1

Released 2023-04-24 Patch Changes
  • Allow for empty strings in token/JWT

v0.12.0

Released 2023-04-17 Minor Changes
  • Add B2B Passwords headless client
Patch Changes
  • Make organization name and slug optional for discovery organization create

v0.11.4

Released 2023-04-12 Patch Changes
  • Updated dependencies

v0.11.3

Released 2023-04-12 Patch Changes
  • Add locale argument to B2B email magic link methods

v0.11.2

Released 2023-04-06 Patch Changes
  • Include the b2b directory in package.json for the B2B SDK entrypoint

v0.11.1

Released 2023-03-31 Patch Changes
  • Fixes for bugs in the session logic when users are logged into multiple tabs
  • Add Session.updateSession to hydrate sessions from the backend

v0.11.0

Released 2023-03-29 Minor Changes
  • Add B2B Discovery headless client and session exchange method

v0.10.10

Released 2023-03-24 Patch Changes
  • Adding logic to ensure there is only a single session cookie when the availableToSubdomains boolean is flipped

v0.10.9

Released 2023-03-23 Patch Changes
  • Updated dependencies

v0.10.8

Released 2023-03-23 Patch Changes
  • Updated dependencies

v0.10.7

Released 2023-03-21 Patch Changes
  • Fix session/user persisting after logging out

v0.10.6

Released 2023-03-21 Patch Changes
  • SDK-877 Fix session/user persisting after logging out

v0.10.5

Released 2023-03-15 Patch Changes
  • Updated dependencies

v0.10.4

Released 2023-03-09 Patch Changes
  • Added Google One Tap to the Headless OAuth Client

v0.10.3

Released 2023-03-09 Patch Changes
  • Updated dependencies

v0.10.2

Released 2023-03-07 Patch Changes
  • Add React Native OAuth callback, PKCE fix

v0.10.1

Released 2023-03-06 Patch Changes
  • UI bugfixes

v0.10.0

Released 2023-03-01 Minor Changes
  • Launching B2B SDKs

v0.9.5

Released 2023-02-22 Patch Changes
  • Updated dependencies

v0.9.4

Released 2023-02-17 Patch Changes
  • Updated dependencies

v0.9.3

Released 2023-02-10 Patch Changes
  • Fix cookie options

v0.9.2

Released 2023-02-07 Patch Changes
  • Release Stytch Client Options

v0.9.1

Released 2023-02-01 Patch Changes
  • Fix one tap floating bug

v0.9.0

Released 2023-01-28 Minor Changes
  • Fix Google One Tap

v0.6.0

Released 2023-01-20 Minor Changes
  • Add support for template ID parameters to Magic link Login or create and Send methods, Email OTP Login or create and Send methods, and Reset Password Start
Patch Changes
  • Bold email on confirmation screen

v0.5.5

Released 2023-01-17 Patch Changes
  • Fix bug with PKCE code verifiers being shared over multiple methods

v0.5.4

Released 2022-12-22 Patch Changes
  • Updated dependencies

v0.5.3

Released 2022-12-13 Patch Changes
  • Updated dependencies

v0.5.2

Released 2022-12-13 Patch Changes
  • Updated dependencies

v0.5.1

Released 2022-11-07 Patch Changes
  • Fix bug with divider not showing for passwords

v0.5.0

Released 2022-10-31 Minor Changes
  • new styling config
Patch Changes
  • Add type definitions for User Metadata fields

v0.4.6

Released 2022-10-07 Patch Changes
  • Add support for custom email domains in magic link confirmation screen

v0.4.5

Released 2022-10-06 Patch Changes
  • Google one tap animation

v0.4.4

Released 2022-09-30 Patch Changes
  • Send methods in the SDK