Release 2.16.0

Auth0.podspec

@@ -1,6 +1,6 @@
 Pod::Spec.new do |s|
   s.name             = 'Auth0'
-  s.version          = '2.15.1'
+  s.version          = '2.16.0'
   s.summary          = "Auth0 SDK for Apple platforms"
   s.description      = <<-DESC
                         Auth0 SDK for iOS, macOS, tvOS, watchOS and visionOS apps.

Auth0/Info.plist

@@ -15,7 +15,7 @@
 	<key>CFBundlePackageType</key>
 	<string>FMWK</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2.15.1</string>
+	<string>2.16.0</string>
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleVersion</key>

Auth0/Version.swift

@@ -1 +1 @@
-let version = "2.15.1"
+let version = "2.16.0"

CHANGELOG.md

@@ -1,5 +1,22 @@
 # Change Log
 
+## [2.16.0](https://github.com/auth0/Auth0.swift/tree/2.16.0) (2025-12-11)
+[Full Changelog](https://github.com/auth0/Auth0.swift/compare/2.15.1...2.16.0)
+
+**Added**
+- Org support for  custom token exchange [\#1035](https://github.com/auth0/Auth0.swift/pull/1035) ([NandanPrabhu](https://github.com/NandanPrabhu))
+- chore: Add OSLog support for better SDK debugging/DX and redact sensitive tokens logging. [\#1030](https://github.com/auth0/Auth0.swift/pull/1030) ([sanchitmehta94](https://github.com/sanchitmehta94))
+- Added Agents.md file [\#1027](https://github.com/auth0/Auth0.swift/pull/1027) ([NandanPrabhu](https://github.com/NandanPrabhu))
+- feat: Add configurable biometric authentication policies for CredentialsManager [\#1019](https://github.com/auth0/Auth0.swift/pull/1019) ([subhankarmaiti](https://github.com/subhankarmaiti))
+- refactor: Added two new fields to passkey authentication [\#1020](https://github.com/auth0/Auth0.swift/pull/1020) ([pmathew92](https://github.com/pmathew92))
+- docs: Add Ask DeepWiki badge to README [\#1014](https://github.com/auth0/Auth0.swift/pull/1014) ([arpit-jn](https://github.com/arpit-jn))
+
+**Changed**
+- refactor: updated the key logic for storing MRRT token [\#1031](https://github.com/auth0/Auth0.swift/pull/1031) ([pmathew92](https://github.com/pmathew92))
+
+**Fixed**
+- fix: Ensure biometric prompt is shown reliably with fresh LAContext for non-default policies [\#1028](https://github.com/auth0/Auth0.swift/pull/1028) ([subhankarmaiti](https://github.com/subhankarmaiti))
+
 ## [2.15.1](https://github.com/auth0/Auth0.swift/tree/2.15.1) (2025-10-03)
 [Full Changelog](https://github.com/auth0/Auth0.swift/compare/2.15.0...2.15.1)
 

Gemfile.lock

@@ -1,11 +1,9 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    CFPropertyList (3.0.7)
-      base64
-      nkf
-      rexml
-    activesupport (7.2.2.2)
+    CFPropertyList (3.0.8)
+    abbrev (0.1.2)
+    activesupport (7.2.3)
       base64
       benchmark (>= 0.3)
       bigdecimal
@@ -17,36 +15,36 @@ GEM
       minitest (>= 5.1)
       securerandom (>= 0.3)
       tzinfo (~> 2.0, >= 2.0.5)
-    addressable (2.8.7)
-      public_suffix (>= 2.0.2, < 7.0)
+    addressable (2.8.8)
+      public_suffix (>= 2.0.2, < 8.0)
     algoliasearch (1.27.5)
       httpclient (~> 2.8, >= 2.8.3)
       json (>= 1.5.1)
     artifactory (3.0.17)
     atomos (0.1.3)
     aws-eventstream (1.4.0)
-    aws-partitions (1.1168.0)
-    aws-sdk-core (3.233.0)
+    aws-partitions (1.1192.0)
+    aws-sdk-core (3.239.2)
       aws-eventstream (~> 1, >= 1.3.0)
       aws-partitions (~> 1, >= 1.992.0)
       aws-sigv4 (~> 1.9)
       base64
       bigdecimal
       jmespath (~> 1, >= 1.6.1)
       logger
-    aws-sdk-kms (1.113.0)
-      aws-sdk-core (~> 3, >= 3.231.0)
+    aws-sdk-kms (1.118.0)
+      aws-sdk-core (~> 3, >= 3.239.1)
       aws-sigv4 (~> 1.5)
-    aws-sdk-s3 (1.199.1)
-      aws-sdk-core (~> 3, >= 3.231.0)
+    aws-sdk-s3 (1.206.0)
+      aws-sdk-core (~> 3, >= 3.234.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.5)
     aws-sigv4 (1.12.1)
       aws-eventstream (~> 1, >= 1.0.2)
     babosa (1.0.4)
     base64 (0.3.0)
-    benchmark (0.4.1)
-    bigdecimal (3.2.3)
+    benchmark (0.5.0)
+    bigdecimal (3.3.1)
     claide (1.1.0)
     clamp (1.3.3)
     cocoapods (1.16.2)
@@ -91,7 +89,8 @@ GEM
     commander (4.6.0)
       highline (~> 2.0.0)
     concurrent-ruby (1.3.5)
-    connection_pool (2.5.4)
+    connection_pool (3.0.2)
+    csv (3.3.5)
     declarative (0.0.20)
     digest-crc (0.7.0)
       rake (>= 12.0.0, < 14.0.0)
@@ -100,8 +99,9 @@ GEM
     drb (2.2.3)
     emoji_regex (3.2.3)
     escape (0.0.4)
-    ethon (0.17.0)
+    ethon (0.18.0)
       ffi (>= 1.15.0)
+      logger
     excon (0.112.0)
     faraday (1.10.4)
       faraday-em_http (~> 1.0)
@@ -115,9 +115,9 @@ GEM
       faraday-rack (~> 1.0)
       faraday-retry (~> 1.0)
       ruby2_keywords (>= 0.0.4)
-    faraday-cookie_jar (0.0.7)
+    faraday-cookie_jar (0.0.8)
       faraday (>= 0.8.0)
-      http-cookie (~> 1.0.0)
+      http-cookie (>= 1.0.0)
     faraday-em_http (1.0.0)
     faraday-em_synchrony (1.0.1)
     faraday-excon (1.1.0)
@@ -132,15 +132,17 @@ GEM
     faraday_middleware (1.2.1)
       faraday (~> 1.0)
     fastimage (2.4.0)
-    fastlane (2.228.0)
+    fastlane (2.229.0)
       CFPropertyList (>= 2.3, < 4.0.0)
+      abbrev (~> 0.1.2)
       addressable (>= 2.8, < 3.0.0)
       artifactory (~> 3.0)
       aws-sdk-s3 (~> 1.0)
       babosa (>= 1.0.3, < 2.0.0)
       bundler (>= 1.12.0, < 3.0.0)
       colored (~> 1.2)
       commander (~> 4.6)
+      csv (~> 3.3)
       dotenv (>= 2.1.1, < 3.0.0)
       emoji_regex (>= 0.1, < 4.0)
       excon (>= 0.71.0, < 1.0.0)
@@ -160,6 +162,7 @@ GEM
       jwt (>= 2.1.0, < 3)
       mini_magick (>= 4.9.4, < 5.0.0)
       multipart-post (>= 2.0.0, < 3.0.0)
+      mutex_m (~> 0.3.0)
       naturally (~> 2.2)
       optparse (>= 0.1.1, < 1.0.0)
       plist (>= 3.1.0, < 4.0.0)
@@ -227,32 +230,31 @@ GEM
     i18n (1.14.7)
       concurrent-ruby (~> 1.0)
     jmespath (1.6.2)
-    json (2.15.0)
+    json (2.17.1)
     jwt (2.10.2)
       base64
     logger (1.7.0)
     mini_magick (4.13.2)
     mini_mime (1.1.5)
-    minitest (5.25.5)
+    minitest (5.26.2)
     molinillo (0.8.0)
-    multi_json (1.17.0)
+    multi_json (1.18.0)
     multipart-post (2.4.1)
     mutex_m (0.3.0)
     nanaimo (0.4.0)
     nap (1.1.0)
     naturally (2.3.0)
     netrc (0.11.0)
-    nkf (0.2.0)
     nokogiri (1.18.10-arm64-darwin)
       racc (~> 1.4)
     nokogiri (1.18.10-x86_64-darwin)
       racc (~> 1.4)
-    optparse (0.6.0)
+    optparse (0.8.1)
     os (1.1.4)
     plist (3.7.2)
     public_suffix (4.0.7)
     racc (1.8.1)
-    rake (13.3.0)
+    rake (13.3.1)
     representable (3.2.0)
       declarative (< 0.1.0)
       trailblazer-option (>= 0.1.1, < 0.2.0)

README.md

@@ -56,7 +56,7 @@ Then, select the dependency rule and press **Add Package**.
 Add the following line to your `Podfile`:
 
 ```ruby
-pod 'Auth0', '~> 2.15'
+pod 'Auth0', '~> 2.16'
 ```
 
 Then, run `pod install`.
@@ -66,7 +66,7 @@ Then, run `pod install`.
 Add the following line to your `Cartfile`:
 
 ```text
-github "auth0/Auth0.swift" ~> 2.15
+github "auth0/Auth0.swift" ~> 2.16
 ```
 
 Then, run `carthage bootstrap --use-xcframeworks`.

docs/data/documentation/auth0/apicredentials/accesstoken.json

@@ -1 +1 @@
-{"schemaVersion":{"patch":0,"major":0,"minor":3},"sections":[],"seeAlsoSections":[{"identifiers":["https:\/\/auth0.com\/docs\/secure\/tokens\/access-tokens"],"title":"Related Documentation","anchor":"Related-Documentation"}],"hierarchy":{"paths":[["doc:\/\/com.auth0.Auth0\/documentation\/Auth0","doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials"]]},"metadata":{"role":"symbol","title":"accessToken","roleHeading":"Instance Property","symbolKind":"property","fragments":[{"text":"let","kind":"keyword"},{"text":" ","kind":"text"},{"text":"accessToken","kind":"identifier"},{"text":": ","kind":"text"},{"text":"String","preciseIdentifier":"s:SS","kind":"typeIdentifier"}],"modules":[{"name":"Auth0"}],"externalID":"s:5Auth014APICredentialsV11accessTokenSSvp"},"primaryContentSections":[{"declarations":[{"platforms":["iOS"],"tokens":[{"kind":"keyword","text":"let"},{"kind":"text","text":" "},{"kind":"identifier","text":"accessToken"},{"kind":"text","text":": "},{"kind":"typeIdentifier","preciseIdentifier":"s:SS","text":"String"}],"languages":["swift"]}],"kind":"declarations"}],"variants":[{"traits":[{"interfaceLanguage":"swift"}],"paths":["\/documentation\/auth0\/apicredentials\/accesstoken"]}],"abstract":[{"text":"Token that can be used to make authenticated requests to the API.","type":"text"}],"kind":"symbol","identifier":{"interfaceLanguage":"swift","url":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials\/accessToken"},"references":{"doc://com.auth0.Auth0/documentation/Auth0/APICredentials":{"abstract":[{"type":"text","text":"User’s credentials obtained from Auth0 for a specific API as the result of exchanging a refresh token."}],"title":"APICredentials","identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials","role":"symbol","navigatorTitle":[{"text":"APICredentials","kind":"identifier"}],"url":"\/documentation\/auth0\/apicredentials","kind":"symbol","fragments":[{"text":"struct","kind":"keyword"},{"text":" ","kind":"text"},{"text":"APICredentials","kind":"identifier"}],"type":"topic"},"https://auth0.com/docs/secure/tokens/access-tokens":{"title":"Access Tokens","url":"https:\/\/auth0.com\/docs\/secure\/tokens\/access-tokens","type":"link","titleInlineContent":[{"text":"Access Tokens","type":"text"}],"identifier":"https:\/\/auth0.com\/docs\/secure\/tokens\/access-tokens"},"doc://com.auth0.Auth0/documentation/Auth0":{"kind":"symbol","url":"\/documentation\/auth0","role":"collection","identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0","abstract":[{"type":"text","text":"SDK for Apple platforms."}],"type":"topic","title":"Auth0"},"doc://com.auth0.Auth0/documentation/Auth0/APICredentials/accessToken":{"abstract":[{"text":"Token that can be used to make authenticated requests to the API.","type":"text"}],"title":"accessToken","type":"topic","role":"symbol","fragments":[{"kind":"keyword","text":"let"},{"kind":"text","text":" "},{"kind":"identifier","text":"accessToken"},{"kind":"text","text":": "},{"kind":"typeIdentifier","text":"String","preciseIdentifier":"s:SS"}],"kind":"symbol","url":"\/documentation\/auth0\/apicredentials\/accesstoken","identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials\/accessToken"}}}
+{"metadata":{"symbolKind":"property","title":"accessToken","externalID":"s:5Auth014APICredentialsV11accessTokenSSvp","roleHeading":"Instance Property","modules":[{"name":"Auth0"}],"fragments":[{"kind":"keyword","text":"let"},{"kind":"text","text":" "},{"kind":"identifier","text":"accessToken"},{"kind":"text","text":": "},{"kind":"typeIdentifier","text":"String","preciseIdentifier":"s:SS"}],"role":"symbol"},"sections":[],"variants":[{"traits":[{"interfaceLanguage":"swift"}],"paths":["\/documentation\/auth0\/apicredentials\/accesstoken"]}],"identifier":{"url":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials\/accessToken","interfaceLanguage":"swift"},"kind":"symbol","abstract":[{"type":"text","text":"Token that can be used to make authenticated requests to the API."}],"hierarchy":{"paths":[["doc:\/\/com.auth0.Auth0\/documentation\/Auth0","doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials"]]},"seeAlsoSections":[{"title":"Related Documentation","identifiers":["https:\/\/auth0.com\/docs\/secure\/tokens\/access-tokens"],"anchor":"Related-Documentation"}],"primaryContentSections":[{"declarations":[{"languages":["swift"],"platforms":["iOS"],"tokens":[{"text":"let","kind":"keyword"},{"text":" ","kind":"text"},{"text":"accessToken","kind":"identifier"},{"text":": ","kind":"text"},{"preciseIdentifier":"s:SS","text":"String","kind":"typeIdentifier"}]}],"kind":"declarations"}],"schemaVersion":{"major":0,"minor":3,"patch":0},"references":{"doc://com.auth0.Auth0/documentation/Auth0/APICredentials":{"role":"symbol","title":"APICredentials","fragments":[{"kind":"keyword","text":"struct"},{"kind":"text","text":" "},{"kind":"identifier","text":"APICredentials"}],"navigatorTitle":[{"kind":"identifier","text":"APICredentials"}],"abstract":[{"type":"text","text":"User’s credentials obtained from Auth0 for a specific API as the result of exchanging a refresh token."}],"kind":"symbol","identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials","url":"\/documentation\/auth0\/apicredentials","type":"topic"},"doc://com.auth0.Auth0/documentation/Auth0/APICredentials/accessToken":{"role":"symbol","title":"accessToken","fragments":[{"text":"let","kind":"keyword"},{"text":" ","kind":"text"},{"text":"accessToken","kind":"identifier"},{"text":": ","kind":"text"},{"preciseIdentifier":"s:SS","text":"String","kind":"typeIdentifier"}],"abstract":[{"text":"Token that can be used to make authenticated requests to the API.","type":"text"}],"kind":"symbol","url":"\/documentation\/auth0\/apicredentials\/accesstoken","identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials\/accessToken","type":"topic"},"doc://com.auth0.Auth0/documentation/Auth0":{"identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0","kind":"symbol","title":"Auth0","role":"collection","url":"\/documentation\/auth0","abstract":[{"type":"text","text":"SDK for Apple platforms."}],"type":"topic"},"https://auth0.com/docs/secure/tokens/access-tokens":{"identifier":"https:\/\/auth0.com\/docs\/secure\/tokens\/access-tokens","url":"https:\/\/auth0.com\/docs\/secure\/tokens\/access-tokens","titleInlineContent":[{"type":"text","text":"Access Tokens"}],"type":"link","title":"Access Tokens"}}}

docs/data/documentation/auth0/apicredentials/decodable-implementations.json

@@ -1 +1 @@
-{"variants":[{"traits":[{"interfaceLanguage":"swift"}],"paths":["\/documentation\/auth0\/apicredentials\/decodable-implementations"]}],"schemaVersion":{"major":0,"minor":3,"patch":0},"topicSections":[{"identifiers":["doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials\/init(from:)"],"title":"Initializers","generated":true,"anchor":"Initializers"}],"sections":[],"kind":"article","hierarchy":{"paths":[["doc:\/\/com.auth0.Auth0\/documentation\/Auth0","doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials"]]},"identifier":{"url":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials\/Decodable-Implementations","interfaceLanguage":"swift"},"metadata":{"modules":[{"name":"Auth0"}],"title":"Decodable Implementations","role":"collectionGroup","roleHeading":"API Collection"},"references":{"doc://com.auth0.Auth0/documentation/Auth0/APICredentials":{"abstract":[{"type":"text","text":"User’s credentials obtained from Auth0 for a specific API as the result of exchanging a refresh token."}],"title":"APICredentials","identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials","role":"symbol","navigatorTitle":[{"text":"APICredentials","kind":"identifier"}],"url":"\/documentation\/auth0\/apicredentials","kind":"symbol","fragments":[{"text":"struct","kind":"keyword"},{"text":" ","kind":"text"},{"text":"APICredentials","kind":"identifier"}],"type":"topic"},"doc://com.auth0.Auth0/documentation/Auth0":{"kind":"symbol","url":"\/documentation\/auth0","role":"collection","identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0","abstract":[{"type":"text","text":"SDK for Apple platforms."}],"type":"topic","title":"Auth0"},"doc://com.auth0.Auth0/documentation/Auth0/APICredentials/init(from:)":{"abstract":[],"title":"init(from:)","identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials\/init(from:)","role":"symbol","url":"\/documentation\/auth0\/apicredentials\/init(from:)","kind":"symbol","fragments":[{"kind":"identifier","text":"init"},{"kind":"text","text":"("},{"kind":"externalParam","text":"from"},{"kind":"text","text":": any "},{"preciseIdentifier":"s:s7DecoderP","kind":"typeIdentifier","text":"Decoder"},{"kind":"text","text":") "},{"kind":"keyword","text":"throws"}],"type":"topic"}}}
+{"metadata":{"modules":[{"name":"Auth0"}],"role":"collectionGroup","title":"Decodable Implementations","roleHeading":"API Collection"},"sections":[],"variants":[{"traits":[{"interfaceLanguage":"swift"}],"paths":["\/documentation\/auth0\/apicredentials\/decodable-implementations"]}],"topicSections":[{"identifiers":["doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials\/init(from:)-8e5ds"],"title":"Initializers","generated":true,"anchor":"Initializers"}],"identifier":{"url":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials\/Decodable-Implementations","interfaceLanguage":"swift"},"kind":"article","hierarchy":{"paths":[["doc:\/\/com.auth0.Auth0\/documentation\/Auth0","doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials"]]},"schemaVersion":{"minor":3,"patch":0,"major":0},"references":{"doc://com.auth0.Auth0/documentation/Auth0":{"identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0","kind":"symbol","title":"Auth0","role":"collection","url":"\/documentation\/auth0","abstract":[{"type":"text","text":"SDK for Apple platforms."}],"type":"topic"},"doc://com.auth0.Auth0/documentation/Auth0/APICredentials/init(from:)-8e5ds":{"kind":"symbol","fragments":[{"text":"init","kind":"identifier"},{"text":"(","kind":"text"},{"text":"from","kind":"externalParam"},{"text":": any ","kind":"text"},{"text":"Decoder","kind":"typeIdentifier","preciseIdentifier":"s:s7DecoderP"},{"text":") ","kind":"text"},{"text":"throws","kind":"keyword"}],"title":"init(from:)","type":"topic","role":"symbol","abstract":[],"identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials\/init(from:)-8e5ds","url":"\/documentation\/auth0\/apicredentials\/init(from:)-8e5ds"},"doc://com.auth0.Auth0/documentation/Auth0/APICredentials":{"role":"symbol","title":"APICredentials","fragments":[{"kind":"keyword","text":"struct"},{"kind":"text","text":" "},{"kind":"identifier","text":"APICredentials"}],"navigatorTitle":[{"kind":"identifier","text":"APICredentials"}],"abstract":[{"type":"text","text":"User’s credentials obtained from Auth0 for a specific API as the result of exchanging a refresh token."}],"kind":"symbol","identifier":"doc:\/\/com.auth0.Auth0\/documentation\/Auth0\/APICredentials","url":"\/documentation\/auth0\/apicredentials","type":"topic"}}}