5.3.0 (2026-04-09)
Added
- feat: Add CIMD support, organization connections, group deletion, refresh token listing; remove AOL/Flickr/Yammer providers #816 (fern-api[bot])
- feat:Add
Auth0-Custom-Domainheader support for Multiple Custom Domains (MCD) #799 (kishore7snehil)
5.2.0 (2026-03-30)
- Python 3.8 reached end-of-life in October 2024. This release requires Python >=3.9.2. Users on Python 3.8 should remain on v5.1.0 until they upgrade their Python version. #808 (kishore7snehil)
Added
- feat: Add default domain endpoints, connection key provisioning, tenant SCIM listing; remove MiiCard/Renren providers #801 (fern-api[bot])
- feat: Add client_info support for custom telemetry in Authentication and Management clients #802 (kishore7snehil)
- feat: Add SDK logging infrastructure with configurable log levels and header redaction #785 (fern-api[bot])
Fixed
- fix: Pagination page advancement incorrectly skipping pages #785 (fern-api[bot])
Changed
- chore: Update ruff, aiohttp, cryptography, urllib3, codecov-action; replace Snyk with SCA scan #808 (kishore7snehil)
5.1.0 (2026-02-11)
Fixed
- fix: Remove placeholder defaults from optional parameters + additional updates #778 (fern-api[bot])
5.0.0 (2026-02-04)
📢 This is the official v5.0.0 release with significant improvements and breaking changes.
Breaking Changes
- Complete rewrite of Management API client - Generated from Auth0's OpenAPI specifications using Fern
- Python 3.7 support dropped - Minimum required version is now Python 3.8
- Management API client restructured - Methods organized into modular sub-clients for better discoverability
- Method signatures changed - Consistent and predictable naming conventions across all endpoints
- Response types changed - Strongly-typed Pydantic models replace generic dictionaries
- Import paths changed -
from auth0.management.core.api_error import ApiErrorinstead offrom auth0.exceptions import Auth0Error - Pagination defaults changed -
include_totals=Trueis now the default for list operations - Client initialization simplified -
ManagementClienttakesdomaininstead of fullbase_url
Added
- First-class async support with
AsyncAuth0andAsyncManagementClient - Automatic token management with client credentials in
ManagementClient - Built-in pagination support with
include_totals=Trueby default - Type-safe request/response objects using Pydantic models
- Better IntelliSense and code completion support
- Comprehensive API reference documentation
- Migration guide for upgrading from v4.x
Changed
- Management API client fully regenerated using Fern
- Package structure reorganized with hierarchical sub-clients
- Error handling updated to use
ApiErrorbase class - Documentation updated with v5 examples
Note
- Authentication API remains fully backward compatible - no changes required
- See v5_MIGRATION_GUIDE.md for detailed upgrade instructions
4.13.0 (2025-09-17)
Added
4.12.0 (2025-09-15)
Added
- Updates for CIBA with email #720 (adamjmcgrath)
4.11.0 (2025-09-11)
Added
- feat: Support For Network ACL Endpoints #706 (kishore7snehil)
Fixed
- chore: fix workflow syntax errors and update dependencies #724 (kishore7snehil)
4.10.0 (2025-06-05)
Added
- chore: merge community PRs – bugfixes, features, and dependency upgrades #696 (kishore7snehil)
Fixed
- fix: handle
authorization_detailsin back_channel_login #695 (kishore7snehil)
4.9.0 (2025-04-01)
Added
- feat: Federated Connections Support #682 (kishore7snehil)
- Adding Support For CIBA with RAR #679 (kishore7snehil)
4.8.1 (2025-02-24)
Fixed
- Fix: Unauthorized Access Error For PAR #671 (kishore7snehil)
4.8.0 (2025-01-29)
Added
- Adding Support For RAR and JAR Requests #659 (kishore7snehil)
- Adding Support For Back Channel Login #643 (kishore7snehil)
Fixed
- Consolidated Community PRs and Dependency Upgrades #660 (kishore7snehil)
- Updating Dependancies And Workflow Action Versions #653 (kishore7snehil)
- Fixing the Github Workflow Issues #644 (kishore7snehil)
4.7.2 (2024-09-10)
Security
- Update cryptography requirements.txt #630 (duedares-rvj)
4.7.1 (2024-02-26)
Security
4.7.0 (2023-12-05)
- Add python 3.12 support, drop 3.7 #562 (adamjmcgrath)
Added
- [SDK-4138] Add support for Pushed Authorization Requests (PAR) #560 (adamjmcgrath)
4.6.1 (2023-11-29)
Fixed
- Fix rest_async and async tests #556 (adamjmcgrath)
- fix type hint for link_user_account #552 (tzzh)
4.6.0 (2023-11-09)
Added
- [SDK-4544] Add orgs in client credentials support #549 (adamjmcgrath)
- Authentication API, the Database classs, Add the organization param to the change_password method #539 (shchotse)
- Retry all methods on 429 #518 (adamjmcgrath)
4.5.0 (2023-10-20)
Added
- [SDK-4656] Add fields to all_organization_members #537 (adamjmcgrath)
4.4.2 (2023-08-31)
Fixed
- Fix python dependency version #522 (adamjmcgrath)
- Revert publishing types #521 (adamjmcgrath)
4.4.1 (2023-08-21)
Fixed
- Fix for async types #515 (adamjmcgrath)
4.4.0 (2023-07-25)
Added
- [SDK-4394] Add organization name validation #507 (adamjmcgrath)
- Add type hints to
management#497 (Viicos)
Fixed
4.3.0 (2023-06-26)
Added
- Add forwardedFor option to password grant login #501 (adamjmcgrath)
- Add connections.all name parameter #500 (adamjmcgrath)
- Add type hints to base and
authentication#472 (Viicos)
Fixed
- Fix async auth client #499 (adamjmcgrath)
- Fix update_template_universal_login #495 (adamjmcgrath)
4.2.0 (2023-05-02)
Added
- Add cache_ttl param to AsymmetricSignatureVerifier #490 (matei-radu)
4.1.1 (2023-04-13)
Fixed
- Make pw realm params optional #484 (adamjmcgrath)
- Fix intellisense on Auth0 class #486 (adamjmcgrath)
4.1.0 (2023-03-14)
Added
- Add branding theme endpoints #477 (adamjmcgrath)
- [SDK-4011] Add API2 Factor Management Endpoints #476 (adamjmcgrath)
- Use declarative setup with
pyproject.toml#474 (Viicos)
4.0.0 (2023-01-19)
Added
- Add support for private_key_jwt #456 (adamjmcgrath)
- Add support for managing client credentials #459 (adamjmcgrath)
Security
- Update pyjwt #460 (adamjmcgrath)
Changed
- Remove deprecated methods #461 (adamjmcgrath)
- Remove v3 folder #462 (adamjmcgrath)
See the V4_MIGRATION_GUIDE for more info.
3.24.1 (2023-01-19)
Fixed
- Remove unnecessary type param from update_template_universal_login #463 (adamjmcgrath)
3.24.0 (2022-10-17)
Added
- [SDK-3714] Async token verifier #445 (adamjmcgrath)
- Add AsyncAuth0 to share a session among many services #443 (adamjmcgrath)
Fixed
- Bugfix 414 missing import #442 (adamjmcgrath)
3.23.1 (2022-06-10)
Fixed
- Pass rest_options through Auth0 constructor #354 (adamjmcgrath)
Added
- Asyncio Support #312 (adamjmcgrath)
- Add
/api/v2/brandingendpoints support #313 (evansims)
Added
- [SDK-3174] Add
DELETEmethod for/api/v2/users/{id}/authenticatorsendpoint #301 (akmjenkins) - [SDK-3175] Return token claims in TokenVerifier.verify() #273 (bisguzar)
Fixed
Added
Added
- Add attack protection endpoints #303 (adamjmcgrath)
Added
Changed
- Remove references to ID token in generic token classes #295 (lbalmaceda)
Fixed
Added
- [SDK-2720] Add support for actions APIs #289 (jimmyjames)
Added
- Make the CI fail when the docs syntax is invalid #287 (lbalmaceda)
- [SDK-2687] Implement automatic rate-limit handling #285 (evansims)
- Use Sphinx to generate API docs #281 (lbalmaceda)
- Add Passwordless Login function #279 (lbalmaceda)
- [SDK 2665] Update endpoint methods to support 'from' and 'take' checkpoint pagination parameters, where appropriate #278 (evansims)
Deprecated
- Deprecate /oauth/ro for passwordless #280 (lbalmaceda)
Fixed
- Re-Route Job Results endpoint #275 (lbalmaceda)
Fixed
- Remove requirements.txt file #270 (lbalmaceda)
- Repair Organisation get by name URL. #269 (queenvictoria)
Added
- Add access token validation guidance for organizations #262 (lbalmaceda)
- Add support for Organization MGMT API endpoints [SDK-2439] #261 (lbalmaceda)
- Add scope to refresh_token #256 (criles25)
- Allow configuration of outgoing request protocol #254 (garry-jeromson)
Added
- Add support for organizations feature #258 (jimmyjames)
Added
Added
- Add support for Log Streams API #236 (lbalmaceda)
Fixed
- Fix imports on the management/init.py file #235 (matthewarmand)
Added
- Add missing user profile properties to the signup endpoint #231 (lbalmaceda)
- Add Hooks management API #227 (guillp)
- Add missing external_id property to the import users job #222 (lbalmaceda)
Changed
- Remove iat claim value check #223 (lbalmaceda)
Fixed
- Skip sending optional parameters on POST request when unspecified #230 (lbalmaceda)
Added
- Add send_completion_email to users import job #220 (lbalmaceda)
- Expose the time at which the Rate Limit will reset #219 (lbalmaceda)
Removed
- Add deprecation note for DELETE /users (all users) #217 (lbalmaceda)
Security
- Improved OIDC compliance #213 (lbalmaceda)
Added
- Add connect/read timeout option #215 (lbalmaceda)
Fixed
- Accept client_secret as passwordless/start param #211 (lbalmaceda)
Changed
- Update minimum "requests" version to 2.14.0 #204 (lbalmaceda)
Added
- Add Roles and Permissions endpoints #202 (lbalmaceda)
July 18, 2019: This release included an unintentionally breaking change affecting those users that were manually parsing the response from GET requests. e.g. /userinfo or /authorize. The AuthenticationBase#get method was incorrectly parsing the request result into a String.
From this release on, making a GET request returns a Dictionary instead.
Breaking Change
- Fix request creation when headers are the default #198 (lbalmaceda).
Fixed
Security
- Update requests dependency to latest version #196 (lbalmaceda)
Fixed
- Fix HTTP method used for rotating Client secret #191 (lbalmaceda)
Fixed
- Update telemetry format #187 (lbalmaceda)
Changed
- Remove default value for search_engine #185 (lbalmaceda)
Fixed
Added
Added
- Add Revoke Refresh Token endpoint #170 (lbalmaceda)
- Add /dbconnections/signup with username and metadata #169 (lbalmaceda)
Added
- Add
client_idparam to ClientGrants.all #159 (danishprakash) - Add telemetry headers to AuthenticationBase #152 (crgk)
- Add pre-commit pypgrade hook and update supported versions #124 (hugovk)
- Implemented delete_user_by_email and test for connections #122 (runz0rd)
- Adds user export job creation. #112 (dmark)
Changed
- String Formatting Updated #141 (vkmrishad)
- Uses Python built-in modules to retrieve Python and auth0-python version number #125 (edawine)
Fixed
- Stop lower-casing email on user search #167 (helmus)
- Always include Content-Type header in management requests #158 (crgk)
Added
- Add pagination to Clients and Connections
- Add pagination to Client Grants, Resource Servers and Rules
- Add Email-Templates Management API endpoints
Fixed
- Replace default mutable arguments with None
- Fix JSON error message handling for Management API
Fixed
- Upload the correct package contents to Pypi.
Added
Fixed
- Correctly throw an exception when handing a text response #92 (benbc)
- Instantiate UserBlocks for consistency #90 (mattdodge)
Authentication API
- Improve handling of inconsistent API error responses.
Management API
- Added
upsertparameter toimport_usersjob.
Authentication API
- Added
refresh_tokenmethod to get_token
Authentication API
- Added Logout Functionality
Authentication API
- Added Support for API Authorization.
oauth/tokenendpoint- Client Credentials Grant
- Authorization Code Grant
- Authorization Code PKCE Grant
- Resource Owner Password Realm Grant
- Added Support for API Authorization.
authorizeendpoint- Authorization Code Grant
Management API v2
- Added Support for Guardian
- Added Support to retrieve Logs
- Added Support to manage Resource Servers
- Added Support to manage Client Grants
- Added Support to manage User blocks