auth0
diff --git a/‎.github/actions/npm-publish/action.yml‎
Lines changed: 6 additions & 5 deletions b/‎.github/actions/npm-publish/action.yml‎
Lines changed: 6 additions & 5 deletions
diff --git a/‎.github/workflows/npm-release.yml‎
Lines changed: 3 additions & 3 deletions b/‎.github/workflows/npm-release.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 0 additions & 1 deletion b/‎.github/workflows/release.yml‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎.github/workflows/test.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/test.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.version‎
Lines changed: 1 addition & 1 deletion b/‎.version‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎CHANGELOG.md‎
Lines changed: 26 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 26 additions & 0 deletions
@@ -3,8 +3,6 @@ name: Publish release to npm
 inputs:
   node-version:
     required: true
-  npm-token:
-    required: true
   version:
     required: true
   require-build:
@@ -29,11 +27,16 @@ runs:
       with:
         node-version: 22
         cache: 'pnpm'
+        registry-url: 'https://registry.npmjs.org'
 
     - name: Install dependencies
       shell: bash
       run: pnpm install --frozen-lockfile
 
+    - name: Update npm for OIDC trusted publishing
+      shell: bash
+      run: npm install -g npm@~11.10.0
+
     - name: Build package
       if: inputs.require-build == 'true'
       shell: bash
@@ -50,9 +53,7 @@ runs:
         else
           TAG="latest"
         fi
-        npm config set "//registry.npmjs.org/:_authToken" "${NPM_TOKEN}"
-        pnpm publish --tag $TAG
+        npm publish --tag $TAG
       env:
-        NPM_TOKEN: ${{ inputs.npm-token }}
         VERSION: ${{ inputs.version }}
         NPM_CONFIG_PROVENANCE: true
@@ -15,8 +15,6 @@ on:
     secrets:
       github-token:
         required: true
-      npm-token:
-        required: true
 
 ### TODO: Replace instances of './.github/actions/' w/ `auth0/dx-sdk-actions/` and append `@latest` after the common `dx-sdk-actions` repo is made public.
 ### TODO: Also remove `get-prerelease`, `get-version`, `release-create`, `tag-create` and `tag-exists` actions from this repo's .github/actions folder once the repo is public.
@@ -26,6 +24,9 @@ jobs:
     if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/'))
     runs-on: ubuntu-latest
     environment: release
+    permissions:
+      contents: write
+      id-token: write # Required for OIDC trusted publishing to npm
 
     steps:
       # Checkout the code
@@ -70,7 +71,6 @@ jobs:
           require-build: ${{ inputs.require-build }}
           release-directory: ${{ inputs.release-directory }}
           version: ${{ steps.get_version.outputs.version }}
-          npm-token: ${{ secrets.npm-token }}
 
       # Create a release for the tag
       - uses: ./.github/actions/release-create
 
@@ -35,5 +35,4 @@ jobs:
       node-version: 22 ## Updated to Node.js 22
       require-build: false
     secrets:
-      npm-token: ${{ secrets.NPM_TOKEN }}
       github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -83,7 +83,7 @@ jobs:
         run: pnpm test:coverage
 
       - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # pin@5.5.3
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # pin@6.0.0
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
 
 
@@ -1 +1 @@
-v4.16.1
+v4.17.1
@@ -1,5 +1,31 @@
 # Change Log
 
+## [v4.17.1](https://github.com/auth0/nextjs-auth0/tree/v4.17.1) (2026-04-16)
+[Full Changelog](https://github.com/auth0/nextjs-auth0/compare/v4.17.0...v4.17.1)
+
+**Fixed**
+- fix: defer `AuthClientProvider` construction when `AUTH0_DOMAIN` not set at build time [\#2604](https://github.com/auth0/nextjs-auth0/pull/2604) ([sleitor](https://github.com/sleitor))
+- fix: Next.js edge runtime build error for crypto module [\#2564](https://github.com/auth0/nextjs-auth0/pull/2564) ([Piyush-85](https://github.com/Piyush-85))
+
+## [v4.17.0](https://github.com/auth0/nextjs-auth0/tree/v4.17.0) (2026-04-09)
+[Full Changelog](https://github.com/auth0/nextjs-auth0/compare/v4.16.2...v4.17.0)
+
+**Added**
+- feat: MCD (Multiple Custom Domains) Support [\#2545](https://github.com/auth0/nextjs-auth0/pull/2545) ([tusharpandey13](https://github.com/tusharpandey13))
+
+**Fixed**
+- fix: prevent rolling session from re-creating a deleted session on concurrent logout [\#2530](https://github.com/auth0/nextjs-auth0/pull/2530) ([sleitor](https://github.com/sleitor))
+
+## [v4.16.2](https://github.com/auth0/nextjs-auth0/tree/v4.16.2) (2026-04-07)
+[Full Changelog](https://github.com/auth0/nextjs-auth0/compare/v4.16.1...v4.16.2)
+
+**Fixed**
+- fix: Middleware should not throw ERR_JWE_INVALID [\#2546](https://github.com/auth0/nextjs-auth0/pull/2546) ([crob](https://github.com/crob))
+- fix: preserve error details from HTTP 5xx OAuth responses [\#2533](https://github.com/auth0/nextjs-auth0/pull/2533) ([sleitor](https://github.com/sleitor))
+
+**Security**
+- chore(deps): update eslint to fix flatted vulnerability [\#2575](https://github.com/auth0/nextjs-auth0/pull/2575) ([Piyush-85](https://github.com/Piyush-85))
+
 ## [v4.16.1](https://github.com/auth0/nextjs-auth0/tree/v4.16.1) (2026-03-25)
 [Full Changelog](https://github.com/auth0/nextjs-auth0/compare/v4.16.0...v4.16.1)