๐ Dynamic Client Registration support
Connect Civic auth to any AI server or MCP server with our new Dynamic Client Registration support. Perfect for modern, flexible authentication flows.๐ OAuth client-credentials flow
Now supporting the OAuth client-credentials flow for secure server-to-server authentication scenarios.โก Major session refresh improvements
The Civic Auth SDK brings significant API improvements with faster session refreshes. Sessions now refresh quickly on page load and automatically in the background when users navigate back to protected pages.๐จ Enhanced UserButton UI
Improved the UserButton component with better visual design and user experience.
๐ Token exchange (RFC 8693)
Exchange one access token for another with different permissions or audience. Perfect for delegating access between services while maintaining security.๐ Enhanced cross-origin security
Added COEP and CORP headers for better security and compatibility with modern web standards.
๐ Passkey login is here!
We now support passkey as a login method! After enabling passkey, you can prompt users to create a passkey to login to your site, making login faster and more secure. Say goodbye to passwords and hello to the future of authentication.
๐ Mix and match React with any backend
New React SDK feature lets you use React on the frontend with any backend technology. Whether youโre running Node.js, Python, Go, or something else entirely, our React components now work seamlessly with your existing auth setup.Perfect for teams that want Reactโs user experience with the flexibility to choose their backend stack.
โก Smarter auth middleware
Refactored authentication middleware with better utilities and improved token refresh prioritization. Sessions now handle cleanup and replenishment more reliably.๐ ๏ธ URL parameter cleanup
Fixed issues with code parameter handling and improved session cleanup processes. Login flows are now more robust across different scenarios.๐ง Enhanced session reliability
Better session management ensures users stay authenticated properly and reduces unexpected logouts during normal usage.
๐ Client secrets for the enterprise crowd
We kept hearing from enterprise customers that they needed client secrets for their confidential applications. So we built it. You can now choose PKCE + client secret for maximum security, or go with client secrets only if youโre working with legacy systems that need it.Check out our authentication flows guide to see how it works.๐ฑ Mobile login that actually works
Remember those tiny login buttons that were impossible to tap on mobile? Yeah, we fixed that. Login buttons now look good and load fast on phones. No more squinting at your screen trying to hit the right spot.๐ ๏ธ Vanilla JavaScript plays nice with everything
Our vanilla JavaScript integration now works smoothly with Express, Fastify, Hono, or whatever backend youโre running. Same simple code, any framework.๐ Bug fixes and improvements
Weโve been busy polishing the experience:
- Various login flow improvements
- Enhanced mobile display quality
- Better handling of edge cases across different auth methods
๐ฑ React Native support is here
Your React Native apps can now use Civic Auth. Works on both iOS and Android with solid performance.๐ฆ Pure JavaScript, no frameworks required
Want to integrate Civic Auth without any frameworks? Now you can. Plain JavaScript integration that just works.
๐ Speaking Spanish and German
Login screens now support Spanish and German with complete translations. Your international users will feel right at home.๐ธ Google profile pictures show up
Fixed the bug where Google profile pictures wouldnโt load. No more broken image icons.
๐ Billing dashboard shows real numbers
The billing dashboard was showing incorrect data. Charts now display accurate usage information.๐ฏ Fewer annoying banners
App banners now only appear for production applications, not during development. Less noise while youโre building.
โก One redirect, not three
Next.js apps were doing multiple redirects after login. Fixed it so thereโs just one clean redirect like there should be.
๐ Billing dashboard improvements
Usage charts now show the right data with clearer visuals. No more guessing what your actual usage is.
๐ก Find your plan info easily
Subscription details and usage limits are now easy to find. No more hunting through multiple screens.๐ Better custom domain support
Improved how the SDK handles custom URLs and domains. More reliable and flexible.
๐ Production setup works again
Fixed the errors that were happening when setting up production applications. Should be smooth sailing now.
๐จ Know before you hit the limit
Added dashboard and email alerts when youโre approaching your plan limits. No more surprise overages.