Descope

Latest version: v1.6.10

Safety actively analyzes 682487 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 4 of 5

1.5.2

Enhancements
* **Get a user's OAuth provider tokens**: When using your own OAuth provider account, you can now choose to request additional scopes and have the provider's access tokens managed by Descope. When needed, those can be fetched using the `get_provider_token` function, which retrieves the token for your application to use.
* **Delete a tenant's SAML configuration**: Using the `delete_settings` function, you can define which tenant's SAML configuration should be deleted.
* **Search over audit logs**: You can now filter over Descope's audit logs using the `search` audit function. For a full list of filter options see function's documentation.

1.5.1

Enhancements
* **Set and expire user passwords**: You can now expire a user's password using the `expire_password` function, which will make the user reset it on their next authentication. There's also the option to set a new one using the `set_password` function; notice that even when choosing a password, the user will still need reset it on their next authentication.
* **Package dependencies definition**: We expanded our dependency ranges to increase compatibility.

Bug fixes
* **JWT claims in validation responses**: When validating the session (using `validate_session`, `refresh_session` and `validate_and_refresh_session` functions) we aligned the response to include the session JWT claims under the `sessionToken` key. On top of that - information such as user ID (`sub`), project ID (`iss`) and associations such as tenants - are all populated with the relevant values.

1.5.0

Enhancements
* **User custom attributes** 💫 : We're glad to announce that we now support adding custom attributes to the user object! The default user object is great, but sometimes you want to keep a bit more information on it for your app's needs.
* Creation of the attributes are done from the [Descope Console](https://app.descope.com/), and you can find them in the user object under the `custom_attributes` property. Option to set, update and delete the values are also available from the SDK.
* **Add a Login ID to the user upon update**: When updating a user's phone or email (via OTP / Magic Link / Enchanted Link), you can decide if to make that new value part of the user's Login IDs so that they can later on authenticate with them.
There can be times where an existing user with the new identifier already exists in your user database - so a merging strategy needs to be defined as well.
All of this can be done using the `add_to_login_ids` parameter.
* **Import and export of Flows and Themes**: If you want to export or import flows and themes from one project to another - you can do so now with supporting commands, such as `export_flow`. Examples can be found in the SDK's README.
* **Get tenant SSO configuration**: Using the `get_settings` function, you can now fetch a specific tenant's SSO configuration. Example on how to do so in the repo's README, under the ['Manage SSO Settings' section](https://github.com/descope/python-sdk#manage-sso-setting).
* **User attribute updates**: You can now update the user's picture using the new user `update_picture` command, and user custom attributes using the `update_custom_attribute` command.
* **Timeouts for request**: We added configurable timeouts to our request. Default is set by the `DEFAULT_TIMEOUT_SECONDS` property and is set to 60 seconds. (tebeka)

Bug fixes
* **Test user functions**: Deleting and authenticating test users didn't work in some cases as they were using the wrong methods. We fixed it and now it should work smoothly.

1.1.1

Bug fixes
* **Automatic configuration of base URL**: Some Python frameworks require setting the base URL parameter manually to Descope's API. We have now fixed this behavior to automatically set the base URL correctly.

1.1.0

Breaking changes
* **PEP8 naming convention alignment**: We made sure our Python SDK is aligned to the PEP8 naming convention; this includes the following breaking changes:
* auth/webauthn.py - `transactionID` argument of the `sign_up_finish` function has changed to `transaction_id`
* management/jwt.py - `updateJWT` function has changed to `update_jwt`

Enhancements
* **Passwords for user authentication**: Descope now supports usage of passwords. You can design your authentication flow to include password authentication, update a user's password when expired, and more.
* **User testing utility for your E2E tests**: When using authentication methods such as OTP / Magic Link / Enchanted Link, it can get cumbersome to automatically test those as part of the app's testing process. To close this loop - we released a utility with which you can create test users. Those special users are enabled to generate codes or links without the need of 3rd party messaging services.
You can create, fetch and delete test users - all part of your integration tests code! More information, along with examples, can be found in the SDK's README.
* **Invite users via management commands**: Use the new `invite` User command to programmatically invite users to your project. Just like in the console, you can control which tenants and roles will be associated to the invited users.
* **Masked email and phone dynamic values**: We updated some of the authentication methods' responses to return a masked value of the user's verification identifier. Use the `masked_address` parameter when working with OTP / Magic Link / Enchanted Link to present it in Flow Screens or your own proprietary UI.
* **Pagination support for Users**: We now support the ability to paginate the `search_all` User response. Use the `page` parameter to define how many results should return in each page.
* **Documentation enhancements**: Tiny enhancements to our SDK's README.

1.0.0

Breaking changes
* **SameSite=Strict Cookies**: We changed the configuration of cookies so that they are `SameSite=Strict`.
For more information on how to configure custom domains correctly - visit our [documentation](https://docs.descope.com/manage/session/).
* **Naming alignments**: We aligned our naming in multiple places to be snake-case instead of camel-case, along with parameter naming alignment. These changes include:
* `loginOptions` > `login_options`
* `refreshToken` > `refresh_token`
* `DeliveryMethod.PHONE` > `DeliveryMethod.SMS`

Enhancements
* **JWT returns in `validate_session`**: The `validate_session` function will now return the parsed JWT response.
* **Upgraded SSO configuration options**: We upgraded SSO management function, so that they now support configuring the `domain` parameter, which is used for auto registering new users to a specific tenant, if their identifiers are from the defined domain.

Bug fixes
* **Logic fix in `validate_and_refresh_session` function**: A fix to allow either and not both actions in method was applied.

Page 4 of 5

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.