In the ever-evolving world of application development, managing identity is no small feat. But with the right tools, you can streamline your security and user management like never before. In this recap, we’ll dive into the latest updates from Auth0, showcasing how we’re enhancing your development experience with new features, integrations, and updates that bring both simplicity and power to the forefront.
Let’s explore the key updates you’ll want to know about and see how they can help you streamline your identity management, bolster security, and deliver more powerful, user-centric applications.
Updates You Don’t Want to Miss
Next.js SDK v4 (GA) Released
If you’re a Next.js developer, this update will significantly enhance your workflow. With Next.js SDK v4, now fully compatible with Next.js 15 and React 19, you can take advantage of cutting-edge features like:
- Middleware-Based Authentication: A streamlined approach that makes authentication management easier and reduces maintenance.
- Improved Security: Encrypted cookies replace outdated logic, bringing your app's security up to date.
- Better Session Management: Features like rolling sessions and custom database support ensure a smoother user experience.
This update is designed to help you take full advantage of the latest web development advancements without sacrificing security or performance.
Advanced Customizations for Universal Login (Early Access)
For customers who want to take their Universal Login experience to the next level, we’ve launched Advanced Customizations for Universal Login (ACUL) in Early Access. ACUL enables you to create fully custom, client-rendered versions of each Universal Login screen. With ACUL, you get full control over every pixel of the login and signup screens.
Supported flows include Single Step Signup/Login, ID First Signup/Login with various authentication methods (password, passwordless, passkeys, etc.), and more.
This is just the beginning, with more features and a new configuration UI coming in the months ahead. Check out the online documentation for all the details, and start building today!
Okta Universal Logout Integration Now Supported in Auth0
For teams using Okta to manage their workforce identity, we’re rolling out Universal Logout integration with Auth0. This update means you no longer need to build a global token revocation endpoint. Instead, when Okta detects a change in risk, it will automatically revoke sessions and refresh tokens.
It’s a simple integration with minimal configuration, but the security benefits are huge, making it easier for you to ensure your applications are always up-to-date and protected.
Custom Token Exchange – Early Access
We’re thrilled to announce Custom Token Exchange in Early Access. This OAuth grant-type feature allows you to exchange security tokens for other tokens, such as access tokens and offers flexibility using Actions for custom logic.
This new feature enables advanced use cases like:
- Migrating users to Auth0
- Integrating external IDPs
- Exchanging Auth0 tokens for different audiences
Custom Token Exchange provides the flexibility you need to handle sophisticated integrations where regular federation and OIDC flows aren’t feasible.
More cool features we have shipped to improve your experience:
Optimised TOTP Enrollment for Mobile Devices: We’ve made the process of enrolling in TOTP (Time-Based One-Time Password) on mobile devices more intuitive. Check out Auth0 Temporary OTP for more details!
Email OTP Verification – Email OTP(One Time Password) Verification: is now Generally Available (GA), providing an additional layer of security during signup and password reset. This feature requires Universal Login and can be enabled by changing the Verification Method from Verification Link to OTP in your connection settings.
Usage Metrics Dashboard for Auth0 FGA: We’re introducing the Usage Metrics Dashboard for Auth0 Fine-Grained Authorization (FGA). This new tool gives teams deep visibility into their authorization usage, enabling more efficient monitoring and management of monthly active users, total number of tuples, and monthly average requests per second.
New Private Cloud Region in India: We’ve expanded our Private Cloud availability by adding a new region in Hyderabad. This follows the Mumbai AWS region in India, providing additional flexibility, reduced latency, and improved data residency options for Auth0 customers in the region.
Deprecations
Node.js 12 and 16 Extensibility Runtimes Deprecation: We’re phasing out the Node.js 12 and 16 runtimes for extensibility integrations, such as Actions, Rules, Hooks, Custom Database Connections, and Custom Social Connections. If you’re using these runtimes, we strongly recommend migrating to Node.js 22, which is our recommended runtime for all new and existing extensibility integrations.
Unwarranted Session Removal After User Updates (Deprecated): In a bid to improve the user experience, we’ve deprecated the automatic invalidation of user sessions when performing database connection user updates with unchanged email or
email_verifiedCommunity and Events
Partnering with LangChain and LlamaIndex
As Generative AI (GenAI) applications become more powerful, securing these systems becomes essential. The "Auth for GenAI" initiative is here to help developers integrate strong authentication and authorization into their GenAI applications, ensuring sensitive data is protected when interacting with external APIs and data sources.
We’re thrilled to announce our partnerships with LangChain and LlamaIndex—two leading frameworks in the GenAI space. Together, we’re demonstrating how Auth0 can seamlessly integrate with these tools to secure your AI applications.
Key aspects of our collaboration include:
- Framework-Specific SDKs to simplify the integration of Auth0’s authentication and authorization solutions.
- Informative Developer Content that offers best practices, guides, and examples for secure GenAI app development.
- Fine-Grained Access Control using Auth0 FGA (Fine-Grained Authorization), which ensures that AI applications can securely access external data sources and APIs.
This partnership is a great step toward building secure, scalable, and compliant AI applications. We’re excited to collaborate with LangChain and LlamaIndex, and provide developers with the tools and resources they need to build the next generation of secure AI-powered systems.
Together, we’re building the future of secure Generative AI. Let’s innovate and secure the AI applications of tomorrow!
- Building a Secure RAG with Python, LangChain, and OpenFGA
- Build a Secure RAG Agent Using LlamaIndex and Okta FGA on Node.js
Events
At Auth0, we’re passionate about engaging with the developer community and sharing insights at events worldwide. Whether we’re speaking at conferences, hosting workshops, or simply connecting with like-minded developers, we’re excited to be part of the conversations shaping the future of identity and security. Here’s a look at where we’ve been recently and where you can catch us next!
Where Were We?
In the past few weeks, we’ve had the privilege of attending some amazing events and meeting incredible developers:
- JFokus – February 3-6
- Developer Week – February 11-13
- DevWorld Amsterdam – February 27-28
It’s been a blast connecting with the community, and if you joined us at any of these events, we hope you had a chance to chat with the team and explore what’s new with Auth0.
Looking ahead, we’ve got a busy schedule and can’t wait to meet more of you at these upcoming events:
- All Things Open AI – March 17-18
- Tech.eu Summit – March 25-26
Make sure to swing by our booth if you’ll be at any of these events, we’d love to talk all things identity, security, and the future of AI-powered applications!
That’s all for this month! We’re committed to keeping you updated with the latest and greatest features to help you build secure, scalable applications. Stay tuned for more in March!
About the author
Ana Cidre
Sr Manager, Developer Advocacy