Migrating to Auth0.js v9
Auth0.js v9 has been improved to operate with enhanced security and removes dependencies that have been deprecated as per Auth0's roadmap. In some cases, these security enhancements may impact application behavior when upgrading from an earlier versions of auth0.js.
Should I migrate to v9?
Everyone should migrate to v9. All previous versions are deprecated, and the deprecated endpoints used by them were removed from service on August 6, 2018. For applications that use Auth0.js within an Auth0 login page, this migration is recommended; for applications with Auth0.js embedded within them, this migration is mandatory.
The documents below describe all the changes that you should be aware of when migrating from different versions of Auth0.js to v9. Make sure you go through the relevant guide(s) before upgrading.
- Migrating from Auth0.js v8
- Migrating from Auth0.js v7
- Migrating from Auth0.js v6
- Migrating from Auth0.js v8 in Angular 1.x Applications
- Migrating from Auth0.js v7 in Angular 1.x Applications
- Migrating from Auth0.js v6 in Angular 1.x Applications
- Migrating from Auth0.js v8 in Angular 2.x Applications
- Migrating from Auth0.js v8 in React.js Applications
I upgraded but I still get deprecation warnings in the logs
You have already migrated to Auth0.js 9 but you still see this error in your logs:
Legacy Lock API: This feature is being deprecated. Please refer to our documentation to learn how to migrate your application.
These deprecation notices most likely originate from a user visiting the Universal Login page directly without initiating the authentication flow from your app. This can happen if a user bookmarks the login page directly. After August 6, 2018, these users will not be able to log in.
See Check Deprecation Errors for more information on deprecation-related errors.