Changelog
5.14.0
minorMay 03, 2024
What's Changed
- Fix: AndroidiOS When
lockAfterBackgrounded
isundefined
, the vault should remain unlocked when backgrounded. If locking the vault immediately is desired, setlockAfterBackgrounded
to0
. (RMET-3271) - Fix: AndroidiOS Ensure errors are properly surfaced during vault initialization
- Fix: Android Fixes a crash with Identity Vault on Android 14 when using Capacitor 6. (RMET-3370)
- Fix: Android Fixes an issue where the app backgrounded time was being incorrectly set due to a race condition when Custom Tabs was opened and the immediately closed
- Fix: Android Calling
getKeys
on an empty vault should now properly return an empty array instead of throwing an error (RMET-3221) - Fix: AndroidiOS Fixes various issues with the initial state of a vault upon creation (RMET-3350)
- Fix: iOS Calling
isBiometricsAllowed
now correctly returns deined if a user already denied biometrics permissions for the application - Fix: Web Properly updates the internal lock state in lock/unlock calls to the
BrowserVault
(RMET-3321)
5.13.0
minorApril 04, 2024
What's Changed
- Fix: Android Correctly handles null logger callbacks to ensure we return a proper error
- Fix: Android Write background entered time on pause to ensure it exists when resuming the application (RMET-3270)
- Fix: iOS Properly returns a response when biometric permissions are denied (RMET-3168)
- Feature: Updates the getting started guides with new tutorials
5.12.3
patchJanuary 18, 2024
What's Changed
- Fix: Android Prevent calling
showBiometricPrompt()
from locking the vault
5.12.1
patchOctober 11, 2023
What's Changed
- Fix: Handle vault resume events properly when an application is using multiple vault instances
5.12.0
minorSeptember 21, 2023
What's Changed
- Feature: Adds support for a new
logLevel
configuration parameter to enable more verbose logging - Fix: Android Fixes a crash from an incorrect intent string name in the BiometricActivity
- Fix: iOS Adds a fix to avoid breaking applications that utilize Apple CarPlay
- Fix: Web Updates the
BrowserVault
interface to match the new API surface - Fix: Persist the
backgroundEnteredTime
in the keychain / shared preferences so that it is not lost if the app is killed and restarted by the operating system
5.11.1
patchJune 21, 2023
What's Changed
- Fix: Properly settings the passcode when creating a new Custom Passcode vault
5.11.0
minorJune 20, 2023
New initialize
method
We no longer recommend configuring your instance of Identity Vault using the constructor. Initializing a new vault is an asynchronous operation, and the constructor does not provide a way to handle errors or know when the initialization is complete. Instead, use the new initialize
method, which returns a promise and provides a way to handle errors.
What's Changed
- Feature: Adds
initialize
method - Fix: Android Invalidate vault and throw an error when all device biometrics or credentials are removed
- Fix: Android Remove setting java version from the gradle file
5.9.6
patchFebruary 01, 2023
What's Changed
- Fix: Catch and handle errors thrown when retrying vault operations
5.9.5
patchJanuary 03, 2023
What's Changed
- Fix: Android Allow a Device Security vault to be cleared without providing biometric credentials
- Fix: iOS Improve interoperability with 3rd party Cordova packages
5.9.4
patchNovember 30, 2022
What's Changed
- Fix: Android Handle a privacy screen dialog crash when the Activity is destroyed
- Fix: Properly handle
null
values insetValue
5.9.3
patchJuly 22, 2022
What's Changed
- Fix: Android Fixes a window manager crash when the privacy dialog tries to appear
- Fix: Set the default value for
hideScreenOnBackground
tofalse
5.9.2
patchAugust 05, 2022
What's Changed
- Fix: Invalidate an inconsistent Device Security vault when the user interacts with the vault
5.9.1
patchJuly 22, 2022
What's Changed
- Fix: Android Check Device Security vault consistency on app resume
- Fix: Android Properly trigger the privacy screen on Android 12+ or on devices using Gesture Navigation
- Fix: iOS Properly check the system passcode status in
isBiometricsEnabled
- Fix: Ignore
shouldClearVaultAfterTooManyFailedAttempts
vault configuration setting for non Custom Passcode vaults
5.9.0
minorJuly 11, 2022
What's Changed
- Feature: Allow using
setCustomPasscode
to change the passcode on a vault - Fix: Android Handle inconsistencies with Device Security vault and the current biometric strength
- Fix: Android Avoid throwing an error when calling
isEmpty
if device biometrics are disabled
5.8.0
minorJune 08, 2022
New isBiometricsAllowed
method
The Device class exposes a new method isBiometricsAllowed()
that returns the current state of biometric permissions.
What's Changed
- Feature: Adds new
isBiometricsAllowed()
method
isBiometricsAllowed()
always returns granted
5.7.3
patchMay 16, 2022
What's Changed
- Fix: Android Removed JCenter dependencies
- Fix: Add support for multiple instances of the Vault Migrator class to migrate multiple vaults
5.7.1
patchApril 20, 2022
What's Changed
- Fix: Fixes StrongBox compatibility detection
- Fix: iOS Fixes a crash on Cordova when
onError
was initialized - Fix: iOS Avoid throwing an error when only a system passcode was setup for a device when creating a vault using
DeviceSecurityType.Both
5.7.0
minorApril 05, 2022
What's Changed
- Feature: Adds support for the
onLock
trigger to In Memory vaults - Fix: iOS Fixes a bug where
showBiomtricPrompt
would never resolve
5.6.0
minorMarch 29, 2022
What's Changed
- Feature: Adds a timeout boolean to the
onLock
handler to indicate if the vault was locked due to a timeout - Feature: Android Adds a flag to dim the background when the biometric prompt is shown
- Fix: Android Properly handle missing resource strings in the Vault Migrator class
5.5.2
patchMarch 02, 2022
What's Changed
- Fix: Correctly triggers the
onError
callback on the vault that is throwing the error
5.5.1
patchFebruary 22, 2022
What's Changed
- Fix: iOS Correctly invalidate a vault when the registered biometrics change
5.5.0
minorFebruary 07, 2022
What's Changed
- Feature: Android Skip prompt for biometrics when creating a new vault on Android
- Fix: Adds support for
isEmpty()
to In Memory vaults
5.4.0
minorJanuary 05, 2022
New showBiometricPrompt
method
The Device class exposes a new method showBiometricPrompt()
that enabled you to programmatically show a biometric prompt to the user. This method returns a Promise<void>
that resolves when the user successfully authenticates using biometric or the promise is rejected with a standard VaultError
code and message if a failure state occurs.
try {
await Device.showBiometricPrompt(promptConfig);
// biometric prompt succeeded successfully
} catch (err) {
// handle error
}
What's Changed
- Feature: Adds ability to programmatically show the biometric prompt
- Fix: Android Avoids vault key collisions when switching biometrics or removing system pin
5.3.1
patchDecember 10, 2021
What's Changed
- Fix: Fixes an issue when using a version of TypeScript < 3.8
5.3.0
minorDecember 06, 2021
New onPasscodeRequested
callback mechanism
Prior to this release, the onPasscodeRequested
handler was invoked whenever a user was required to enter their passcode to unlock a Custom Passcode Vault. Once they did, it was intended that setCustomPasscode
would be called to set the entered passcode and unlock the vault. However, this flow often caused problems and was very unintuitive.
We have added a new callback handler to the onPasscodeRequested
method to simplify this process. Now, when the user is required to enter their passcode, the onPasscodeRequested
handler will be invoked with a new second argument. This second argument is a callback that should be called with the entered passcode. Once the callback is called, the vault will be unlocked and the data will be accessible.
vault.onPasscodeRequested((isPasscodeSetRequest, onComplete) => {
const message = isPasscodeSetRequest
? 'Setup Passcode' // passcode is being set for first time
: 'Enter passcode'; // passcode is being asked for unlock
const passcode = window.prompt(message) || '';
onComplete(passcode);
});
What's Changed
- Feature: Adds a new callback mechanism for handling
onPasscodeRequested
5.2.0
minorNovember 22, 2021
New isEmpty
method
Vaults now have the ability to programmatically check if the vault is empty. This can be used without needing to unlock the vault and read the data.
What's Changed
- Feature: Added
isEmpty()
method - Fix: Android Resolves a crash that can occur on Android where the biometric prompt background conflicts with the application theme settings
- Fix: Avoids errors thrown when
onUnlock
listener is set tonull
for Secure Storage vaults
5.1.2
patchNovember 16, 2021
What's Changed
- Fix: Android Correctly handles some uncaught errors related to Android Keystore operations
- Fix: Provides a proper error message when a malformed config object is passed
- Fix: Fixes a class name collision with the Device plugin and
@capacitor/device
5.1.1
patchOctober 27, 2021
What's Changed
- Fix: Fixes a crash when importing complex objects into the vault
- Fix: Removes built in localizations
5.1.0
minorOctober 11, 2021
New Device.hasSecureHardware
method
We have added the ability to check if the running device has a secure hardware enclave. This should be used to programmatically determine if the device supports secure storage mechanisms so your application can react accordingly.
What's Changed
- Feature: Add
hasSecureHardware
device check - Fix: Ensure that the
VaultError.biometericsLockedOut
error is thrown when the device biometrics are locked out - Fix: Don't unnecessarily trigger the
onError
handler forMissingBiometrticError
5.0.5
patchSeptember 30, 2021
What's Changed
- Fix: Properly set the
isLockedOutOfBiometrics
flag after getting locked out biometrics - Fix: iOS Remove vaults on iOS after re-install that can be moved due to iCloud
- Fix: Allow
DeviceSecurity
vaults to be cleared without biometrics - Fix: Security: Fix ability to bypass max invalid unlock attempts on a vault
- Fix: Android Security: Implements strong Android Keystore protections
- Fix: Android Security: Properly set
setUserAuthenticationParam
based on the device security type
5.0.4
patchSeptember 17, 2021
What's Changed
- Fix: Properly handles vault data when biometrics have been changed or invalidated
5.0.2
patchSeptember 01, 2021
What's Changed
- Fix: Correctly enforce requirement of
cordova-android@10
- Fix: Correctly implements keychain access control requirements for
CustomPasscode
vault - Fix:
InMemoryVault
clears correctly when vault is locked - Fix: Check the vault exists before attempting to read values from the vault to avoid null runtime errors
- Fix: Android Handle
null
andundefined
values in thelockAfterBackgrounded
setting on Android - Fix: Replaced deprecated functions and cleaned up swift warnings from compiler
- Fix: Align biometric attempt error codes between iOS and Android
5.0.1
patchAugust 10, 2021
What's Changed
- Fix: iOS Fixes the splash screen not dismissing on iOS when
hideScreenOnBacgkround
is enabled - Fix: Fixes support for Identity Vault 5 in Cordova applications
- Fix: Uses the correct encoding when writing vault data
5.0.0
majorJuly 28, 2021
New API Surface
This release marks a major milestore for Identity Vault and introduces a completely new API surface and requires a migration from older versions. See the migration guide for full migration details.
Non-Secure Browser Vault Implementation
A new browser vault has been added that does not implement any secure storage mechanisms and is intended to be used for development purposes only. See the Browser Vault documentation for details.
What's Changed
- Breaking Change: New API Surface
- Feature: Improved compatibility with other non-Angular frameworks
- Feature: Enhanced local development experience
- Feature: Android Android Class 2 Biometrics support