March 2025 Updates

March has been a busy month here at PropelAuth, with a focus on making things easier - whether it’s improving initial integration experiences or saving time for your customer facing team members.
Here are the highlights:
User Management & Configuration Updates
All of these updates can be found via your PropelAuth dashboard.
- Expiration time for emails with expiring links (magic links, invitations, etc) can now be configured via the Emails page
- SCIM connections for an organization can now be added and removed via their Organization page
- Added search to the Org Members list pages
- User properties can now be unset/cleared from the dashboard
- We now display the name field for Waitlist users (if you are collecting name)
- You can now sort your API keys list by expires at, created at and last active at.
Enterprise SSO/SAML & SCIM:
- Added an
idp
query parameter to the SAML hosted pages so you can link your customers directly to a specific IDP guide (e.g. {SAML_SETUP_LINK}?idp=okta links specifically to the Okta guide). - Added support for groups syncing in Okta SCIM
- Updated the Entra guide w/ more instructions based on your feedback.
- Added a more helpful error message for users that attempt to use MSFT SSO without a properly configured account.
- Invitation links to SAML organizations now include a login method hint for SAML to avoid confusion
Simpler Streamlit Integration
Streamlit recently announced support for OpenID Connect (OIDC). This was incredibly exciting to us as a team because it allowed us to rethink our Streamlit integration and streamline the entire experience. Learn more about the new integration here.
Next.js CLI
We took a poll internally and agreed: the initial set up for PropelAuth in Next.js projects took too long… so we built a CLI. Now you can go from nothing to Next.js with auth in under 2 minutes. Read more about it here.
Client libraries / API:
- The latest version of our client libraries includes some changes to better support very high scale / burst-y API use cases. If you are using API keys, you likely will want to upgrade here.
- The Create User API now has an option
ignore_domain_restrictions
which you can use to bypass any allowlist/denylists in case you want to override those settings temporarily. extra_domains
andlegacy_org_id
are now properly passed back w/ all org information.
.NET (Beta)
- Our official .NET library is live and documented here. It supports configurations where you use .NET as a backend only or configurations where you use .NET as a fullstack framework (like Blazor).
- We added support for migrating .NET password hashes. .NET password hashes are a bit different than most, so if you are interested in learning more - send us an email and we can help.
Terraform
- You can now configure API Key Expiration alerts, OAuth clients, and Customer Facing Audit Log
Misc
- We now support Gitlab SSO
- Our OAuth flows now properly support Signup Query Params (like utm codes). Additional parameters that are passed in here will be properly forwarded to the signup page, and assigned to the user.
legacy_user_id
can now be edited and searched for in the dashboard- Added a
user.locked
webhook for when a user’s account is locked for security reasons. - Added a workaround to our Remix library since Cloudflare’s Remix integration doesn’t properly clean up state locally.