ForgeRock Developer Experience

SDK for JavaScript changelog

Subscribe to get automatic updates: Developer Experience Changelog RSS feed

JavaScript SDK 4.4.2

May 15, 2024 patch


  • Added a logoutRedirectUri parameter to the FRUser.logout() method.

    Add the parameter to invoke a redirect flow, for revoking tokens and ending sessions created by a PingOne server.

    To learn more, follow the JavaScript tutorial for PingOne.

  • Added a platformHeader configuration property to control whether the SDK adds the X-Requested-Platform header to all outgoing connections.


  • Updated the embedded PingOne Signals (Protect) SDK to the latest version.

  • Updated the SDK to import the PingOne Signals (Protect) SDK dynamically and start it with a method call rather than on load.

  • Updated the build system to use Vite.


  • Wrapped the PingOne Signals (Protect) SDK to protect it from being called when running server-side.

JavaScript SDK 4.4.0

March 13, 2024 minor


  • Added a new module for future integration with PingOne Protect. [SDKS-2902]

  • Added the ability to include the supplied device name when displaying recovery codes. [SDKS-2536]

  • Added the ability to use the OpenID Connect .well-known endpoint to override the default path configuration. [SDKS-2966]

    This simplifies using the SDKs with OIDC-compliant identity providers, such as PingOne.

    For more information, refer to the ForgeRock SDK for JavaScript PingOne tutorial.

    The SDK is currently unable to revoke PingOne-issued OIDC tokens when using Firefox and Safari, due to third-party cookie restrictions.

  • Added StepOptions type to the public API .


  • Fixed a naming collision when using sessionStorage for tokens, state, and PKCE data and performing centralized login. [SDKS-2945]

JavaScript SDK 4.3.0

January 4, 2024 minor


  • Added ability to override default prefix string given to storage keys.

    For more information, refer to prefix in the ForgeRock SDK for JavaScript Properties.

  • Added an FRQRCode utility class to determine if a step has a QR code and handle the data to display.

    For more information, refer to Set up QR code handling.


  • Fixed undefined main and module fields in package.json.

JavaScript SDK 4.2.0

September 11, 2023 minor


  • Added a logLevel configuration property to specify the level of logging the SDK performs.

    For more information, refer to About the default JavaScript SDK logger.

  • Added a customLogger configuration property to specify a replacement for the native console.log that the SDK uses by default.

    For example, you could write a replacement that captures SDK log output to services such as Relic or Rocket.

    For more information, refer to Customize the JavaScript SDK logger .

JavaScript SDK 4.1.2

July 20, 2023 patch


  • Added support in preparation for upcoming ForgeRock Token Vault.


  • Fixed an issue with the getTokens() method failing if no parameters are provided and you perform certain down-leveling of code in the build process.

JavaScript SDK 4.1.1

June 29, 2023 minor


  • Added support in the HTTPClient for receiving transactional authorization advice in JSON format.


  • Improved types when using strict mode with TypeScript.

JavaScript SDK 4.0.0

May 23, 2023 major



  • Updated ESModule (ESM) bundle.

  • Updated tags in the GitHub repo to be prefixed with the package name. For example, javascript-sdk-${tag}.

  • Inserted a prompt=none parameter into OAuth 2.0 calls to the /authorize endpoint to prevent console error about frames.

Incompatible changes

  • No longer provides Universal Module Definition (UMD) support

  • Updated Policy types

  • Removed duplicate modules

For more information, refer to Incompatible changes.


  • JavaScript support configuration property deprecated.

For more information, refer to Deprecations.

JavaScript SDK 3.4.0

October 10, 2022 minor


  • Fixed HTTP headers by capitalizing all header names

  • Added support for TextInput callback

  • Updated device profile collection code:

    • Added optional chaining to protect object checks in both browser and node environments

    • Changed usage of window.crypto to globalThis.crypto to improve compatibility

JavaScript SDK 3.3.0

April 25, 2022 minor


  • Added Angular sample app.

  • Added token threshold feature.

Copyright © 2010-2024 ForgeRock, all rights reserved.