# CHANGELOG 📋

## Unreleased

## Releases

### 1.4.0
* Adds support for Microsoft Entra 'app tokens' for app2app flows without a user present.
* Adds 'AuthContext.token_claims' to provide easy access to decoded claims from the access token.
* Relaxes library dependencies so authlib won't block consumers updating their FastAPI.
* Supports both v1 and v2 MS Entra 'iss' claims.

### 1.3.0
* Bugfix: enforce Role enum on `Requires(roles={})`
* Adds `verify_auth` script to auto-generate policy summaries.
* Relaxed validation rules to accept `api://` prefix in token `aud` claims.


### 1.2.0
* Added `OPERATIONS_SCIENTIST` role

### 1.1.0
* Added `OPS_PROPOSAL_ADMIN`, `OPS_REVIEWER_SCIENCE` and `OPS_REVIEWER_TECHNICAL` Roles for the PHT

### 1.0
* Initial release: utilities for enforcing authorisation rules in SKAO applications.