Flutter plugin release notes
Visit the support matrix page for additional compatibility information.
We have changed our SDK versioning scheme to better adhere to the semantic versioning principle. This will make it easier for you to determine the nature of the SDK release in use in your projects.
More information can be found here.
Flutter plugin 4.2.0 - 14.08.2025
Native SDKs
General changes and new features
- UPDATE: The native iOS SDK has been updated to version 4.1.0. Refer to the native release notes as it includes several fixes.
Flutter plugin 4.1.0 - 30.07.2025
Native SDKs
General changes and new features
- UPDATE: The native Android SDK has been updated to version 4.1.0. Refer to the native release notes as it includes several fixes.
Flutter plugin 4.0.0 - 19.06.2025
Native SDKs
General changes and new features
- NEW: The SDK supports Application Attestation. (NEVISACCESSAPP-6565)
- NEW: The
DeviceCapabilities
abstract class has been added to know whether the device supports full basic attestation. (NEVISACCESSAPP-6673) - NEW: The
AndroidMetaData
has been extended with theapplicationFacetId
property. (NEVISACCESSAPP-6669) - NEW: The
Configuration
has been extended with theadmin4PatternBuilder
method that can be used when your application interacts with the Nevis Identity Suite configured with default Nevis Admin 4 pattern. (NEVISACCESSAPP-6375)
Breaking Changes
- CHANGED: Dropped the support of iOS 12 and iOS 13. The minimum supported iOS version is now iOS 14. (NEVISACCESSAPP-6686)
- CHANGED: The
MetaDataProvider
has been removed. UseMetaData
instead. (NEVISACCESSAPP-6585) - CHANGED: The unnamed and
authCloud
factory constructors ofConfiguration
have been removed. (NEVISACCESSAPP-6632) - CHANGED: The
Configuration.facetId
getter has been removed. We recommend using wildcards during development. (NEVISACCESSAPP-6699) - CHANGED: The
ConfigurationBuilder.facetId
method has been removed. We recommend using wildcards during development. (NEVISACCESSAPP-6699) - CHANGED: The
ConfigurationAuthCloudBuilder.facetId
method has been removed. We recommend using wildcards during development. (NEVISACCESSAPP-6699) - CHANGED: The
Configuration.authenticationRetryInterval
andConfiguration.authenticationMaxRetries
getters have been removed. UseAuthentication.retryPolicyObtainingAuthorizationProvider
instead. (NEVISACCESSAPP-6632) - CHANGED: The
ConfigurationBuilder.authenticationRetryInterval
andConfigurationBuilder.authenticationMaxRetries
methods have been removed. (NEVISACCESSAPP-6632) - CHANGED: The
ConfigurationAuthCloudBuilder.authenticationRetryInterval
andConfigurationAuthCloudBuilder.authenticationMaxRetries
methods have been removed. (NEVISACCESSAPP-6632) - CHANGED: The
PinUserVerificationContext.lastRecoverableError
getter has been removed. Use theauthenticatorProtectionStatus
instead and check whether it isPinProtectionStatusLastAttemptFailed
to know whether an invalid PIN was provided previously. (NEVISACCESSAPP-6632) - CHANGED: The
PasswordUserVerificationContext.lastRecoverableError
getter has been removed. Use theauthenticatorProtectionStatus
instead and check whether it isPasswordProtectionStatusLastAttemptFailed
to know whether an invalid password was provided previously. (NEVISACCESSAPP-6632) - CHANGED: The
PinUserVerificationError
andPinUserVerificationInvalidPinError
classes have been removed. (NEVISACCESSAPP-6632) - CHANGED: The
PasswordUserVerificationError
andPasswordUserVerificationInvalidPasswordError
classes have been removed. (NEVISACCESSAPP-6632)
For more information, see API references.
Flutter plugin 3.10.0 - 02.06.2025
Native SDKs
General changes and new features
- UPDATE: The hardening framework has been upgraded to the latest version. (NEVISACCESSAPP-6650)
For more information, see API references.
Flutter plugin 3.9.0 - 06.03.2025
Native SDKs
General changes and new features
- NEW: The
Authenticator
has been extended with theisSupportedByOs
property. - CHANGED: The unnamed and
authCloud
factory constructors ofConfiguration
have been deprecated. Use thebuilder
andauthCloudBuilder
static methods instead to create aConfiguration
. - CHANGED: From this version on, the dependency declaration of the federated Nevis Mobile Authentication SDK Flutter plugin packages uses version range constraints instead of caret syntax.
Breaking Changes
- CHANGED:
OperationForbidden
andOperationUnauthorized
OperationError
cases are removed. - UPDATE: The minimum required version of Android Gradle Plugin has been raised to 7.3.0.
- UPDATE: The minimum required Android API level has been raised to 24 (Android 7).
For more information, see API references.
Flutter plugin 3.8.1 - 27.11.2024
General changes and new features
- FIXED: We fixed application crashes which could occur due to threading issues during out-of-band operations.
- FIXED: We improved the error handling on the iOS platform leading to better indicated method names in crash logs.
For more information, see API references.
Flutter plugin 3.8.0 - 12.11.2024
General changes and new features
- CHANGED: We updated Nevis Mobile Authentication SDK to version 3.8.0.
- NEW:
AuthCloudApiClockSkewTooBig
error is now also returned asAuthCloudApiError
if such error occurs during registration. - NEW: Two experimental APIs that allow to
check
andsynchronize
configuration mismatches between client and backend has been added. - NEW: The new
JwsAuthorizationProvider
allows to execute deregistration without authorization requiring user interaction. (NEVISACCESSAPP-5598)
For more information, see API references.
Flutter plugin 3.7.0 - 12.07.2024
General changes and new features
As of Flutter plugin 3.7.0, Android API level 23 support is deprecated.
- CHANGED: We updated the minimum supported SDK version to Dart 3.1.0.
- CHANGED: We updated Nevis Mobile Authentication SDK to version 3.7.0.
- NEW: A new MetaData API to retrieve Nevis Mobile Authentication SDK version and other platform-dependent information is available. For applications running on Android, the API retrieves the SHA-256 hash of the signing certificate of the application that includes the SDK. For iOS applications, the API provides the FacetId of the application that includes the SDK.
- NEW: A new experimental API to retrieve pending out-of-band operations has been added.
Breaking Changes
- NEW: A new alphanumeric Password Authenticator is available. Note that this requires the nevisFIDO 8.2405.0 component version, otherwise you will need to manually extend the metadata and policy configuration files in nevisFIDO to support this new authenticator type. In this case refer to Default Nevis Authenticator Metadata to obtain the metadata statements and don't forget to add the authenticator AAIDs to the policy file(s). This is classified as a breaking change as depending on your implementation you may need to adapt your code when filtering or listing the available authenticators. (NEVISACCESSAPP-5406)
For more information, see API references.
Flutter plugin 3.6.0 - 05.02.2024
General changes and new features
- NEW: We extended the
PinPolicy
with thevalidatePinForEnrollment
andvalidatePinForPinChange
methods. These methods allow implementing custom PIN policies of any nature. - CHANGED: We updated Nevis Mobile Authentication SDK to version 3.6.0.
- FIXED: We fixed an issue where the plugin crashed during biometric authenticator cancellation on the Android platform.
For more information, see API references.
Flutter plugin 3.5.1 - 03.11.2023
General changes and new features
- Changes to support latest Flutter version (3.13.9).
For more information, see API references.
Flutter plugin 3.5.0 - 09.10.2023
General changes and new features
- CHANGED: We updated Nevis Mobile Authentication SDK to version 3.5.0.
For more information, see API references.
Flutter plugin 3.4.1 - 18.09.2023
General changes and new features
- FIXED: We fixed error handling issues, that occurred in some rare cases during a PIN change operation and multiple backend registration and authentication scenarios.
For more information, see API references.
Flutter plugin 3.4.0 - 22.08.2023
General changes and new features
- NEW: The SDK supports registering authenticators in multiple servers. See the Multiple Backend Support chapter for details.
- NEW: From this version on, the plugin also provides the device ID via
DeviceInformation
. - NEW: A new device passcode authenticator is introduced.
- CHANGE: On new registrations, the biometric credentials will be invalidated when a new biometric is added to the operating system if
invalidateOnNewOsBiometrics
is not invoked (seeRegistration.invalidateOnNewOsBiometrics
,AuthCloudApiRegistration.invalidateOnNewOsBiometrics
,OutOfBandRegistration.invalidateOnNewOsBiometrics
). - CHANGED: On new registrations, the device passcode cannot be used with biometric credentials by default (see
Registration.allowDevicePasscodeAsFallback
,AuthCloudApiRegistration.allowDevicePasscodeAsFallback
,OutOfBandRegistration.allowDevicePasscodeAsFallback
).
Breaking changes
- NEW: From this version on, the signature of the
Authentication.onError
callback function has changed. This method is invoked with anAuthenticationError
which returns aSessionProvider
that can be used to continue with the authentication session.
For more information, see API references.
Flutter plugin 3.3.0 - 30.06.2023
General changes and new features
- NEW: We now support invalidating the FIDO UAF credentials of biometric and fingerprint authenticators when the user adds new biometric credentials in the OS settings, see
invalidateOnNewOsBiometrics
. - NEW: We now support providing HTTP request headers that can be sent in the HTTP request during all the operations, see
requestHeaders
. - CHANGED: From this version on, the
deleteAuthenticator
method ofLocalData
does not require theaaid
to be provided. Providing noaaid
leads to all authenticator data being deleted. - CHANGED: Removed property validation for all operations as they are now handled by the native SDKs.
For more information, see API references.
Flutter plugin 3.2.0 - 30.03.2023
General changes and new features
- NEW: We now support disabling the device passcode as fallback for the biometric authenticator, see
allowDevicePasscodeAsFallback
. - NEW: We now support adding a retry strategy to the device information change operation, see
retryPolicy
. - CHANGED: The
authenticationRetryInterval
andauthenticationMaxRetries
properties have been deprecated in theConfiguration
object. Use theretryPolicyObtainingAuthorizationProvider
instead.
For more information, see API references.
Flutter plugin 3.1.0 - 26.02.2023
General changes and new features
- NEW: We now support class 2 sensors for the biometric authenticator on Android platform, see
allowClass2AndroidSensors
. - CHANGED: From this version on, the
deregistration
operation does not require theaaid
to be provided. Providing noaaid
in the operation leads to the whole account being deregistered instead of a single authenticator.
For more information, see API references.
Flutter plugin 3.0.1 - 05.12.2022
General changes and new features
- Initial release.
For more information, see API references.