March 2023
Change Log for ORE ID
🔐 New Security Implementations
Callback field changed to Allowed domains.
New security measures will be implemented to enforce anti app-spoofing.
Will require the developer to add their dApps live domain urls to a field in the ORE ID Developer Dashboard > Settings > General.
Api key is still necessary for required functions.
Development dApps will allow you to enter “localhost” as an allowed domain.
“Localhost” entries are not allowed in production. If your production dApp has “localhost” in the allowed domain field, you will need to remove the entry.
Domain filtering will go into effect later this month. Please update your dApp today.
👩💻 UI Updates
Token Transfer Summary added to transaction page.
Transaction Signing Popup will now give you a warning if action being taken has not been whitelisted by the dApp developer.
Multiple actions in a transaction will warn once; but, if more than one warning exists the prompt will list out all warnings.
Developer Note: “Description for user” field in Settings > Whitelist entries should be updated to give a clear and specific description of the action to the end user.
Account provider selector feature added.
Developers no longer need to implement separate login buttons. Now, they can pop up an oauth provider selection screen to end users.
Documentation for the upgraded pop up functionality.
Last updated