Changelog

Deprecating BEARER_TOKEN auth scheme for 19 toolkits

We’ve deprecated the BEARER_TOKEN auth scheme for the following 19 toolkits:

• Airtable
• Discord
• Discordbot
• Gmail
• Google Classroom
• Google Search Console
• Google Calendar
• Google Docs
• Google Drive
• Google Slides
• Google Super
• Instagram
• Ntfy
• Sapling AI
• Slack
• Slackbot
• Tawk To
• TikTok
• Twitter

Recommendation

For these toolkits, we recommend using alternative auth schemes (for example, OAUTH2, API_KEY, or other toolkit-supported schemes) instead of BEARER_TOKEN.

Backward compatibility (explicit)

This change is fully backward compatible:

• Existing auth configs and connected accounts created with BEARER_TOKEN will continue to function.
• Creating new auth configs and connected accounts with BEARER_TOKEN will continue to work (e.g., via API/SDK).
• To discourage new usage, BEARER_TOKEN auth configs / connected accounts will not be displayed in the UI for these toolkits.

Lookahead Announcement

We’re introducing Webhook Payload V3 - a redesigned webhook structure that follows industry standards and provides better developer experience. This update affects how you receive trigger events via webhooks and Pusher.

What’s Changing?

New Webhook Structure

We’re adopting the Standard Webhooks specification for better consistency and reliability.

Headers

A new header will identify the webhook version:

x-composio-webhook-version: V3

Payload Structure

The payload structure is being reorganized to separate Composio metadata from trigger data:

Before (V2):

1
{
2
  "log_id": "log_TpxVOLXYnwXZ",
3
  "timestamp": "2025-12-23T13:06:07.695Z",
4
  "type": "gmail_new_gmail_message",
5
  "data": {
6
    "connection_id": "a1b2c3d4-5e6f-7a8b-9c0d-1e2f3a4b5c6d",
7
    "connection_nano_id": "ca_xYz9AbCdEfGh",
8
    "trigger_nano_id": "ti_JZFoTyYKbzhB",
9
    "trigger_id": "7f8e9d0c-1b2a-3c4d-5e6f-7a8b9c0d1e2f",
10
    "user_id": "usr-demo-12a3b4c5...",
11
    // ... actual trigger data mixed with metadata
12
  }
13
}

After (V3):

1
{
2
  "id": "msg_a1b2c3d4-5e6f-7a8b-9c0d-1e2f3a4b5c6d",
3
  "timestamp": "2025-12-23T13:06:07.695Z",
4
  "type": "composio.trigger.message",
5
  "metadata": {
6
    "log_id": "log_TpxVOLXYnwXZ",
7
    "trigger_slug": "GMAIL_NEW_GMAIL_MESSAGE",
8
    "auth_config_id": "ac_aCYTppZ5RsRc",
9
    "connected_account_id": "ca_cATYssZ5RrSc",
10
    "trigger_id": "ti_JZFoTyYKbzhB",
11
    "user_id": "pg-test-86c9fc84..."
12
  },
13
  "data": {
14
    // Clean trigger data without Composio metadata
15
  }
16
}

Key Improvements

1. Metadata Separation: Composio-specific fields (connection IDs, trigger IDs, user IDs) are now in a dedicated metadata object
2. Clean Data: The data field now contains only the actual trigger payload without infrastructure metadata
3. Standardized Type Field: The type field now follows a consistent format (composio.trigger.message) instead of trigger-specific names like gmail_new_gmail_message
4. Trigger Slug in Metadata: The trigger slug (e.g., GMAIL_NEW_GMAIL_MESSAGE) is now available in metadata.trigger_slug for easy identification
5. Standards Compliance: Follows Standard Webhooks specification for better interoperability
6. Consistent Structure: Same payload structure for both webhooks and Pusher channels

Migration Guide

Updating Your Webhook Handlers

If you’re accessing Composio metadata fields, update your code:

1
# Before (V2)
2
trigger_type = payload["type"]  # "gmail_new_gmail_message"
3
connection_id = payload["data"]["connection_id"]
4
trigger_id = payload["data"]["trigger_id"]
5
message_text = payload["data"]["message_text"]
6
7
# After (V3)
8
trigger_type = payload["type"]  # "composio.trigger.message"
9
trigger_slug = payload["metadata"]["trigger_slug"]  # "GMAIL_NEW_GMAIL_MESSAGE"
10
connection_id = payload["metadata"]["connected_account_id"]
11
trigger_id = payload["metadata"]["trigger_id"]
12
message_text = payload["data"]["message_text"]

1
// Before (V2)
2
const triggerSlug = payload.type;  // "gmail_new_gmail_message"
3
const connectionId = payload.data.connection_id;
4
const triggerId = payload.data.trigger_id;
5
const messageText = payload.data.message_text;
6
7
// After (V3)
8
const webhookType = payload.type;  // "composio.trigger.message"
9
const triggerSlug = payload.metadata.trigger_slug;  // "GMAIL_NEW_GMAIL_MESSAGE"
10
const connectionId = payload.metadata.connected_account_id;
11
const triggerId = payload.metadata.trigger_id;
12
const messageText = payload.data.message_text;

Checking Webhook Version

You can detect the webhook version from headers:

1
webhook_version = headers.get("x-composio-webhook-version", "V2")
2
if webhook_version == "V3":
3
    # Use new structure
4
    metadata = payload["metadata"]
5
else:
6
    # Use old structure
7
    metadata = payload["data"]

Rollout Timeline

• December 2025: V3 released, opt-in via project settings
• February 15, 2026: All new organizations will default to V3
• Existing organizations: Continue using V2 by default, can opt-in to V3 anytime

How to Opt-In

1. Go to your project settings in the Composio dashboard
2. Navigate to the Webhooks section
3. Select “Webhook Payload Version: V3”
4. Update your webhook handlers to use the new structure
5. Test thoroughly before enabling in production

Benefits

• Better DX: Clear separation between metadata and actual trigger data
• Standards Compliance: Follows industry-standard webhook specifications
• Consistency: Same structure across webhooks and Pusher channels
• Future-Proof: Built on established standards for long-term compatibility

Need Help?

If you have questions about migrating to V3 or need assistance:

• Join our Discord community
• Check our documentation
• Contact support at support@composio.dev

Authentication & Configuration Updates Across Multiple Toolkits

Summary

This release includes significant authentication and configuration improvements across 16+ toolkits. The changes standardize Base URL handling, modernize authentication methods, and fix various endpoint configurations to improve reliability and flexibility.

Breaking Changes

We verified that active usage for these toolkits is practically zero before proceeding with these changes.

Make Toolkit

• Removed Region field in favor of explicit Base URL configuration
• Users must now provide the full Base URL instead of selecting a region
• This change provides more flexibility for custom deployments and regional endpoints

Bubble Toolkit

• Removed Subdomain field and restructured Base URL handling
• Users must now provide the complete Base URL instead of just the Subdomain
• This change standardizes URL configuration across all toolkits

Deprecated Features

HelloBar Toolkit

• Bearer authentication is now deprecated
• While still functional, users are encouraged to migrate to newer authentication methods
• Support for bearer tokens will be removed in a future release

FormSite Toolkit

• Bearer authentication deprecated in favor of API key authentication
• New integrations should use API key authentication for improved security
• Existing bearer token implementations will continue to work but should be migrated

Improvements & Fixes

Configuration Improvements

Linear Toolkit

• Base URL is no longer a configurable field
• The toolkit now uses a fixed endpoint, simplifying the authentication process

Kibana Toolkit

• Removed the default value for Base URL, allowing for more flexible deployment configurations
• Users can now specify custom Kibana instances without overriding defaults

Gong Toolkit

• Added a sensible default value for Base URL to simplify initial setup
• New users can connect without manually configuring the endpoint

Insightly Toolkit

• Added default value for the Pod field to streamline configuration
• Reduces setup complexity for standard deployments

ClickUp Toolkit

• Fixed the Base URL field type for proper validation and handling
• Ensures consistent URL formatting across all operations

Dynamic Endpoint Updates

Brilliant Directories Toolkit

• Implemented dynamic Base URL resolution for the Get Current User Endpoint
• Automatically adapts to different deployment environments

Braintree Toolkit

• Updated configuration to use production defaults
• Implemented dynamic endpoint resolution for better environment handling
• Improved reliability for production deployments

Auth0 Toolkit

• Replaced hardcoded endpoints with dynamic tenant-based URL resolution
• Supports multi-tenant deployments without manual configuration
• Automatically constructs the correct endpoint based on the tenant configuration

Endpoint Fixes

DataScope Toolkit

• Fixed the Get Current User Endpoint to use the correct API path
• Resolves authentication verification issues

D2L Brightspace Toolkit

• Updated the Get Current User Endpoint to match the latest API specifications
• Ensures proper user identification and session validation

Migration Guide

For toolkits with breaking changes, please update your configurations as follows:

1. Make: Replace Region with the full Base URL (e.g., https://us-east-1.make.com)
2. Bubble: Replace Subdomain with the full Base URL (e.g., https://myapp.bubbleapps.io)

For deprecated authentication methods:

• HelloBar & FormSite: Generate new API keys from your account settings and update your authentication configuration

Authentication Updates Across Multiple Toolkits

We’ve updated authentication configurations for several toolkits to improve security, fix issues, and support additional deployment options.

Summary

Breaking Changes

These toolkits had incorrect or outdated authentication configurations that needed fixing. We verified that active usage for these toolkits is practically zero before proceeding with these changes.

Impact: Existing connections will stop working. You’ll need to create new auth configs and ask affected users to reconnect.

Make

Replaced region-based configuration with full base URL input. Users now provide the complete Make instance URL (e.g., https://us2.make.com or https://us1.make.celonis.com) instead of just a region code.

Recall AI

Updated from region-based to full base URL configuration. Fixed field descriptions and metadata. Updated categories to AI/Productivity/Communication and added proper documentation links.

Relevance AI

Simplified authentication by removing deprecated Project ID field. Added conditional mapping for region codes to API subdomains (AU→f1db6c, EU→d7b62b, US→bcbe5a). Region field now defaults to US.

SmartRecruiters

Fixed OAuth configuration with correct SmartRecruiters endpoints. Added proper default scopes for candidates, jobs, and users. Enabled PKCE and added refresh token support.

Deprecated (Still Working)

These changes introduce new auth methods while keeping old ones functional:

Ashby

Added new API Key authentication scheme with automatic base64 encoding and proper authorization headers.

No Action Required: Old Basic Auth method is deprecated but continues to work. Existing connections are unaffected.

Freshdesk

Added new API Key authentication scheme requiring subdomain and API key with automatic base64 encoding.

No Action Required: Old Basic Auth method is deprecated but continues to work. Existing connections are unaffected.

Freshservice

Added new API Key authentication scheme requiring subdomain and API key with automatic base64 encoding.

No Action Required: Old Basic Auth method is deprecated but continues to work. Existing connections are unaffected.

Trello

Marked Bearer Token authentication as deprecated in favor of OAuth authentication.

No Action Required: Old Bearer auth continues to function. OAuth is recommended for new connections.

ZoomInfo

Added new OAuth2 authentication scheme with comprehensive scopes for contacts, companies, audiences, scoops, news, and intent data. Deprecated the old JWT-based Basic authentication. Password field now properly marked as secret.

No Action Required: Old JWT auth continues to function. New connections will use OAuth2.

Non-Breaking Improvements

Mixpanel

Fixed region mapping logic for data residency. Added proper conditional evaluation to map regions to correct API hosts (EU, India, or Standard). Region field is now optional and defaults to Standard server. Service account secret now properly marked as secret.

No Action Required: Existing connections continue to work without changes.

Supabase

Changed base_url field type from auth_config_field to connection_field for both OAuth and API Key schemes. Updated base action logic to respect user-provided base URLs, enabling support for self-hosted Supabase instances.

No Action Required: Existing connections continue to work. Self-hosted instances now supported.

Toolkit Deprecation: Removing Empty Toolkits

What’s Changed

We’re deprecating 15 toolkits that currently have no supported actions. These toolkits will be reactivated once we add functional actions to them, ensuring you only see integrations that are ready to use.

Deprecated Toolkits

The following toolkits are now deprecated:

• BREATHEHR, DIXA, EGNYTE, EXPENSIFY, FREEAGENT
• GUSTO, NUTSHELL, OPENNUTRITION, OYSTERHR, RAKUTEN
• SALESFLARE, TEAMLEADER, WALGREENS, WHOOP, WIX

Impact on Your Integration

API Behavior Changes

List Toolkits Endpoint

The GET /toolkits endpoint will now exclude deprecated toolkits by default.

Need to see deprecated toolkits? Use the include_deprecated query parameter.

Backward Compatibility

Your existing integrations are safe. All other endpoints continue to work with deprecated toolkits:

• Retrieve the toolkit details
• Create auth configurations
• Manage connected accounts
• Configure MCP Servers

This ensures zero breaking changes to your current implementations.

Why This Matters

This change helps you:

• Focus on working integrations - No clutter from non-functional toolkits
• Avoid integration attempts with toolkits that have no actions
• Better developer experience with a cleaner, more actionable toolkit list

Questions?

If you have questions or need support with any deprecated toolkit, reach out to our team or check our documentation.

Toolkit Deprecation: Streamlining Our Platform

What’s Changed

We’re deprecating 60 toolkits that currently have no supported actions. These toolkits will be reactivated once we add functional actions to them, ensuring you only see integrations that are ready to use.

Deprecated Toolkits

The following toolkits are now deprecated:

• ACCELO, ADOBE, AERO_WORKFLOW, AMAZON, APEX27
• APPOINTO, APPSFLYER, ATLASSIAN, AUTH0, AXONAUT
• BATTLENET, BOLDSIGN, BRAINTREE, BREEZY_HR, BREX_STAGING
• BRIGHTPEARL, BROWSERHUB, CUSTOMER_IO, DEEL, DRIP_JOBS
• EPIC_GAMES, FACTORIAL, FITBIT, FRONT, GO_TO_WEBINAR
• GURU, HELCIM, HIGHLEVEL, ICIMS_TALENT_CLOUD, IDEA_SCALE
• KEAP, LASTPASS, LEVER_SANDBOX, LEXOFFICE, MANY_CHAT
• MBOUM, MICROSOFT_TENANT, MOXIE, ONCEHUB, POPTIN
• PRECORO, PRINTNODE, QUALAROO, RAVENSEOTOOLS, RING_CENTRAL
• RIPPLING, SAGE, SALESFORCE_MARKETING_CLOUD, SEISMIC, SMARTRECRUITERS
• TAPFORM, TERMINUS, TIMEKIT, TWITCH, VENLY
• VERO, VISME, WAVE_ACCOUNTING, WIZ, ZOHO_DESK

Impact on Your Integration

API Behavior Changes

List Toolkits Endpoint

The GET /toolkits endpoint will now exclude deprecated toolkits by default.

Need to see deprecated toolkits? Use the new include_deprecated query parameter.

Backward Compatibility

Your existing integrations are safe. All other endpoints continue to work with deprecated toolkits:

• ✅ Retrieve the toolkit details
• ✅ Create auth configurations
• ✅ Manage connected accounts
• ✅ Configure MCP Servers

This ensures zero breaking changes to your current implementations.

Why This Matters

This change helps you:

• Focus on working integrations - No clutter from non-functional toolkits
• Avoid integration attempts with toolkits that have no actions
• Better developer experience with a cleaner, more actionable toolkit list

Questions?

If you have questions or need support with any deprecated toolkit, reach out to our team or check our documentation.

Deprecation of is_local_toolkit Field and Removal of is_local Query Parameter

We’re cleaning up the Toolkits API by deprecating the is_local_toolkit response field and removing the is_local query parameter filter.

What’s Changing?

Response Field: is_local_toolkit (Deprecated)

The is_local_toolkit field in toolkit API responses is now deprecated. This field was originally intended to indicate whether a toolkit was local to a specific project, but it is no longer meaningful as no toolkits use this classification.

Affected Endpoints:

• GET /api/v3/toolkits - List toolkits
• GET /api/v3/toolkits/{slug} - Get single toolkit
• GET /api/v3/toolkits/multi - Get multiple toolkits

The field will continue to be returned in API responses for backward compatibility, but it will always return false. It is marked as deprecated: true in the OpenAPI specification.

Query Parameter: is_local (Removed)

The is_local query parameter filter has been removed from the following endpoints:

• GET /api/v3/toolkits
• GET /api/v3/toolkits/multi

This parameter was used to filter toolkits by their local status, but since no toolkits are classified as local, it served no practical purpose.

Impact on Your Code

If You’re Using the is_local Query Parameter

Before:

1
// This will no longer work
2
const toolkits = await fetch('/api/v3/toolkits?is_local=true');

After:

1
// Simply remove the is_local parameter
2
const toolkits = await fetch('/api/v3/toolkits');

If You’re Reading the is_local_toolkit Response Field

The field will continue to be present in responses but will always return false. You can safely ignore this field or remove any logic that depends on it.

Before:

1
const toolkit = await composio.toolkits.get('github');
2
if (toolkit.is_local_toolkit) {
3
  // This condition will never be true
4
  handleLocalToolkit(toolkit);
5
}

After:

1
const toolkit = await composio.toolkits.get('github');
2
// Remove is_local_toolkit checks - they're no longer meaningful

Tool Router is Generally Available in TS and PY SDKs

Release Date: December 15, 2025
Python SDK Version: 0.10.1
TypeScript SDK Version: 0.3.0

Major Features Added

1. Tool Router - Stable Release

Status: Moved from experimental to stable production feature

The Tool Router is now a fully supported feature that enables creating isolated MCP (Model Context Protocol) sessions for users with scoped access to toolkits and tools.

Key Capabilities:

• Create isolated sessions with specific toolkit configurations
• Manage authentication flows for users across multiple toolkits
• Access tools via MCP-compatible server URL
• Query toolkit connection states
• Integrate with multiple AI frameworks (OpenAI, Anthropic, LangChain, LlamaIndex, CrewAI, Vercel AI SDK)

Changes:

• Removed experimental warnings and deprecated MCP functionality
• Updated all examples and documentation to reflect stable API
• Both Python and TypeScript SDKs now have full Tool Router support

Files Modified:

• python/composio/core/models/tool_router.py - Major refactoring
• ts/packages/core/src/models/ToolRouter.ts - Enhanced implementation
• All tool router examples updated across both SDKs

2. Native Tool Execution Support for Tool Router

Python SDK:

• Added native tool execution capabilities directly through Tool Router sessions
• Enhanced ToolRouterSession with improved tool execution methods
• Better integration with provider-wrapped tools

TypeScript SDK:

• Added native tool support for Tool Router sessions
• Improved type safety and error handling
• Enhanced session.tools() method for framework-specific tool objects

Impact:

• Users can now execute tools directly through Tool Router sessions without additional setup
• Improved performance and reduced complexity
• Better error handling and debugging capabilities

3. Webhook Verification Feature

New Method: composio.triggers.verifyWebhook()

Added comprehensive webhook verification functionality for secure webhook handling:

Python SDK:

• New verify_webhook() method in Triggers class
• Support for signature verification
• Enhanced error handling with new exception types

TypeScript SDK:

• New verifyWebhook() method in Triggers class
• Type-safe webhook verification
• Comprehensive test coverage (592+ test cases)

Use Cases:

• Secure webhook endpoint validation
• Signature verification for incoming webhooks
• Enhanced security for trigger-based workflows

4. LangChain v1 Support (Python SDK)

Upgrade: Ported LangChain provider to support LangChain v1

• Updated LangChain provider to work with LangChain v1 APIs
• Improved compatibility and performance
• Updated dependencies and examples

Files Modified:

• python/providers/langchain/ - Complete v1 port
• Updated demo scripts and documentation

5. CommonJS Support Fixes (TypeScript SDK)

Major Fix: Fixed CommonJS usage of @composio/core

Changes:

• Switched bundler from tsup to tsdown for better CommonJS compatibility
• Added new CommonJS example (ts/examples/cjs/)
• Fixed compatibility issues with Node.js CommonJS environments
• Updated package configuration and build process

Impact:

• Better support for Node.js projects using CommonJS
• Improved compatibility with various build tools
• Enhanced developer experience

Improvements & Enhancements

TypeScript SDK Improvements

1. Type Safety Enhancements

   • Fixed Parameters type in @composio/ts-builders package
   • Improved type inference for Tool Router sessions
   • Enhanced error type definitions

2. Error Handling

   • Added options parameter to ComposioMultipleConnectedAccountsError constructor
   • Fixed typo in deprecate decorator error message
   • Standardized error codes (using SDKErrorCodes.NO_API_KEY_PROVIDED)

3. Telemetry Improvements

   • Fixed telemetry duration calculation (now calculated after method execution)
   • Improved performance tracking accuracy

4. Dependency Updates

   • Updated zod-to-json-schema to 3.25.0 (supports zod/3)
   • Removed package override in .pnpmfile.cjs
   • Fixed version range for zod peerDependency

Python SDK Improvements

1. Bug Fixes

   • Fixed KeyError: ‘type’ when SUPABASE_BETA_RUN_SQL_QUERY is used with Agents
   • Fixed typo in auth_scheme.status property
   • Improved error handling and validation

2. Documentation

   • Added changelog entries for new features
   • Updated examples and usage guides
   • Improved API documentation

3. Testing

   • Added comprehensive tests for Tool Router functionality
   • Enhanced test coverage for connected accounts
   • Improved test reliability

Removed Features & Deprecations

Removed Features

1. Deprecated MCP Functionality
   • Removed deprecated MCP methods and classes
   • Cleaned up experimental MCP code
   • Simplified API surface

Security & Quality Improvements

1. Security Audits

   • Added pnpm audit --prod checks
   • Automated security vulnerability scanning
   • Improved dependency management

2. Code Quality

   • Enhanced linting and type checking
   • Improved test coverage
   • Better error handling

3. Documentation Security

   • Added webhook verification documentation
   • Improved security best practices guides
   • Enhanced API security documentation

Migration Guide

For Tool Router Users

If you were using the experimental Tool Router API:

Before (Experimental):

1
# Old experimental API
2
composio.experimental.tool_router.create(...)

After (Stable):

1
# New stable API
2
composio.create(...)

For CommonJS Users (TypeScript)

The CommonJS support has been significantly improved. If you were experiencing issues:

1. Update to latest version: @composio/core@1.0.0
2. Check the new CommonJS example: ts/examples/cjs/
3. No code changes required - improved compatibility out of the box

For LangChain Users (Python)

If you’re using the LangChain provider:

1. Update to LangChain v1
2. Update Composio SDK to latest version
3. Check updated examples in python/providers/langchain/

Bug Fixes

Python SDK

• Fixed KeyError when using SUPABASE_BETA_RUN_SQL_QUERY with Agents
• Fixed typo in auth_scheme.status property
• Improved error handling for connected accounts
• Fixed array parsing in JSON schema conversion

TypeScript SDK

• Fixed CommonJS compatibility issues
• Fixed Parameters type in ts-builders
• Fixed telemetry duration calculation
• Fixed error message typos
• Improved error handling for multiple connected accounts

Package Updates

Python Packages

• All provider packages updated to v0.10.0
• Core SDK: composio==0.10.0
• LangChain provider: Updated for v1 compatibility

TypeScript Packages

• Core SDK: @composio/core@0.3.0
• All provider packages updated
• Dependencies updated for better compatibility

Next Steps

Recommended Actions

1. Update Dependencies

   $
   # Python
   >
   pip install --upgrade composio
   >
   >
   # TypeScript
   >
   npm install @composio/core@latest

2. Review Breaking Changes

   • Tool Router API changes (experimental → stable)
   • Removed deprecated MCP methods
   • Updated LangChain provider requirements

3. Test Your Integration

   • Run your test suites
   • Verify Tool Router functionality
   • Check webhook verification if applicable

4. Update Documentation

   • Review API changes
   • Update code examples
   • Check migration guides

Contributors

Thank you to all contributors who made this release possible:

• Musthaq Ahamad (@haxzie)
• Alberto Schiabel (@jkomyno)
• Sushmitha Mallesh (@Sushmithamallesh)

Resources

• Documentation: https://docs.composio.dev
• GitHub Repository: https://github.com/composiohq/composio
• Issue Tracker: https://github.com/composiohq/composio/issues

Notes

• This is a major release with significant new features and improvements
• Tool Router is now production-ready and recommended for all new projects
• Python SDK is approaching v0.10.0 stable release
• TypeScript SDK continues to improve with better CommonJS support
• All changes are backward compatible where possible, with clear migration paths

For questions or support, please reach out through our GitHub issues or Support channels.

Removal of label query parameter from connected accounts API

The label query parameter has been removed from the GET /api/v3/connected_accounts endpoint.

What’s changing?

The label query parameter is no longer supported when listing connected accounts. This parameter was previously accepted but had no functional behavior since label ingestion was removed in an earlier update.

Impact

None - This is a cleanup change. The label query parameter was not performing any filtering since the underlying label ingestion functionality was already removed. If your code was passing this parameter, it was being silently ignored.

Migration

No action required. If your code was passing the label query parameter, you can safely remove it from your API calls.

Enhanced Security Masking for Sensitive Fields

We’ve improved the security masking for REDACTED fields in the following APIs:

• Get Connected Account
• List Connected Accounts

What’s Changed: Sensitive fields are now partially masked, revealing only the first 4 characters to help with debugging while maintaining security.

Example:

Before: REDACTED
After:  abcd...

Disabling Masking

If you need to disable masking for your use case, you have two options:

1. Via UI: Navigate to Project Settings → Configuration tab and update the masking settings
2. Via API: Use the Patch Project Config API