What does this release signal mean?

Cloudflare (Workers AI) published cloudflare/workers-oauth-provider v0.7.0 (cloudflare/workers-oauth-provider). This release signal is evidence of what shipped, changed, or was packaged for users. High-signal details: Routine library release, not AI-related · v0.7.0 Repository: cloudflare/workers-oauth-provider Tag: v0.7.0 Published: 2026-05-21T12:07:17Z Prerelease: no Release notes: Minor Changes -.... onlylabs links this event to 1 captured evidence page and 6 related release signals.

Cloudflare (Workers AI) Release: cloudflare/workers-oauth-provider v0.7.0

Captured source

source ↗

GitHub/github.com/cloudflare/workers-oauth-provider

cloudflare/workers-oauth-provider v0.7.0

Source ↗

published May 21, 2026seen 5dcaptured 9hhttp 200method plain

v0.7.0

Repository: cloudflare/workers-oauth-provider

Tag: v0.7.0

Published: 2026-05-21T12:07:17Z

Prerelease: no

Release notes:

Minor Changes

#208 `c59c37b` Thanks @mattzcarey! - Experimentally support MCP Enterprise-Managed Authorization ID-JAG assertions through the JWT bearer grant.

#206 `13ff269` Thanks @itsandy-canva! - Expose grantId to tokenExchangeCallback via TokenExchangeCallbackOptions.

Implementations of tokenExchangeCallback already received userId and clientId, but had no way to identify which specific grant the library was operating on. This made it impossible to surgically revoke a single grant from the callback (e.g. on a terminal upstream refresh failure) — implementations had to either sweep all grants for a (userId, clientId) pair (racy under concurrent refreshes) or maintain their own out-of-band mapping.

grantId is now provided alongside userId so callbacks can pass them directly to OAuthHelpers.revokeGrant. Populated for all three grant types (authorization_code, refresh_token, token_exchange). Stable across refreshes for the lifetime of the grant.

Notability

notability 3.0/10

Routine library release, not AI-related