Salesforce Mobile SDK 13.2.0

What's New in Mobile SDK 13.2

Mobile SDK 13.2 is a minor release that enhances authentication flexibility, enabling developers to seamlessly support multiple environments, roll out new scopes, and dynamically manage OAuth configurations.

Dynamic Scope Retrieval

We no longer require apps to statically define OAuth scopes in their bootconfig file. If you don't specify a list of scopes, the client automatically uses the server-defined scopes, and the user is granted all the configured scopes from the external client app or connected app.

Runtime Consumer Key Selection

You can now dynamically override the consumer key, redirect URI, and scopes at runtime based on the login host the user selects.

Refresh Token Migration

Apps can now seamlessly migrate an active user's refresh token to a new OAuth configuration without requiring the user to log out and log back in. This mechanism facilitates the controlled and incremental adoption of new OAuth settings, such as migrating from standard opaque tokens to JWT-based access tokens, or transitioning from a connected app to an external client app.

AuthFlowTester Sample App and Dev Support Enhancements

We created a sample app called AuthFlowTester, which you can use to test the authentication APIs we added in Mobile SDK 13.2.

Biometric Authentication with Native Login

You can now use biometric authentication with native login on Android.

Version Updates

• Gradle: 8.14.3
• Android Gradle Plugin: 8.12.0
• Cordova command line: 13.0.0
• Npm: 10.0 to latest
• Node: 20.0 to latest LTS
• React Native: 0.81.5

Important: In Mobile SDK 14.0, our minimum supported version of Kotlin is jumping from Kotlin 1.6 to Kotlin 2.0. To keep your apps working as expected, upgrade to Kotlin 2.0 before Mobile SDK 14.0 comes out in 2026.

Deprecated APIs

Check your compiler warnings, or see Android Current Deprecations.

Salesforce Mobile SDK 13.1.1

What's New in Mobile SDK 13.1.1

Mobile SDK 13.1.1 is a minor patch release that features this change.

• We fixed a bug that caused login failures on welcome.salesforce.com for orgs configured with advanced authentication.
• We fixed a bug that prevented the app from showing the login screen when there’s only one account logged in and the user’s refresh token is revoked.
• We fixed a bug that caused push registration to fail for community users.
• We fixed a bug that prevented the MDM showOnlyAuthorizedHosts parameter from being respected when enabled.
• We fixed app generation for React Native templates, which was broken by a recent dependency update.

How to Upgrade Your Apps

For information on upgrading Mobile SDK apps, follow the instructions at Migrating from the Previous Release.

Salesforce Mobile SDK 13.1.0

What's New in Mobile SDK 13.1

Mobile SDK 13.1 is a minor release that features client-side support for WebSockets, Android 16 support, updates to QR code login, and enhancements for internal apps around actionable notifications and login with the Salesforce welcome domain.

In interim releases, we often deprecate items in native libraries for removal in an upcoming major release. Be sure to check your compiler logs for deprecation warnings so that you can address any changes before they go into effect.

WebSockets Support

We added support for WebSockets, a bidirectional TCP connection that works with our authentication features and products like Agentforce Speech Foundation.

Android 16 Compatibility

We successfully tested Mobile SDK for compatibility with Android 16. See Android Version 16.

QR Code Login Updates

We fixed a QR code login bug that occurred when web server flow was disabled or a native browser was configured. We also implemented a check to ensure the consumer key in the QR code matches the one configured in the app.

Internal Login with Welcome Domain

Internal apps can now log in with welcome.salesforce.com. The welcome login domain is not yet available to external apps.

Version Updates

• Gradle 8.14.2
• Android Gradle Plugin 8.10.0
• React Native 0.79.3
• SQLCipher 4.10.0
• Cordova 14.0.1

Removed APIs

See Android APIs Removed in Mobile SDK 13.1.

Deprecated APIs

Check your compiler warnings, or see Android Current Deprecations.

Salesforce Mobile SDK 13.0.2

What's New in Mobile SDK 13.0.2

Mobile SDK 13.0.2 fixes a bug found in version 13.0, which inadvertently logged some users out after they upgraded their app from version 11.0 or older.

How to Upgrade Your Apps

For information on upgrading Mobile SDK apps, follow the instructions at Migrating from the Previous Release.

Salesforce Mobile SDK 13.0.1

What's New in Mobile SDK 13.0.1

Mobile SDK 13.0.1 is a minor patch release that features these changes.

• We now fetch userIdentity, whereas in Mobile SDK 13.0 we didn’t.
• We improved the readability of status bar icons when the device theme and dynamic login color differ.

How to Upgrade Your Apps

For information on upgrading Mobile SDK apps, follow the instructions at Migrating from the Previous Release.

Salesforce Mobile SDK 13.0.0

What's New in Mobile SDK 13.0.0

Mobile SDK 13.0 is a major release that features a login redesign, REST wrappers for SFAP APIs, JWT-based access tokens support, LogReceiver support, and SmartStore support for several SQLCipher editions.

In major releases, we typically remove items that have been deprecated. To learn about new features and breaking changes that can affect your app, read the rest of this article. In every release, be sure to check your compiler logs for deprecation warnings so that you can address these changes before they go into effect.

Login Redesign

We redesigned the login experience on Android. The redesign features a modernized architecture that uses Jetpack Compose and Model-View-ViewModel (MVVM), and these general changes.

• On the login screen, the top and bottom native elements now match the login WebView background by default.
• You can now customize the login screen in LoginViewModel without subclassing LoginActivity.
• You can now use the login server picker without leaving the login screen.
• For apps that exclusively use advanced authentication, we added a single-server Custom Tab login option that bypasses the standard WebView.
• The user account switcher is now a bottom sheet that displays over the host app.

See also:

• Customizing the Android Login Screen Programmatically
• Migrating to Modern Android Login

Note: The login redesign introduces new localizable strings. If your app supports localization, see our updated list of localized strings in sf__strings.xml and localize the latest additions.

REST Wrappers for SFAP APIs

We introduced REST wrappers for SFAP APIs in the SfapApiClient class. SFAP requires JWT-based access tokens, which we now support. See REST Wrappers for SFAP APIs.

Receive Logs with LogReceiver

You can now receive logs with LogReceiver. See Receiving Logs with LogReceiver.

SmartStore Support for SQLCipher Editions

Smartstore now supports SQLCipher Commercial, Enterprise, and Enterprise FIPS. See Using SQLCipher with SmartStore.

Version Updates

• Android SDK (min API): 28
• Android SDK (target API): 35
• Default SDK version for hybrid apps: 35

External Component Version Updates

• React Native: 0.74.7

Removed APIs

See Android APIs Removed in Mobile SDK 13.0.

Deprecated APIs

Check your compiler warnings, or see Android Current Deprecations.

How to Upgrade Your Apps

For information on upgrading Mobile SDK apps, follow the instructions at Migrating from the Previous Release.

Salesforce Mobile SDK 12.2.0

What's New in Salesforce Mobile SDK 12.2.0

Mobile SDK 12.2 is a minor release that features QR code login, refresh behavior enhancements, and modernized support for Android.

In interim releases, we often deprecate items in native libraries for removal in an upcoming major release. Be sure to check your compiler logs for deprecation warnings so that you can address any changes before they go into effect.

Android 15 (API 35) Compatibility

We’ve successfully tested Mobile SDK for compatibility with Android 15. See Android Version 15.

Single Access UI Bridge API

When displaying a Salesforce UI in a webview or external browser without requiring users to re-enter their credentials, we now use the Single Access UI Bridge API (UI Bridge API for short) to construct the frontdoor URL, which was previously constructed manually. See also:

• Supported Salesforce APIs.
• Salesforce Help: Generate a Frontdoor URL to Bridge into UI Sessions

QR Code Login

With the help of Apex classes, Visualforce Pages, UI Bridge API, and new Mobile SDK methods, we can now log users in with a QR code. To learn more about QR code login and how to set it up, see:

• QR Code Login with Single Access UI Bridge API
• QR Code Login Prerequisites
• QR Code Login for Android

Refresh Behavior Enhancements

We enhanced our token refresh behavior for 403 (Bad_OAuth_Token) responses. Where apps previously managed a 403 response by performing a preliminary REST call to update the access token, we now refresh the token automatically.

The new refresh behavior impacts the /service/oauth2 endpoint and helps with our new REST wrapper for UI Bridge API.

Login Screen Bug Fix and Breaking Change

We fixed a bug that sometimes caused the login screen to relaunch after a successful authentication.
Important: This bug fix introduced a breaking change. If your app overrides LoginActivity or uses advanced authentication, change the launch mode from singleTop to singleTask.

Hybrid Remote Application Session Management

In hybrid remote applications, we now use session IDs (sourced from the login and refresh token endpoints) to load the app’s start page. This replaces the behavior in previous versions, which relied on a frontdoor URL to establish a UI session.

Note: This feature requires hybrid authentication, which is enabled by default. To verify the hybrid authentication setting, verify that the useHybridAuthentication property in SalesforceSDKManager is set to true.

External Component Version Updates

• Android Gradle Plugin: 8.6.1
• React Native: 0.74.5

How to Upgrade Your Apps

For information on upgrading Mobile SDK apps, follow the instructions at Migrating from the Previous Release.

Salesforce Mobile SDK 12.1.1

What's New in Salesforce Mobile SDK 12.1.1

Mobile SDK 12.1.1 is a minor patch release that features these changes:

• We fixed a bug that cleared user account fields locally when some users logged in immediately after logout.
• SQLCipher upgrade: 4.6.1 which now supports binding NULL parameters - see the SQLCipher release notes.
• SQLite upgrade: 3.46.1
• Google Lifecycle upgrade: 2.8.4

How to Upgrade Your Apps

For information on upgrading Mobile SDK apps, follow the instructions at Migrating from the Previous Release.

Salesforce Mobile SDK 12.1.0

What's New in Salesforce Mobile SDK 12.1.0

Mobile SDK 12.1 is a minor release that introduces user-registration and password-reset flows to the native login suite for Experience Cloud.

In interim releases, we often deprecate items in native libraries for removal in an upcoming major release. Be sure to check your compiler logs for deprecation warnings so that you can address any changes before they go into effect.

Native User Registration and Password Reset

We added user-registration and password-reset support for Experience Cloud sites, which means you can now fully customize the UI for these flows.

• Native User Registration
• Native Password Reset

External Component Version Updates

• Gradle: 8.7.0
• SQLCipher: 4.6.0
• Cordova: 13.0.0
• React Native: 0.74.3

How to Upgrade Your Apps

For information on upgrading Mobile SDK apps, follow the instructions at Migrating from the Previous Release.

Salesforce Mobile SDK 12.0.1

What's New in Salesforce Mobile SDK 12.0.1

Mobile SDK 12.0.1 is a minor patch release that features these changes.

• Fine-tuned access modifiers on classes recently migrated from Java to Kotlin, ensuring seamless compatibility for the apps that extend them.
• An upgrade to SQLCipher 4.5.7. See the SQLCipher release notes at SQLCipher 4.5.7.

How to Upgrade Your Apps

For information on upgrading Mobile SDK apps, follow the instructions at Migrating from the Previous Release.