TryMellon

QR Default — Release Notes

Release history of the QR default domain feature, from internal demo to GA.

QR Default — Release Notes

Track the evolution of the QR default domain feature from internal demo to production-ready.

v2 — General Availability (GA)

Status: Stable
Minimum versions: Backend ≥ 1.3.12 · SDK @trymellon/js ≥ 1.7
Date: March 2026

What changed

  • Packaging: QR default domain available on Growth ($79/mo), Scale ($159/mo), and Enterprise plans.
  • Session limits: Growth: 10,000 QR sessions/month. Scale: 100,000. Enterprise: unlimited.
  • Dashboard indicator: Plan Limits section shows QR default status (Enabled/Not available) and session quota.
  • Landing section: Dedicated section on the landing page explaining the bridge domain, flow diagram, benefits, and FAQs.
  • Documentation: Complete integration guide (/docs/qr-default-integration) with snippets for React, Vanilla JS, and demo-auth-app example.
  • Support playbooks: Standardized troubleshooting and demo guides for Sales/CS/Support teams.

Recommendations

  • Use the bridge domain for quick starts and POCs. Switch to your own domain for branding when ready.
  • Monitor QR session usage in Dashboard → Settings → Plan limits.
  • Set primary_qr_base_url to migrate to custom domain without re-registering users.

v1 — Beta

Status: Functional, limited audience
Minimum versions: Backend ≥ 1.2.0 · SDK @trymellon/js ≥ 1.4
Date: February 2026

What changed

  • Bridge domain live: init() returns qr_url pointing to TryMellon’s hosted /mobile-auth page.
  • Resilient polling: waitForSession() uses HTTP long-polling with graceful timeout (2–3 min).
  • Mobile context: getContext(sessionId) returns application_name and approval_context for the mobile approval screen.
  • RFC 8628 alignment: Documented mapping between Device Authorization Grant concepts and TryMellon cross-device API.

Known limitations (resolved in v2)

  • No per-plan limits on QR sessions.
  • No dashboard indicator for QR default status.
  • Documentation limited to API-level (cross-device.md); no integration guide.

v0 — Internal Demo

Status: Proof of concept
Minimum versions: Backend ≥ 1.0.0 · SDK @trymellon/js ≥ 1.3
Date: February 2026

What changed

  • Cross-device flow: Desktop QR → mobile approval → desktop session token.
  • demo-auth-app: Working QR login and QR register flows in the demo application.
  • SDK methods: crossDevice.init(), crossDevice.waitForSession(), crossDevice.approve().

Known limitations (resolved in v1)

  • No bridge domain; required deploying own /mobile-auth page.
  • No getContext() API for mobile approval screen.
  • Polling without long-polling optimization.

Version Compatibility Matrix

FeatureBackendSDKPlan
Basic QR flow≥ 1.0.0≥ 1.3Any
Bridge domain≥ 1.2.0≥ 1.4Growth+
Mobile context (getContext)≥ 1.2.5≥ 1.7Growth+
Session limits & dashboard indicator≥ 1.3.12≥ 1.7Growth+

Next Steps

TopicLink
Integration guideQR Default Integration
Cross-device API referenceCross-Device Authentication
Demo playbookDemo & Sales Playbook
Support playbookSupport Playbook