chore(main): release 3.0.0 (#395)

workos-sdk-automation[bot] · web-flow · commit dd7ef5586de3 · 2026-03-25T15:10:58.000-05:00
Co-authored-by: workos-sdk-automation[bot] &lt;255426317+workos-sdk-automation[bot]@users.noreply.github.com&gt;
diff --git a/.release-please-manifest.json b/.release-please-manifest.json
@@ -1,3 +1,3 @@
 {
-  ".": "2.17.0"
+  ".": "3.0.0"
 }
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,24 @@
 # Changelog
 
+## [3.0.0](https://github.com/workos/authkit-nextjs/compare/v2.17.0...v3.0.0) (2026-03-25)
+
+
+### ⚠ BREAKING CHANGES
+
+* add OAuth state verification on callback to prevent CSRF attacks ([#388](https://github.com/workos/authkit-nextjs/issues/388))
+
+### Features
+
+* add OAuth state verification on callback to prevent CSRF attacks ([#388](https://github.com/workos/authkit-nextjs/issues/388)) ([ebef6e7](https://github.com/workos/authkit-nextjs/commit/ebef6e7b51556bf08b1714e2d3f5765a59d9c7f0))
+* **middleware:** add authkitProxy and handleAuthkitProxy aliases for proxy.ts ([#384](https://github.com/workos/authkit-nextjs/issues/384)) ([4c3f27b](https://github.com/workos/authkit-nextjs/commit/4c3f27b40c9a4ea295ef002dd0a2c32b9740f1ae))
+
+
+### Bug Fixes
+
+* **actions:** catch TokenRefreshError in refreshAccessTokenAction to prevent 500s ([#383](https://github.com/workos/authkit-nextjs/issues/383)) ([5c46c39](https://github.com/workos/authkit-nextjs/commit/5c46c394fe00b9552665b51ca42b23d00416c704))
+* **auth:** return signInUrl from server actions to avoid CORS errors ([#386](https://github.com/workos/authkit-nextjs/issues/386)) ([7d52400](https://github.com/workos/authkit-nextjs/commit/7d52400b8e62bc9d1a4f40b3400ae7586e511098))
+* harden PKCE/CSRF for v3.0.0 release ([#398](https://github.com/workos/authkit-nextjs/issues/398)) ([8054829](https://github.com/workos/authkit-nextjs/commit/80548297ac45f15f0774b84e5981b80009412b8b))
+
 ## [2.17.0](https://github.com/workos/authkit-nextjs/compare/v2.16.1...v2.17.0) (2026-03-13)
 
 
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@workos-inc/authkit-nextjs",
-  "version": "2.17.0",
+  "version": "3.0.0",
   "description": "Authentication and session helpers for using WorkOS & AuthKit with Next.js",
   "packageManager": "pnpm@10.28.0",
   "sideEffects": false,

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`	`1`	`{`
`2`		`- ".": "2.17.0"`
	`2`	`+ ".": "3.0.0"`
`3`	`3`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@workos-inc/authkit-nextjs",`
`3`		`- "version": "2.17.0",`
	`3`	`+ "version": "3.0.0",`
`4`	`4`	`"description": "Authentication and session helpers for using WorkOS & AuthKit with Next.js",`
`5`	`5`	`"packageManager": "pnpm@10.28.0",`
`6`	`6`	`"sideEffects": false,`