## [21.1.0] - 2024-11-19

-   Adds `getCookieNameForTokenType` config option to allow customizing the cookie name for a token type.
-   Adds `getResponseHeaderNameForTokenType` config option to allow customizing the response header name for a token type.
    -   Please note, that using this will require further customizations on the frontend
-   Fixes an issue where `removeDevice` API allowed removing verified TOTP devices without the user completing MFA.