4.2.2 (2019-10-23)

• [FIXED] Stopped disabling the IAM auth plugin after failed IAM authentications. Subsequent requests will re-request authorization, potentially failing again if the original authentication failure was not temporary.
• [FIXED] Ensure IAM API key can be correctly changed.
• [FIXED] Callback with an error when a user cannot be authenticated using IAM.
• [FIXED] Ensure authorization tokens are not unnecessarily requested.
• [IMPROVED] Do not apply cookie authentication by default in the case that no credentials are provided.
• [IMPROVED] Preemptively renew authorization tokens that are due to expire.