You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
Authority-only configuration parsing improvements: Early parsing of Authority into Instance/TenantId and defensive fallback in PrepareAuthorityInstanceForMsal. Behavior is backward compatible; Authority is still ignored when Instance/TenantId explicitly provided—now surfaced via a warning. See#3612.
New features
Added warning diagnostics for conflicting Authority vs Instance/TenantId: Emitting a single structured warning when both styles are provided. See#3611.
Fundamentals
Expanded authority test matrix: Coverage for AAD (v1/v2), B2C (/tfp/ normalization, policy path), CIAM (PreserveAuthority), query parameters, scheme-less forms, and conflict scenarios. See#3610.
Correctly compute Application Key when credential usage fails.
Fix bugs where agent user identities didn't work with non-default authentication schemes.
Fundamentals
Update .net version to CG compliance
Sidecar
Configure Sidecar to default AllowWebApiToBeAuthorizedByACL to true as the container doesn't do authZ
4.0.0
4.0.0
Breaking Changes
Removed support for .NET 6.0 and .NET 7.0 - Microsoft Identity Web 4.0.0 no longer targets .NET 6.0 and .NET 7.0, following Microsoft's support lifecycle. The supported target frameworks are now .NET 8.0, .NET 9.0, .NET Framework 4.6.2, .NET Framework 4.7.2, and .NET Standard 2.0.
Various improvements to performance logging, authentication, and credential loading capabilities.
Bumped MSAL.NET to 4.77.1
Added credential description extensibility. For details, see#3487
Added a new CerticateObserverAction type: SuccessfullyUsed and support for multiple certificate observers for improved certificate lifecycle management and telemetry. See#3505
Add specification of OID (in addition to upn) when requesting an authorization header for Agent User Identity. See#3513
Added ClaimsPrincipal and ClaimsIdentity extension methods for agent identity detection in web APIs enabling developers to easily detect agent identities and retrieve parent agent blueprint from token claims. See#3515
Added MicrosoftIdentityMessageHandler for flexible HttpClient authentication. Provides composable alternative to DownstreamApi with per-request authentication configuration. Supports WWW-Authenticate challenge handling. See#3503
Support for multiple certificate observers. See#3506
The Microsoft.Identity.Web.Sidecar will provide a container solution for validation and token acquisition in any-language. See#3524
Bug Fixes
Fixed TokenAcquirerFactory null reference when AppContext.BaseDirectory is root path. See#3443
Fixed IDW10405 error when using managed identity with common tenant. See#3415
Removed hard dependency on IConfiguration in OidcIdpSignedAssertionLoader. See#3414
Fundamentals
Various improvements to .NET support and dependency optimizations.
Microsoft.Abstractions updated to version9.3.0 and using IAuthenticationSchemeInformationProvider from that library, deprecating the interface of the same name in Microsoft.Identity.Web (introduced in 3.12.0).
Bug fixes
Fixed an issue with instantiation of TokenAcquirerFactory when AppContext.BaseDirectory is root path. See PR#3443 for details.
Fundamentals
Use cloud user in tests. See PR#3441 and#3442 for details.
Reload certificates for all client credential based issues to solve the issue that when a bad certificate was installed on the machine and picked up, and subsequently rotated, a service restart was needed for the new certificate to be used. See issue#3429 and PR#3430
New features
Include the thrown exception in CertificateChangeEventArg. See PR#3428 for better supportabiliby.
Updatedglobal.json to the latest .NET 9 runtime framework 9.0.108. See PR#3422 for details.
Bug fixes
FixIDW10405 error when using managed identity with common tenant. See PR#3415 for details.
FixOidcIdpSignedAssertionLoader to remove hard dependency on IConfiguration registration. See PR#3414 for details.
New feature
Add support forExtraHeaderParameters andExtraQueryParameters properties onDownstreamApiOptions to simplify adding custom headers and query parameters to downstream API requests. See PR#3413 for details.
Add better support for Azure SDK. For details seeReadme-Azure and PR#3416
Updates theDefaultAuthorizationHeaderProvider to update theAcquireTokenOptions.LongRunningWebApiSessionKey after the token is acquired so that the key can be used in the next OBO call. See PR#3381 for details.
Fundamentals
Update .NET SDK version to 9.0.107 used when building or running the code. See#3385 for details.
Improved test coverage for managed identity flows. See#3350 for details.
Update PublicApiAnalyzers and BannedApiAnalyzers to 4.14.0 Upgraded analyzer packages for improved diagnostics and code consistency (in particular delegates are added). For details see#3379
Prevented null reference when accessing MergedOptions instance. See#3337.
New feature
Added optional login_hint and domain_hint support to AccountController.SignIn endpoint. See#3244 and#3348.
Fundamentals
Introduced Long-Term Support (LTS) policy. See#3357.
Added tests to validate xms_cc (client capability) forwarding in CCA flows. See#3349.
External contributions
Thank you @evan-buss for your contribution and fixing the issue where RequiredScopeOrAppPermission extension method didn’t work with Minimal APIs. See#3323. Thank you @neha-bhargava for your contribution and ensuring AcquireTokenForConfidentialClient correctly passes MSAL exceptions. See#3345.
Updated the Json Schema to include extensiblity for signed assertion providers. See#3235
Added support for Federation Identity Credential on any OIDC Idp (FIC+OIDC credential provider). See#3255
Support for acquiring token for Federation Managed Identity (FMI). Supports theFmiPath property ofAcquireTokenOptions. See#3247
Downstream APIs now support Authorization headers with a custom SAML bearer syntax. See#3273
Bug fixes
TokenAcquirerFactory is now thread safe. See#3274
Fix a bug in the parsing of the token in the authority. See#3261
Fundamentals
Removed old Blazorwasm sample, wasm-tools and added new blazor web API:#3259,#3257,#3254
Modified the build so that, in CI/CD internal builds, the NuGet.olg NuGet source is replaced by a managed Nuget source. More verbose information added. See#3263
Fixed CS8602 Warnings in Weather.razor (BlazorApp) – Handle Nullable forecasts and user.Identity. See#3266,
IdentityWeb now provides extensibility toDefaultCredentialsLoader so that partner teams, or an SDK on top of IdWeb, can bring their own credential providers. See#3220 for details.
Bug fixes
The merged options are now being passed to MSAL for the CCA ROPC scenario. See#3207 for details.
Added JSON schema support for Microsoft.Identity.Web configuration. This allows for schema validation in theappsettings.json, improving configuration accuracy and developer experience. To use it, add the following at the top of your appsettings.json: "$schema": "https://github.com/AzureAD/microsoft-identity-web/blob/master/JsonSchemas/microsoft-identity-web.json" This update enhances the configuration process by providing clear structure and validation for settings used in Microsoft.Identity.Web. See PR#3119 for details.
Fundamentals
Fix a flaky test in the L1L2Cache tests. See PR#3122 for details.
In .NET 8 and above,IDownstreamApi overloads take aJsonTypeInfo<T> parameter to enable source generated JSON deserialization. See issue#2930 for details.
Bug fixes:
Azure region is used while creating application keys when the TokenAcquisition service caches application objects, and the TokenAcquirerFactory caches TokenAcquirer. See#3002 for details.
Improved error messages for FIC. See issue#3000 for details.
Fundamentals:
Improved test coverage forGetCacheKey. See PR#3020 for details.
Update to .NET 9-RC1. See issue#3025 for details.
Fix static analysis warnings. See PR#3024 for details.
3.1.0
3.1.0
Updated to Microsoft.IdentityModel.* 8.0.2
Security improvement:
Id Web now usesCaseSensitiveClaimsIdentity by default and provides AppContextSwitches to fallback to usingClaimsIdentity. This means that when you loopup claims with FindFirst(), FindAll() and HasClaim(), you need to provide the right casing for the claim. See PR#2977 for details.
Bug fixes:
For SN/I scenarios, Id Web'sGetTokenAcquirer now setsSendX5C in particular protocols. See issue#2887 for details.
Fix for Instance/Tenant parsing for V2 authority (affected one Entra External IDs scenario). See PR#2954 for details.
Fix regex that threw a format exception:The input string " was not in a correct format when enablingsame-site cookie compatibility with userAgent: "Dalvik/2.1.0 (Linux; U; Android 12; Chromecast Build/STTE.230319.008.H1). See issue#2879 for details.
Microsoft.Identity.Web 3.1.0 now has an upper bound set on its dependency on Microsoft.Identity.Abstractions to version 7x to avoid referencing Microsoft.Identity.Abstractions 8.0.0, which has an interface breaking change, not yet implemented in Microsoft.Identity.Web. See PR#2962 for details.
It's now possible to build a specific version of Microsoft.Identity.Web based on specific versions of Microsoft.IdentityModel and Microsoft.Identity.Abstractions by specifying build variables on the dotnet pack command (MicrosoftIdentityModelVersion, MicrosoftIdentityAbstractionsVersions, and MicrosoftIdentityWebVersion):#2974,#2990
Updated to Microsoft.Identity.Abstractions 6.0.0 which adds one method toIAuthorizationHeaderProvider
New features
Implements the updatedIAuthorizationHeaderProvider interface (the new method CreateAuthorizationHeaderForAppAsync). See issue#2907
If anIMsalHttpClientFactory is added to the service collection, it's not used by IdWeb token acquisition. See issue#2911 This will be use to enable some IPv6 scenarios.
Bug fixes
Fix metadata address creation when using AddMicrosoftIdentityWebApp. See issue#2752
Use MSAL.NET instead of DefaultAzureCredential for Federation identity credentials scenario. See2894
Fundamentals
Updating Lab Api to 0.13.3
2.19.1
2.19.1
Updated MSAL .Net to 4.61.3
Updated Azure.Identity to 1.11.4
2.19.0
2.19.0
Updated to Microsoft.IdentityModel.* 7.6.0
New features
Id Web now provides a.WithUser() modifier to the Microsoft Graph queries (likeWithAppOnly()). See issue#2855 for details.
Id Web now provides a base class for implementing a customIAuthorizationHeaderProvider. See issue#2856 for details.
Bug fixes
Id Web now processes the extra query parameters when included as part of the authority. See issue#2697 for details.
2.18.2
2.18.2
New feature
Target Microsoft.IdentityModel 7x in OWIN targets, see issue#2785 for details.
Bug fixes
Id Web now accepts an env var to disable interactive auth forKeyVaultCertificateLoader, see issue#2647 for details.
Id Web token acquisition on ASP.NET Core 2.x on net472 or net48 implementsITokenAquirerFactory, see issue#2849 for details.
2.18.1
2.18.1
Updated to Microsoft.IdentityModel.* 7.5.1
Bug fix
Fix for FIC due to appending./default, see issue#2796 for details.
2.18.0
2.18.0
Update to Microsoft.Identity.Abstractions 5.3.0
Update Azure.Security libraries to 4.6.0
New features
Added support for Managed Identity Federated Identity Credential. See issue#2749 for details.
Added support to read a section to register multiple downstream APIs. See issue#2255 for details.
Bug fix
TokenAcquirer factory is now thread safe and can handle multiple azure regions. See issue#2765 for details.
2.17.5
2.17.5
Updated to MSAL 4.59.1.
2.17.4
2.17.4
Bug fix
Fix assertions being removed fromdict before callback is executed in TokenAcquisition. See issue#2734 for details.
2.17.3
2.17.3
Updated to Microsoft.IdentityModel.* 7.5.0, seerelease notes.
2.17.2
2.17.2
New features
Added support for CIAM custom user domains. You can now use an Open ID connect authority in the "Authority" property of the configuration instead of using "Instance" and "Tenant". See issue#2690 for details.
2.17.1
2.17.1
Updated to Microsoft.IdentityModel.* 7.4.0
New features
DownstreamApi now automatically processes claims challenge from web APIs which are CAE enabled, provided you set "ClientCapablities" : ["cp1"] in the configuation. See issue#2550.
Bug fixes
Fixes the use ofServiceDescriptor for containers which have keyed services present. This can be an issue on .NET 8.0. See issue#2676 for details.
Engineering excellence
Calls toConfidentialClientApplicationBuilderExtension.WithClientCredentials are fully async. See issue#2566 for details.
2.17.0
2.17.0
Updated to Microsoft.IdentityModel.* 7.3.1 and MSAL.NET 4.59.0
In OWIN applications, GetTokenForUserAsync now respects the ClaimsPrincipal. See issue#2629 for details.
After settingAddTokenAcquisition(useSingleton:true) to use token acquisition as a singleton, if you use.AddMicrosoftGraph and/or.AddDownstreamApi after this call, the GraphServiceClient and IDownstreamApis are now registered as a singleton service. For details seePR #2645
Added check Against Injection Attacks. For details seePR 2619
Update Microsoft.Identity.Abstractions 5.1.0 and Microsoft.IdentityModel.* 7.1.2
Bug Fixes
In OWIN, Id Web now respects the passed in user argument. See issue#2585 for details.
2.16.0
Leverage IdentityModel 7.x on all .NET core frameworks.
2.15.5
2.15.5
Update to .NET 8 GA
Update to Microsoft.Graph 5.34.0
Bug Fixes
Fixes an issue where users were not able to override ICredentialsLoader. See#2564 for details.
The latest patch version is no longer used in dependencies, as it made builds non-deterministic. See#2569 for details.
Removed dependencies that were no longer needed. See#2577 for details.
Fixes an issue where the build did not look up project names as package dependencies. See#2579 for more details.
Fundamentals
Enable baseline package validation, see#2572 for details.
Improve trimmability on .NET 8, see#2574 for details.
2.15.3
2.15.3
Update Azure.Identity library to 1.10.2 forCVE-2023-36414.
Bug Fixes:
Microsoft.Identity.Web honors the user-provided value for the cache expiry for in-memory cache. See#2466 for details.
2.15.2
2.15.2
For the .NET 8 rc2 target framework, the IdentityModel dependencies have been updated to Identity.Model.*.7.0.3.
Bug Fixes
Fixes a regression introduced in 2.15.0 where the OnTokenValidated delegates were no longer chained with an await. See issue#2513.
2.15.1
2.15.1
Updated IdentityModel dependencies to Identity.Model.*.6.33.0 for all target frameworks other than .NET 8 rc1, for which Microsoft,Identity.Web leverages Identity.Model 7.0.2
New features
TokenAcquirerFactory now adds support for reading the configuration from environment variables. See issue#2480
Experimental API
(to get feedback, could change without bumping-up the major version)
It's now possible for an application to observe the client certificate selected by Token acquirer from the ClientCredentials properties, and when the certicate is un-selected (because it's rejected by the Identity Provider, as expired, or revoked). SeeObserving client certificates. PR#2496
Bug Fixes
Fixes a resiliency issue where the client certificate rotation wasn't always happening (from KeyKeyVault, or certificate store with same distinguished name). See#2496 for details.
In the override of AddMicrosoftIdentityWebApp taking a delegate, the delegate is now called only once (it was called twice causing the TokenValidated event to be called twice as well).Fixes#2328
Fixes a regression introduced in 2.13.3, causing the configuration to not be read, when using an app builder other than the WindowsAppBuilder with AddMicroosftIdentityWebApp/Api, unless you provided an empty authentication scheme when acquiring a token.Fixes#2460,#2410,#2394
2.14.0
Update to Abstractions 5.0.0
Include newOpenIdConnect options from net 8. See PR#2462
dependenciesPull requests that update a dependency file.NETPull requests that update .NET code
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
UpdatedMicrosoft.Identity.Web from 1.26.0 to 4.1.1.
Release notes
Sourced fromMicrosoft.Identity.Web's releases.
4.1.1
Bug fixes
New features
Fundamentals
4.1.0
New features
Dependencies updates
Entra ID SDK sidecar
Documentation
Fundamentals
4.0.1
Bugs fixes
Fundamentals
Sidecar
4.0.0
4.0.0
Breaking Changes
Removed support for .NET 6.0 and .NET 7.0 - Microsoft Identity Web 4.0.0 no longer targets .NET 6.0 and .NET 7.0, following Microsoft's support lifecycle. The supported target frameworks are now .NET 8.0, .NET 9.0, .NET Framework 4.6.2, .NET Framework 4.7.2, and .NET Standard 2.0.
SeeMIGRATION_GUIDE_V4
New features
Bug Fixes
Fundamentals
3.14.1
3.14.1
Bug fixe
3.14.0
New features
3.13.1
3.13.1
Dependencies updates
3.13.0
3.13.0
Dependencies updates
Bug fixes
Fundamentals
3.12.0
3.12.0
Dependencies updates
Bug fix
Reload certificates for all client credential based issues to solve the issue that when a bad certificate was installed on the machine and picked up, and subsequently rotated, a service restart was needed for the new certificate to be used. See issue#3429 and PR#3430
New features
3.11.0
3.11.0
Dependencies updates
global.jsonto the latest .NET 9 runtime framework 9.0.108. See PR#3422 for details.Bug fixes
IDW10405error when using managed identity with common tenant. See PR#3415 for details.OidcIdpSignedAssertionLoaderto remove hard dependency on IConfiguration registration. See PR#3414 for details.New feature
ExtraHeaderParametersandExtraQueryParametersproperties onDownstreamApiOptionsto simplify adding custom headers and query parameters to downstream API requests. See PR#3413 for details.What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.10.0...3.11.0
3.10.0
3.10.0
Dependencies updates
global.jsonto the latest .NET 9 runtime framework 9.0.107 (#3385).New feature
introducing the
Microsoft.Identity.Web.AgentIdentitiespackage .Bug fixes
Fundamentals
3.9.4
3.9.4
Package updates
Bug fix
DefaultAuthorizationHeaderProviderto update theAcquireTokenOptions.LongRunningWebApiSessionKeyafter the token is acquired so that the key can be used in the next OBO call. See PR#3381 for details.Fundamentals
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.9.3...3.9.4
3.9.3
3.9.3
Package updates
Fundamentals
.clinerulesto help with AI tooling.What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.9.2...3.9.3
3.9.2
3.9.2
Package updates
Fundamentals:
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.9.1...3.9.2
3.9.1
3.9.1
Package updates
Fundamentals
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.9.0...3.9.1
3.9.0
3.9.0
Package updates
Bug fixes
New feature
Fundamentals
External contributions
Thank you @evan-buss for your contribution and fixing the issue where RequiredScopeOrAppPermission extension method didn’t work with Minimal APIs. See#3323.
Thank you @neha-bhargava for your contribution and ensuring AcquireTokenForConfidentialClient correctly passes MSAL exceptions. See#3345.
3.8.4
3.8.4
Package updates
Bug fixes
New feature
Fundamentals
3.8.3
3.8.3
Package updates
New feature
TokenAcquistion.csadds its service provider to the acquisition options. See issue#3315 for details.3.8.2
3.8.2
New feature
TokenCacheNotificationArgsindicates that distributed cache is configured when it should not have been. See#3304.3.8.1
New features
Bug fixes
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.8.0...3.8.1
3.8.0
3.8.0
New feature
FmiPathproperty ofAcquireTokenOptions. See#3247Bug fixes
Fundamentals
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.7.1...3.8.0
3.7.1
3.7.1
3.7.0
3.7.0
New Feature
DefaultCredentialsLoaderso that partner teams, or an SDK on top of IdWeb, can bring their own credential providers. See#3220 for details.Bug fixes
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.6.2...3.7.0
3.6.2
3.6.2
Fundamentals
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.6.1...3.6.2
3.6.1
3.6.1
3.6.0
3.6.0
Bug fixes
OpenIdConnectCachingSecurityTokenProvider. See Issue#3078Fundamentals
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.5.0...3.6.0
3.5.0
Bug fixes
Fundamentals
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.4.0...3.5.0
3.4.0
3.4.0
New features
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.3.1...3.4.0
3.3.1
3.3.1
Supportability
appsettings.json, improving configuration accuracy and developer experience. To use it, add the following at the top of your appsettings.json:"$schema": "https://github.com/AzureAD/microsoft-identity-web/blob/master/JsonSchemas/microsoft-identity-web.json"This update enhances the configuration process by providing clear structure and validation for settings used in Microsoft.Identity.Web. See PR#3119 for details.
Fundamentals
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.3.0...3.3.1
3.3.0
3.3.0
New features
Fundamentals
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.2.2...3.3.0
3.2.2
3.2.2
3.2.1
3.2.1
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.2.0...3.2.1
3.2.0
3.2.0
New features
IDownstreamApioverloads take aJsonTypeInfo<T>parameter to enable source generated JSON deserialization. See issue#2930 for details.Bug fixes:
Fundamentals:
GetCacheKey. See PR#3020 for details.3.1.0
3.1.0
Security improvement:
CaseSensitiveClaimsIdentityby default and provides AppContextSwitches to fallback to usingClaimsIdentity. This means that when you loopup claims with FindFirst(), FindAll() and HasClaim(), you need to provide the right casing for the claim. See PR#2977 for details.Bug fixes:
GetTokenAcquirernow setsSendX5Cin particular protocols. See issue#2887 for details.The input string " was not in a correct formatwhen enablingsame-site cookie compatibility with userAgent: "Dalvik/2.1.0 (Linux; U; Android 12; Chromecast Build/STTE.230319.008.H1). See issue#2879 for details.Fundamentals:
AzureKeyVault@2in AzureDevOps,#2981.What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.0.1...3.1.0
3.0.1
3.0.1
3.0.0
3.0.0
CVE package updates
CVE-2024-30105
See PR#2929 for details.
Updated to Microsoft.IdentityModel.* 8.0.0, Microsoft.Identity.Lab API 1.0.2, Microsoft.Identity.Abstractions 6.0.0
Seerel/v2 changelog for full list of added features to 3.0.0.
Fundamentals:
3.0.0-preview3
3.0.0-preview3
3.0.0-preview2
3.0.0-preview2
New features:
3.0.0-preview1
3.0.0-preview1
Breaking changes
New features
.net9.0-preview, see issue#2702 for details.AcceptHeaderandContentTypeif provided, see issue#2806 for details.2.21.0
2.21.0
CVE package updates
CVE-2024-30105
2.20.0
2.20.0
IAuthorizationHeaderProviderNew features
IAuthorizationHeaderProviderinterface (the new method CreateAuthorizationHeaderForAppAsync). See issue#2907IMsalHttpClientFactoryis added to the service collection, it's not used by IdWeb token acquisition. See issue#2911This will be use to enable some IPv6 scenarios.
Bug fixes
Fundamentals
2.19.1
2.19.1
2.19.0
2.19.0
New features
.WithUser()modifier to the Microsoft Graph queries (likeWithAppOnly()). See issue#2855 for details.IAuthorizationHeaderProvider. See issue#2856 for details.Bug fixes
2.18.2
2.18.2
New feature
Bug fixes
KeyVaultCertificateLoader, see issue#2647 for details.ITokenAquirerFactory, see issue#2849 for details.2.18.1
2.18.1
Bug fix
./default, see issue#2796 for details.2.18.0
2.18.0
New features
Bug fix
2.17.5
2.17.5
2.17.4
2.17.4
Bug fix
dictbefore callback is executed in TokenAcquisition. See issue#2734 for details.2.17.3
2.17.3
2.17.2
2.17.2
New features
2.17.1
2.17.1
New features
Bug fixes
ServiceDescriptorfor containers which have keyed services present. This can be an issue on .NET 8.0. See issue#2676 for details.Engineering excellence
ConfidentialClientApplicationBuilderExtension.WithClientCredentialsare fully async. See issue#2566 for details.2.17.0
2.17.0
New features
Bug fixes
AddTokenAcquisition(useSingleton:true)to use token acquisition as a singleton, if you use.AddMicrosoftGraphand/or.AddDownstreamApiafter this call,the GraphServiceClient and IDownstreamApis are now registered as a singleton service. For details seePR #2645
Engineering excellence
2.16.1
2.16.1
Bug Fixes
2.16.0
Leverage IdentityModel 7.x on all .NET core frameworks.
2.15.5
2.15.5
Bug Fixes
Fundamentals
2.15.3
2.15.3
Bug Fixes:
2.15.2
2.15.2
Bug Fixes
2.15.1
2.15.1
New features
Experimental API
(to get feedback, could change without bumping-up the major version)
Bug Fixes
2.14.0
OpenIdConnectoptions from net 8. See PR#2462Bug Fixes
2.13.4
2.13.4
Description has been truncated