You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
Updatedglobal.json to the latest .NET 9 runtime framework 9.0.108. See PR#3422 for details.
Bug fixes
FixIDW10405 error when using managed identity with common tenant. See PR#3415 for details.
FixOidcIdpSignedAssertionLoader to remove hard dependency on IConfiguration registration. See PR#3414 for details.
New feature
Add support forExtraHeaderParameters andExtraQueryParameters properties onDownstreamApiOptions to simplify adding custom headers and query parameters to downstream API requests. See PR#3413 for details.
Add better support for Azure SDK. For details seeReadme-Azure and PR#3416
Updates theDefaultAuthorizationHeaderProvider to update theAcquireTokenOptions.LongRunningWebApiSessionKey after the token is acquired so that the key can be used in the next OBO call. See PR#3381 for details.
Fundamentals
Update .NET SDK version to 9.0.107 used when building or running the code. See#3385 for details.
Improved test coverage for managed identity flows. See#3350 for details.
Update PublicApiAnalyzers and BannedApiAnalyzers to 4.14.0 Upgraded analyzer packages for improved diagnostics and code consistency (in particular delegates are added). For details see#3379
Prevented null reference when accessing MergedOptions instance. See#3337.
New feature
Added optional login_hint and domain_hint support to AccountController.SignIn endpoint. See#3244 and#3348.
Fundamentals
Introduced Long-Term Support (LTS) policy. See#3357.
Added tests to validate xms_cc (client capability) forwarding in CCA flows. See#3349.
External contributions
Thank you @evan-buss for your contribution and fixing the issue where RequiredScopeOrAppPermission extension method didn’t work with Minimal APIs. See#3323. Thank you @neha-bhargava for your contribution and ensuring AcquireTokenForConfidentialClient correctly passes MSAL exceptions. See#3345.
Updated the Json Schema to include extensiblity for signed assertion providers. See#3235
Added support for Federation Identity Credential on any OIDC Idp (FIC+OIDC credential provider). See#3255
Support for acquiring token for Federation Managed Identity (FMI). Supports theFmiPath property ofAcquireTokenOptions. See#3247
Downstream APIs now support Authorization headers with a custom SAML bearer syntax. See#3273
Bug fixes
TokenAcquirerFactory is now thread safe. See#3274
Fix a bug in the parsing of the token in the authority. See#3261
Fundamentals
Removed old Blazorwasm sample, wasm-tools and added new blazor web API:#3259,#3257,#3254
Modified the build so that, in CI/CD internal builds, the NuGet.olg NuGet source is replaced by a managed Nuget source. More verbose information added. See#3263
Fixed CS8602 Warnings in Weather.razor (BlazorApp) – Handle Nullable forecasts and user.Identity. See#3266,
IdentityWeb now provides extensibility toDefaultCredentialsLoader so that partner teams, or an SDK on top of IdWeb, can bring their own credential providers. See#3220 for details.
Bug fixes
The merged options are now being passed to MSAL for the CCA ROPC scenario. See#3207 for details.
Added JSON schema support for Microsoft.Identity.Web configuration. This allows for schema validation in theappsettings.json, improving configuration accuracy and developer experience. To use it, add the following at the top of your appsettings.json: "$schema": "https://github.com/AzureAD/microsoft-identity-web/blob/master/JsonSchemas/microsoft-identity-web.json" This update enhances the configuration process by providing clear structure and validation for settings used in Microsoft.Identity.Web. See PR#3119 for details.
Fundamentals
Fix a flaky test in the L1L2Cache tests. See PR#3122 for details.
In .NET 8 and above,IDownstreamApi overloads take aJsonTypeInfo<T> parameter to enable source generated JSON deserialization. See issue#2930 for details.
Bug fixes:
Azure region is used while creating application keys when the TokenAcquisition service caches application objects, and the TokenAcquirerFactory caches TokenAcquirer. See#3002 for details.
Improved error messages for FIC. See issue#3000 for details.
Fundamentals:
Improved test coverage forGetCacheKey. See PR#3020 for details.
Update to .NET 9-RC1. See issue#3025 for details.
Fix static analysis warnings. See PR#3024 for details.
3.1.0
3.1.0
Updated to Microsoft.IdentityModel.* 8.0.2
Security improvement:
Id Web now usesCaseSensitiveClaimsIdentity by default and provides AppContextSwitches to fallback to usingClaimsIdentity. This means that when you loopup claims with FindFirst(), FindAll() and HasClaim(), you need to provide the right casing for the claim. See PR#2977 for details.
Bug fixes:
For SN/I scenarios, Id Web'sGetTokenAcquirer now setsSendX5C in particular protocols. See issue#2887 for details.
Fix for Instance/Tenant parsing for V2 authority (affected one Entra External IDs scenario). See PR#2954 for details.
Fix regex that threw a format exception:The input string " was not in a correct format when enablingsame-site cookie compatibility with userAgent: "Dalvik/2.1.0 (Linux; U; Android 12; Chromecast Build/STTE.230319.008.H1). See issue#2879 for details.
Microsoft.Identity.Web 3.1.0 now has an upper bound set on its dependency on Microsoft.Identity.Abstractions to version 7x to avoid referencing Microsoft.Identity.Abstractions 8.0.0, which has an interface breaking change, not yet implemented in Microsoft.Identity.Web. See PR#2962 for details.
It's now possible to build a specific version of Microsoft.Identity.Web based on specific versions of Microsoft.IdentityModel and Microsoft.Identity.Abstractions by specifying build variables on the dotnet pack command (MicrosoftIdentityModelVersion, MicrosoftIdentityAbstractionsVersions, and MicrosoftIdentityWebVersion):#2974,#2990
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting@dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependenciesPull requests that update a dependency file.NETPull requests that update .NET code
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
UpdatedMicrosoft.Identity.Web from 2.21.1 to 3.12.0.
Release notes
Sourced fromMicrosoft.Identity.Web's releases.
3.11.0
3.11.0
Dependencies updates
global.jsonto the latest .NET 9 runtime framework 9.0.108. See PR#3422 for details.Bug fixes
IDW10405error when using managed identity with common tenant. See PR#3415 for details.OidcIdpSignedAssertionLoaderto remove hard dependency on IConfiguration registration. See PR#3414 for details.New feature
ExtraHeaderParametersandExtraQueryParametersproperties onDownstreamApiOptionsto simplify adding custom headers and query parameters to downstream API requests. See PR#3413 for details.What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.10.0...3.11.0
3.10.0
3.10.0
Dependencies updates
global.jsonto the latest .NET 9 runtime framework 9.0.107 (#3385).New feature
introducing the
Microsoft.Identity.Web.AgentIdentitiespackage .Bug fixes
Fundamentals
3.9.4
3.9.4
Package updates
Bug fix
DefaultAuthorizationHeaderProviderto update theAcquireTokenOptions.LongRunningWebApiSessionKeyafter the token is acquired so that the key can be used in the next OBO call. See PR#3381 for details.Fundamentals
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.9.3...3.9.4
3.9.3
3.9.3
Package updates
Fundamentals
.clinerulesto help with AI tooling.What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.9.2...3.9.3
3.9.2
3.9.2
Package updates
Fundamentals:
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.9.1...3.9.2
3.9.1
3.9.1
Package updates
Fundamentals
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.9.0...3.9.1
3.9.0
3.9.0
Package updates
Bug fixes
New feature
Fundamentals
External contributions
Thank you @evan-buss for your contribution and fixing the issue where RequiredScopeOrAppPermission extension method didn’t work with Minimal APIs. See#3323.
Thank you @neha-bhargava for your contribution and ensuring AcquireTokenForConfidentialClient correctly passes MSAL exceptions. See#3345.
3.8.4
3.8.4
Package updates
Bug fixes
New feature
Fundamentals
3.8.3
3.8.3
Package updates
New feature
TokenAcquistion.csadds its service provider to the acquisition options. See issue#3315 for details.3.8.2
3.8.2
New feature
TokenCacheNotificationArgsindicates that distributed cache is configured when it should not have been. See#3304.3.8.1
New features
Bug fixes
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.8.0...3.8.1
3.8.0
3.8.0
New feature
FmiPathproperty ofAcquireTokenOptions. See#3247Bug fixes
Fundamentals
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.7.1...3.8.0
3.7.1
3.7.1
3.7.0
3.7.0
New Feature
DefaultCredentialsLoaderso that partner teams, or an SDK on top of IdWeb, can bring their own credential providers. See#3220 for details.Bug fixes
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.6.2...3.7.0
3.6.2
3.6.2
Fundamentals
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.6.1...3.6.2
3.6.1
3.6.1
3.6.0
3.6.0
Bug fixes
OpenIdConnectCachingSecurityTokenProvider. See Issue#3078Fundamentals
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.5.0...3.6.0
3.5.0
Bug fixes
Fundamentals
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.4.0...3.5.0
3.4.0
3.4.0
New features
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.3.1...3.4.0
3.3.1
3.3.1
Supportability
appsettings.json, improving configuration accuracy and developer experience. To use it, add the following at the top of your appsettings.json:"$schema": "https://github.com/AzureAD/microsoft-identity-web/blob/master/JsonSchemas/microsoft-identity-web.json"This update enhances the configuration process by providing clear structure and validation for settings used in Microsoft.Identity.Web. See PR#3119 for details.
Fundamentals
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.3.0...3.3.1
3.3.0
3.3.0
New features
Fundamentals
What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.2.2...3.3.0
3.2.2
3.2.2
3.2.1
3.2.1
What's Changed
Full Changelog:AzureAD/microsoft-identity-web@3.2.0...3.2.1
3.2.0
3.2.0
New features
IDownstreamApioverloads take aJsonTypeInfo<T>parameter to enable source generated JSON deserialization. See issue#2930 for details.Bug fixes:
Fundamentals:
GetCacheKey. See PR#3020 for details.3.1.0
3.1.0
Security improvement:
CaseSensitiveClaimsIdentityby default and provides AppContextSwitches to fallback to usingClaimsIdentity. This means that when you loopup claims with FindFirst(), FindAll() and HasClaim(), you need to provide the right casing for the claim. See PR#2977 for details.Bug fixes:
GetTokenAcquirernow setsSendX5Cin particular protocols. See issue#2887 for details.The input string " was not in a correct formatwhen enablingsame-site cookie compatibility with userAgent: "Dalvik/2.1.0 (Linux; U; Android 12; Chromecast Build/STTE.230319.008.H1). See issue#2879 for details.Fundamentals:
AzureKeyVault@2in AzureDevOps,#2981.What's Changed
New Contributors
Full Changelog:AzureAD/microsoft-identity-web@3.0.1...3.1.0
3.0.1
3.0.1
3.0.0
3.0.0
CVE package updates
CVE-2024-30105
See PR#2929 for details.
Updated to Microsoft.IdentityModel.* 8.0.0, Microsoft.Identity.Lab API 1.0.2, Microsoft.Identity.Abstractions 6.0.0
Seerel/v2 changelog for full list of added features to 3.0.0.
Fundamentals:
3.0.0-preview3
3.0.0-preview3
3.0.0-preview2
3.0.0-preview2
New features:
3.0.0-preview1
3.0.0-preview1
Breaking changes
New features
.net9.0-preview, see issue#2702 for details.AcceptHeaderandContentTypeif provided, see issue#2806 for details.Commits viewable incompare view.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)