3.13.1

3.13.1

Dependencies updates

• Microsoft.IdentityModel updated to version 8.14.0.

3.13.0

3.13.0

Dependencies updates

• Microsoft.IdentityModel updated to version 8.13.1.
• Microsoft.Abstractions updated to version 9.3.0 and using IAuthenticationSchemeInformationProvider from that library, deprecating the interface of the same name in Microsoft.Identity.Web (introduced in 3.12.0).

Bug fixes

• Fixed an issue with instantiation of TokenAcquirerFactory when AppContext.BaseDirectory is root path. See PR #3443 for details.

Fundamentals

• Use cloud user in tests. See PR #3441 and #3442 for details.

3.12.0

3.12.0

Dependencies updates

• Updated MSAL to version 4.74.1 part of #3398.

Bug fix

Reload certificates for all client credential based issues to solve the issue that when a bad certificate was installed on the machine and picked up, and subsequently rotated, a service restart was needed for the new certificate to be used. See issue #3429 and PR #3430

New features

• Include the thrown exception in CertificateChangeEventArg. See PR #3428 for better supportabiliby.
• Support for Agent User identities. See PR #3435

3.11.0

3.11.0

Dependencies updates

• Updated global.json to the latest .NET 9 runtime framework 9.0.108. See PR #3422 for details.

Bug fixes

• Fix IDW10405 error when using managed identity with common tenant. See PR #3415 for details.
• Fix OidcIdpSignedAssertionLoader to remove hard dependency on IConfiguration registration. See PR #3414 for details.

New feature

• Add support for ExtraHeaderParameters and ExtraQueryParameters properties on DownstreamApiOptions to simplify adding custom headers and query parameters to downstream API requests. See PR #3413 for details.
• Add better support for Azure SDK. For details see Readme-Azure and PR #3416

What's Changed

• Update Abstractions version and the public API files after 3.10.0 release by @jmprieur in #3407
• Update Directory.Build.props by @jennyf19 in #3404
• Fix IDW10405 error when using managed identity with common tenant by @Copilot in #3415
• Add ExtraHeaderParameters and ExtraQueryParameters support to DownstreamApi by @Copilot in #3413
• Fix OidcIdpSignedAssertionLoader to remove hard dependency on IConfiguration registration by @Copilot in #3414
• Update global.json by @jennyf19 in #3422
• Improved experience for Azure SDKs with Microsoft Identity Platform authentication by @jmprieur in #3416
• Update 3.11 changelog by @jennyf19 in #3423
• update test certs by @jennyf19 in #3424

New Contributors

• @Copilot made their first contribution in #3415

Full Changelog: 3.10.0...3.11.0

3.10.0

3.10.0

Dependencies updates

• Updated MSAL to version 4.73.1 (#3398).
• Updated global.json to the latest .NET 9 runtime framework 9.0.107 (#3385).

New feature

• Added support for Agent Identities (#3396, #3402).
  introducing the Microsoft.Identity.Web.AgentIdentities package .

Bug fixes

• Processed codeQL issues

Fundamentals

• improved unit tests for OidcFic with the new SignedAssertionFmiPath

3.9.4

3.9.4

Package updates

• Microsoft.IdentityModel updated to version 8.12.1.

Bug fix

• Updates the DefaultAuthorizationHeaderProvider to update the AcquireTokenOptions.LongRunningWebApiSessionKey after the token is acquired so that the key can be used in the next OBO call. See PR #3381 for details.

Fundamentals

• Update .NET SDK version to 9.0.107 used when building or running the code. See #3385 for details.
• Improved test coverage for managed identity flows. See #3350 for details.

What's Changed

• Add Claims and Capability Support to Managed Identity Flows by @gladjohn in #3350
• Adding fix for OBO cache key error in long running OBO with DefaultAuthorizationHeaderProvider by @trwalke in #3381
• Update global.json by @jennyf19 in #3385
• changelog 3.9.4 by @jennyf19 in #3386

Full Changelog: 3.9.3...3.9.4

3.9.3

3.9.3

Package updates

• Microsoft.IdentityModel updated to version 8.12.0.

Fundamentals

• Add .clinerules to help with AI tooling.
• Update PublicApiAnalyzers and BannedApiAnalyzers to 4.14.0 Upgraded analyzer packages for improved diagnostics and code consistency (in particular delegates are added). For details see #3379

What's Changed

• Update M.IM 8.11 by @jennyf19 in #3373
• add ai assist rules by @jennyf19 in #3376
• Update PublicApiAnalyzers and BannedApiAnalyzers to 4.14.0 by @pmaytak in #3379
• changelog 3.9.3 by @jennyf19 in #3380

Full Changelog: 3.9.2...3.9.3

3.9.2

3.9.2

Package updates

• Microsoft.IdentityModel updated to version 8.11.0.
• MSAL.NET updated to version MSAL.NET 4.72.1.

Fundamentals:

• Fix invalid comparisons in prop and csproj files. For details see #3297.

What's Changed

• Release notes and cleanup by @jmprieur in #3367
• Remove invalid comparisons by @keegan-caruso in #3368
• update to MSAL 4.72.1 by @jennyf19 in #3369
• update 3.9.2 by @jennyf19 in #3372

Full Changelog: 3.9.1...3.9.2

3.9.1

3.9.1

Package updates

• Microsoft.Identity.Abstractions updated to version 9.1.0.

Fundamentals

• Fix AoT warnings. For details see #3366.

What's Changed

• Fix AoT warnings (and update to Abstractions 9.1.0) by @jmprieur in #3366

Full Changelog: 3.9.0...3.9.1

3.9.0

3.9.0

Package updates

• Microsoft.IdentityModel updated to version 8.10.0.
• MSAL.NET updated to version MSAL.NET 4.72.0.

Bug fixes

• Fixed issue where RequiredScopeOrAppPermission extension method didn’t work with Minimal APIs. See #3323.
• Resolved IL warnings from AddDownstreamApis in NativeAOT projects. See #3355.
• Ensured AcquireTokenForConfidentialClient correctly passes MSAL exceptions. See #3345.
• Prevented null reference when accessing MergedOptions instance. See #3337.

New feature

• Added optional login_hint and domain_hint support to AccountController.SignIn endpoint. See #3244 and #3348.

Fundamentals

• Introduced Long-Term Support (LTS) policy. See #3357.
• Added tests to validate xms_cc (client capability) forwarding in CCA flows. See #3349.

External contributions

Thank you @evan-buss for your contribution and fixing the issue where RequiredScopeOrAppPermission extension method didn’t work with Minimal APIs. See #3323.
Thank you @neha-bhargava for your contribution and ensuring AcquireTokenForConfidentialClient correctly passes MSAL exceptions. See #3345.