Releases: AzureAD/microsoft-identity-web
1.9.1
Bug Fixes:
Microsoft.IdentityModel. version="6.9" introduced a breaking change in the mapping of the User.Identity.Name claim*. Microsoft.Identity.Web 1.9, started leveraging Microsoft.IdentityModel 6.10 to improve resiliency. With this breaking change Microsoft Identity Web 1.9.1 has a temporary workaround in place until a new Microsoft.IdentityModel version is released with a fix. See issues #1136 and #1140 for details.
Fix obsolete attribute and error message on ReplyForbiddenWithWwwAuthenticateHeaderAsync. See issue #1137 for details.
Documentation:
Fix Stackoverflow tags in ReadMe. See issue #1128.
1.9.0
1.9.0
New Features:
Microsoft Identity Web now exposes a token provider that the Azure SDKs can use. See PR for details.
Microsoft Identity Web now supports .NET Framework 4.6.2. See issue #1086.
Microsoft Identity Web supports calls for regional STS for 1st party only, this is due to MSAL.NET release 4.29, and AzureRegion is available via the ConfidentialClientApplicationOptions.
Bug Fixes:
Microsoft Identity Web now locks on the HttpContext, to better handle multi-threaded applications. See issue #1097 and PR and PR.
Fundamentals:
Microsoft Identity Web now implements LoggerMessage for high performance logging. See issue #1105 for details.
Performance improvements. See PRs #1089, #1098, #1092, and #1085.
Documentation:
Documentation updated to show how to use ClientCapabilities. See issue #1071 and also the wiki.
Clear documentation on what is available in Microsoft Identity Web and when to use MSAL.NET, Microsoft Identity Web, or both. See issue #1057 and Is MSAL.NET right for me?.
1.8.2
1.8.1
1.8.0
1.8.0
New Features:
Microsoft Identity Web now provides a more sophisticated and performant L1/L2 (In Memory and Distributed) token cache. See issue #957 and the wiki for details.
Related to the L1/L2 cache improvements, developers can determine how to proceed when the L2 (Distributed) cache fails, ex. the L2 cache is off-line. See issue #1042 for details.
Related to the L1/L2 cache improvements, the MemoryCacheOptions are now exposed in the MsalDistributedTokenCacheAdapterOptions so developers can have control over the L1 (In Memory) cache, such as cache size. See issue #1048 for details.
Microsoft Identity Web supports user assigned managed identity for certificate loading. See issue #1007 for details.
1.7.0
1.7.0
New Features:
msidentity-app-sync is a command line tool that creates Microsoft identity platform applications in a tenant (AAD or B2C) and updates the configuration code of your ASP.NET Core applications (mvc, webapp, blazorwasm, blazorwasm hosted, blazorserver). The tool can also be used to update code from an existing AAD/AAD B2C application. See https://aka.ms/msidentity-app-sync for details and additional information on the experience in Visual Studio 16.9. Get the tool via the NuGet package. See issue #954, and 977.
Microsoft Identity Web now disables the ADAL cache lookup by default when calling into MSAL .NET. If you have ADAL apps which share a cache with MSAL apps, you would want to set LegacyCacheCompatibilityEnabled = true in appsettings.json. Otherwise, there is a performance improvement when bypassing the ADAL cache lookup. See issue #961 for details.
It's now possible to specify the X509KeyStorageFlags in the certificate description (both in the config file, or programmatically). This way if you want to use other storage flags than the default, it is possible.
Bug Fixes:
Remove obsolete attribute from ValidateUserScopesAndAppRoles. See issue #963 and #995 for details.
1.6.0
1.6.0
New Features:
Microsoft Identity Web templates now include a project template for Azure Functions. See issue #899 for details.
gRPC templates now include calling graph and downstream APIs. See issue #900 for details.
Microsoft Identity Web now exposes an AuthorizationFilter attribute to express accepted scopes on controllers, actions, or pages. See issue #849 for details.
When using the delegate override of .EnableTokenAcquisitionToCallDownstreamApi, you don't need to repeat the properties present in the Microsoft Identity Options ex. Instance, TenantId, ClientId, etc.... See issue #742 for details.
Microsoft Identity Web now exposes the DefaultCertificateLoader, which would be used when loading a certificate from a daemon application, or an ASP NET application, using MSAL .NET directly. See issue #952 for details.
Bug Fixes:
Microsoft Identity Web now supports token decryption certificates rotation. See issue #905 for details.
Microsoft Identity Web now allows the AuthorizeForScopeAttribute to specify an alternate AuthenticationScheme. See issue #870 for details.
1.5.1
1.5.0
1.5.0
New Features:
Microsoft Identity Web templates now include a project template for gRPC. See issue 628 for details.
Microsoft.Identity.Web now helps writing Azure Functions protected with Azure AD or Azure AD B2C. See issue #878.
The Microsoft Identity Web B2C templates now use the recommended .b2clogin.com instead of login.microsoftonline.com by default. See issue #792 for details.
Bug Fixes:
In a Blazor server application, when the client app requests consent for the web API, the call would result in an infinite loop. The consent screen is now correctly displayed. See issue #847 for details.