Releases: AzureAD/microsoft-authentication-library-for-dotnet
4.46.0-Preview2
New Features
This preview package adds support for.NET MAUI. It adds .NET 6 iOS and Android targets. The package also works with UWP. Refer to MauiStatus.md for details.
4.45.0
Important changes for UWP apps
Upgrade the minimum target platform to 10.0.17763.0.
Upgrade Microsoft.NETCore.UniversalWindowsPlatform to 6.1.9 or above.
Add a reference to Microsoft.IdentityModel.Abstractions, for projects that use package.json.
New Features
Logs are now consistent when you use several .NET authentication libraries from Microsoft. See 3028.
Exposed tenant ID and scopes in TokenCacheNotificationArgs. See 3389.
Added new WithClientAssertion API that exposes the token endpoint. See 3352.
Added additional descriptive information to error logs. See 3278.
Updated support from .NET Standard 1.3 to.NET Standard 2.0. See 1991.
Bug Fixes
Tenant profiles are now returned when calling GetAccounts with broker enabled. See 3349.
Fixed parsing of authentication result from broker preview. See 3354.
Fixed DSTS endpoints. See 3492.
Privacy and Terms of Use links are now visible in embedded picker UI on smaller screens. See 3153.
Fixed broker Proof-of-Possession token appearing as Bearer when calling GetAuthorizationHeader(). See 3353.
Ensured MSAL doesn't check local cache for tokens when using Proof-of-Possession with the broker preview. See 3363.
4.44.0
New Features
Added support in MSAL for dSTS authority See 3198.
Enabled Azure.Identity (Azure SDK) to benefit from MSAL.NET token cache when used for Managed Identity See 3137.
Experimental Features
MSAL.NET now has a new WAM preview which is an abstraction layer based on MSAL C++ with support for Proof-of-Possession access tokens. This fixes some issues with current WAM implementation. See 3192 and wiki.
Bug Fixes
Improved exception handling in case of an Operation Cancelled Exception See 3283.
Fixed AcquireTokenSilent to not display a login prompt unnecessarily for operating system accounts in WAM. See 3294.
Fixed NullReferenceException in IsBrokerAvailable() See 3261.
Fixed a race condition to improve stability of region autodiscovery. See 3277.
Fixed a bug in instance discovery by adding pre-production environment (PPE) domains to known endpoints. See 3265.
Fundamentals
Improved automated performance microbenchmarks to better reflect common scenarios See 3297 and wiki.
4.43.2
4.43.1
4.43.0
New Features
Added Intune Mobile App Management (MAM) support for Android. See 3185.
MSAL.NET Cache Extensions now protects plaintext cache files with owner only read/write permissions.See 3186, 169.
Bug Fixes
Client capabilities flags are correctly passed to Android Broker. See 3203.
Fixed WithAccount(result.Account) to work when using WAM. See 3121.
Improved token cache filtering logic. See 3178, and 3233.
Fixed an error in creating UWP package for Microsoft Store upload. See 3184, 3239.
Fixed a bug to correctly sign-out an account from WAM. See 3248.
Correctly showing a browser in WSL2. See 3251.
4.42.1
4.42.0
4.42.0
New Features
Multi Cloud Support Allows 1st party public client apps which target the public cloud to log in users from other clouds. Not supported for broker flows. Details at https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/Multi-Cloud-Support-or-Instance-Aware 2524
Expose the region or error used by MSAL in AuthenticationResult.AuthenticationResultMedatadata and in logs. See 2975
App protection (true MAM) support for iOS. See 2894
Bug Fixes
Fix a bug causing an "Sequence Contains No Elements" exception This occurs in rare circumstances when saving the token cache. 3130
Fix a bug causing an "ArgumentOutOfRangeException: the relative expiration value must be positive" exception This occurs in rare circumstances when saving the token cache. 2859
Default OS account login with MSA fails This affects some first party applications (MSA passthrough) when using WAM 3157
WwwAuthenticateParameters should not expose Resource 3144
4.41.0
4.41.0
New Features:
MSAL now uses the WAM AAD plugin's account selector if authority is AAD only. This overcomes the issue of console apps not being able to display the account picker and other issues with Account Picker instability. See 2289
Added OnBeforeTokenRequest public API which allows to execute a custom delegate before MSAL makes a token request. and enables support for legacy Proof-of-Possession implementations. See 3114
Added kid in cache keys for client credential flows using Proof-of-Possession. See 3115
Improved the error message when both region and custom metadata are configured. See 3014
Exposed the ability to add a custom header text to auth dialogs such as WAM. See 3125
MSAL now supports using Linux broker via Microsoft Edge. Use WithBroker() to authenticate with Microsoft Edge system browser, if installed, which integrates with Linux broker to offer a better authentication experience. See 3051
Bug Fixes:
Added support for WAM on Windows Server 2022 and Windows 11, and improved operating system detection for future versions. See 3040
WAM is not supported on Windows Server 2016. MSAL will now fall back to browser if this OS is detected. See 2946
Fix for GetAccountAsync API by checking for null on accountId parameter. See 3118
WAM is not supported in pure ADFS environments. MSAL will now fall back to browser if the ADFS authority is used. See 2836
4.40.0
4.40.0
New Features:
Authorization Code for Single Page Applications (SPA) feature is now generally available. WithExperimentalFeatures() is no longer required when calling WithSpaAuthorizationCode(). See 2920, wiki, and sample.
Allow POP token envelope to be created externally. See 3059.
Remove obsolete telemetry (MATS) code to improve performance and stability. See 3043.
Log clarification in several places. See here and
here.
Bug Fixes:
Allow res:// error pages to be displayed in embedded WebView. See 3083.
MSAL Logs are now more clear when regional is enabled and tokens are acquired from the cache. See 3073.