4.71.1

Bug Fixes

• Pass the validate function to the http manager. See Issue #5242
• Change the resource id param for IMDS. See Issue #5238

Full Changelog: 4.71.0...4.71.1

4.71.0

Bug Fixes

• Enable the Service Fabric flow to get a httpClient from the factory with ssl validation callback. See Issue #5220

Full changelog: 4.70.2 .. 4.71.0

4.70.2

What's Changed

• Updated MSIv1 Token Revocation's token_sha256_to_refresh param to use sha256's HEX representation by @gladjohn in #5229

Full Changelog: 4.70.1...4.70.2

4.70.1

What's Changed

• Fix Machine Learning Source to Use "clientid" Instead of "client_id" by @gladjohn in #5193
• Fixing IsCommonOrOrganizationsTenant check to not return true for consumers by @trwalke in #5195
• Fix logger message to accurately reflect skipCache condition by @gladjohn in #5201
• Removing experimental feature Flag from WithFmiPath by @trwalke in #5206
• Fix for 5223 - env var to disable ESTS-R by @bgavrilMS in #5224

Full Changelog: 4.70.0...4.70.1

4.70.0

Features

• Added a .WithAccessTokenSha256ToRefresh() method to AcquireTokenForClientParameterBuilder for ConfidentialClientApplication, allowing finer control over token refresh scenarios. Issue #5111, PR #5179
• Added TokenCacheNotificationArgs.NoDistributedCacheUseReason in order to indicate that the configured serialized cache should not be a distributed cache to prevent issues when acquiring tokens. Issue #5199

Bug Fixes

• Removed invalid tenant checks (/organizations or /common) in MTLS flows for AAD/dSTS authorities. Issue #5093
• Fixed an issue where specifying a null service config region in MTLS scenarios did not correctly throw an exception. Issue #5181

4.69.1

4.69.1

Features

• Enabled broker support on the Linux platform. See Issue #5086
• Added a WithCertificate(..., bool associateTokensWithCertificateSerialNumber) overload to enable the use of the certificate's serial number as part of the cache key for tokens. Issue #5150

Bug Fixes

• MSAL will now stop replacing "%20" with "+" since it is obsolete. See Issue #5061
• Exposed client capabilities in AssertionRequestOptions for MSI FIC scenarios Issue #4948
• Added the missing claims in SignedAssertion when using the AssertionRequestOptions Delegate Issue #5143

4.68.0

Features

• Added WithFmiPath() api to support FMI scenarios in MSAL. See Issue #5110
• MSAL will now pass Client sku and Version to MsalRuntime for MSAL Runtime's client telemetry. See Issue #5103

Bug Fixes

• Reordered the condition for ManagedIdentitySource.MachineLearning to be checked after ManagedIdentitySource.AppService instead of before it. See Issue #5077
• Improved Managed Identity Source Detection Logging for Debugging. See Issue #5097
• When a 404 error occurs, MSAL will now include the endpoint and authority URLs in the exception message for better debugging. See Issue #4769
• MSAL will now set UseShellExecute to false in OpenLinuxBrowser. See Issue #5075
• Fixed a threading exception when using ExtraQueryParameters. See Issue #5108

4.67.2

Bug Fixes

• Fixed an issue with Managed Identity source detection where Azure ML was prioritized incorrectly over Azure App Service, causing token acquisition failures. See Bug #5077

4.67.1

Bug Fixes

• Added support for Azure Machine Learning (Azure ML) Managed Identity (MSI) to address missing functionality for token acquisition in Azure Machine Learning environments. See Bug #4984

4.67.0

New Features

• MSAL.NET now supports acquiring token for Client Credentials flow with a Subject Name Issuer (SNI) certificate over Mutual TLS (mTLS) for first-party applications. See Issue #4986
• Bumped NET SDK from net6 to net8, aligning MSAL.NET with the latest .NET standards and features. See Feature Request #5025
• Public API analyzer integrated to enhance API compliance and stability. See Feature Request #4931

Bug Fixes

• Improved AcquireTokenSilent logging and handling of Family of Client IDs (FOCI). See Bug #4988
• Fixed issues where DurationTotalInMs in AuthenticationResultMetadata differed from Stopwatch measurements. See Bug #4895
• Resolved incorrect computation of OTel durations in L1 cache and during the creation of POP tokens. See Bug #5036
• Addressed an issue where AbstractAcquireTokenParameterBuilder<T>.WithAdfsAuthority threw exceptions when the tenant ID was null and the authority host URI ended in /adfs. See Bug #4860
• Fixed a parsing issue in Managed Identity to align with Azure.Identity's behavior for handling invalid JSON responses. See Bug #5016

Deprecated

• Removed MSAL v3 migration aids. See Remove #4987