-
Notifications
You must be signed in to change notification settings - Fork 379
msal net 4.6
We are excited to announce the release of MSAL.NET 4.5.0, which brings improvements to iOS 13 with broker support, to token cache serialiation, as well as several bug fixes, in particular around specification of the authority
On iOS 13, users of your app leveraging broker (Microsoft Authenticator) will be promp the end user less We've improved the interaction with the iOS broker (Authenticator). When recent versions of the IOS broker answers a request from MSAL, it also sends an app token cache. MSAL.NET now stores this app token in the iOS KeyChain. Subsequent calls to the broker will include this app token. When presented with an app token, the broker may show fewer prompts to the user.
New TokenCacheNotificationArgs.IsApplicationCache property simplifies development of token cache serialization
TokenCacheNotificationArgs now include a flag named IsApplicationCache, which disambiguates between the app token cache and the user token cache. This will help developers of token cache serialization writing more targetted cache storage code. MSAL extension libraries, such as Microsoft.Identity.Web (not currently published to NuGet) will immediately benefit from it.
Device Code Flow now provides an explicit error message when you had forgotten to enable public client flows at app registration Device Code Flow would fail with a misleading error message if the app was misconfigured in the Azure Application Portal. Indeed, you must enable "public client flows", when using Device Code Flow, Integrated Windows Auth and Username/Password for these flows to work #1407
Performance improvements. Setting a non tenanted authority when calling AcquireTokenXX is now ignored
Setting a common authority override when calling AcquireTokenXX used to always cause a cache fail. Indeed, MSAL allows you to override the authority by specifying it on the AcquireTokenSilent builder, with the goal of allowing users to specify a tenant ID (to get a token for the same user, in a different tenant. Think for instance of iterating through your Azure subscriptions). Setting a common authority (or organizations or consumers) would cause #1456
Usability improvements. It's possible to specity .WithAuthority(audience) and .WithTenantId()
Setting an authority audience of AzureADMyOrg and a tenant ID would fail. #1320
Add a test that checks cache format interoperability between MSAL Java and MSAL .NET
- Home
- Why use MSAL.NET
- Is MSAL.NET right for me
- Scenarios
- Register your app with AAD
- Client applications
- Acquiring tokens
- MSAL samples
- Known Issues
- Acquiring a token for the app
- Acquiring a token on behalf of a user in Web APIs
- Acquiring a token by authorization code in Web Apps
- AcquireTokenInteractive
- WAM - the Windows broker
- .NET Core
- Maui Docs
- Custom Browser
- Applying an AAD B2C policy
- Integrated Windows Authentication for domain or AAD joined machines
- Username / Password
- Device Code Flow for devices without a Web browser
- ADFS support
- High Availability
- Regional
- Token cache serialization
- Logging
- Exceptions in MSAL
- Provide your own Httpclient and proxy
- Extensibility Points
- Clearing the cache
- Client Credentials Multi-Tenant guidance
- Performance perspectives
- Differences between ADAL.NET and MSAL.NET Apps
- PowerShell support
- Testing apps that use MSAL
- Experimental Features
- Proof of Possession (PoP) tokens
- Using in Azure functions
- Extract info from WWW-Authenticate headers
- SPA Authorization Code