4.76.0

What's Changed

• Removal of ExperimentalFeatures flag on WithMtlsProofOfPossession API: by @gladjohn in #5402
• #5400 Fixing issue that leads to multiple active access tokens in the cache for non-tenanted oidc authority by @andkorsh in #5401
• Add Service Fabric token revocation support by @gladjohn in #5421
• Update NativeInterop package version to 0.19.4 by @ashok672 in #5434
• Adding WithExtraBodyParameters api by @trwalke in #5389
• Enable mTLS Proof‑of‑Possession for Client‑Assertion Delegates by @gladjohn in #5409

New Contributors

• @andkorsh made their first contribution in #5401

Full Changelog: 4.74.1...4.76.0

4.74.1

Bug fixes

• When you configure MSAL with WithOidcAuthority(), the library now confirms that the issuer returned by the OIDC discovery endpoint matches the expected authority (including CIAM patterns) and throws an exception if it does not. #5358

• Re-expose public AuthenticationResult constructor. A public, test-friendly constructor of AuthenticationResult was inadvertently hidden behind [Obsolete] and [EditorBrowsable(Never)]. The constructor is now publicly available again. #5392

4.74.0

Features

• Deprecate ROPC flow in Public Client Applications #5355.
• AuthenticationResult exposes a new BindingCertificate property that returns the X.509 certificate bound to the access token in mTLS-PoP scenarios. #5370.

Bug fixes

• MSAL now honors the DEFAULT_IDENTITY_CLIENT_ID environment variable when acquiring tokens from Azure Machine Learning managed-identity endpoint. #5350.

4.73.1

What's Changed

• Deprecate AcquireTokenByIntegratedWindowsAuth API by @ashok672 in #5345
• Update native interop to 0.19.2 by @fengga in #5362
• update the deprecated openURL(:) api to openURL(:options:completionHandler) by @DharshanBJ in #5354

Full Changelog: 4.73.0...4.73.1

4.73.0

What's Changed

• Add mac broker console app support by @fengga in #5274
• Use HTTP 2 on .NET where possible by @bgavrilMS in #5314
• Expose access token cache count by @bgavrilMS in #5330
• Add an extensibility API - WithFmiPathForClientAssertion … by @bgavrilMS in #5347
• Hide ListOperatingSystemAccounts in intellisense by @ashok672 in #5304
• Reworked retry policy functionality & Created IMDS retry policy by @Robbie-Microsoft in #5231

Full Changelog: 4.72.1...4.73.0

4.72.1

4.72.1

Bug Fixes

• Ensure instance of IMsalHttpClientFactory passed by the user is used for managed identity flows that do not require cert validation. See Issue #5286
• Fix a URL typo in the API comments. See #5277

Full Changelog: 4.72.0...4.72.1

4.72.0

4.72.0

Features

• Added MacOs Broker support. See Issue #5051

Bug Fixes

• Ensure additional cache parameters are persisted in cache serializationIssue #5261

4.71.1

Bug Fixes

• Pass the validate function to the http manager. See Issue #5242
• Change the resource id param for IMDS. See Issue #5238

Full Changelog: 4.71.0...4.71.1

4.71.0

Bug Fixes

• Enable the Service Fabric flow to get a httpClient from the factory with ssl validation callback. See Issue #5220

Full changelog: 4.70.2 .. 4.71.0

4.70.2

What's Changed

• Updated MSIv1 Token Revocation's token_sha256_to_refresh param to use sha256's HEX representation by @gladjohn in #5229

Full Changelog: 4.70.1...4.70.2