-
Notifications
You must be signed in to change notification settings - Fork 343
msal net 4.5
See Microsoft Authentication Library for .NET for updated documentation.
We are excited to announce the release of MSAL .NET 4.5.0, which brings improvements to the device code flow both for Azure AD and ADFS, as well as several bug fixes, in particular around iOS13 and UWP:
- Device code flow improvements, with support of Microsoft personal accounts and ADFS 2019
- added Telemetry to monitor the health of the library and the service
- Bug fixes
The device code flow is used in the case of devices and operating systems that do not provide a web browser, such as applications running on iOT, or Command-Line tools (CLI). See more information on the device code flow.
Starting with MSAL.NET 4.5 release, the device code flow is possible with Microsoft Personal Accounts. This means the device code flow will work with:
- Any work and school accounts (tenanted authority,
https://login.microsoftonline.com/organizations/), and - Microsoft personal accounts (
/commonor/consumerstenants)
Starting with MSAL.NET 4.5 release, MSAL .NET supports the device code grant for ADFS 2019.
To better understand the reliability of the library and the Azure AD service across public client application calls and to try and detect outages and customer issues preemptively, MSAL .NET now sends telementy data to the /token endpoint in regards to the error code of the previous request, if applicable. This will help us be more proactive in detecting and fixing issues.
MSAL.NET 4.5 and 4.5.1 also contains a number of bug fixes:
- Customers reported a nonce mismatch error when signing in with the Authenticator app on iOS 13. The issue has been resolved and increased logging included in the iOS broker scenario. See issue for more details.
- On iOS 13, when using the system browser, authentication was broken. This was because Apple now requires a presentationContext when signing in with the system browser. More information on this requirement here. And more details in the issue
- At times, MSAL .NET would randomly fail on UWP. MSAL .NET now implements retry logic and has improved logging around the cache in UWP. See this issue and this issue for more details.
- During a client credential flow, MSAL .NET would throw a client exception stating the users should not add their own reserved scopes. MSAL .NET now merges the scopes if they are already in the reserved list and does not throw. See issue for more details.
- At times, during an interactive authentication, MSAL .NET would throw an ArgumentNullException. MSAL .NET now checks for null values when handling the authorization result parsing. See issue for details.
- Home
- Why use MSAL.NET
- Is MSAL.NET right for me
- Scenarios
- Register your app with AAD
- Client applications
- Acquiring tokens
- MSAL samples
- Known Issues
- AcquireTokenInteractive
- WAM - the Windows broker
- .NET Core
- Maui Docs
- Custom Browser
- Applying an AAD B2C policy
- Integrated Windows Authentication for domain or AAD joined machines
- Username / Password
- Device Code Flow for devices without a Web browser
- ADFS support
- Acquiring a token for the app
- Acquiring a token on behalf of a user in Web APIs
- Acquiring a token by authorization code in Web Apps
- High Availability
- Token cache serialization
- Logging
- Exceptions in MSAL
- Provide your own Httpclient and proxy
- Extensibility Points
- Clearing the cache
- Client Credentials Multi-Tenant guidance
- Performance perspectives
- Differences between ADAL.NET and MSAL.NET Apps
- PowerShell support
- Testing apps that use MSAL
- Experimental Features
- Proof of Possession (PoP) tokens
- Using in Azure functions
- Extract info from WWW-Authenticate headers
- SPA Authorization Code