9.5.0

9.5.0

New features

• Expand Authorization header to support binding certificate for mTLS scenarios. For Details see #209

Fundamentals

• Migrate repository agent rules from .clinerules to agents.md. For details, see #206

9.4.0

New features

• Add AdditionalResponseParameters and BindingCertificate to AcquireTokenResult. For details see PR 203
• Add conditional targeting for NET 10. See PR 202
• Add enum value for managed certificate in SourceType. For details, see PR 204

New Contributors

• @tlupes made their first contribution in #204

9.3.0

9.3.0

New features

Added a new interface IAuthenticationSchemeInformationProvider to get the effective authentication scheme corresponding to an option name, depending on the platform. For details, see PR #200

9.2.0: changelog.md with recent changes since May 17th (#197)

9.2.0

New features

• OperationResult and OperationError abstractions:
  Introduced a new OperationResult<TResult, TError> struct and OperationError base class. These provide a discriminated union for representing either a result or an error, improving error handling and propagation.
  See implementation in src/Microsoft.Identity.Abstractions/Results/OperationResult.cs and OperationError.cs.

• DownstreamApiOptions extensibility:
  Added two new properties to DownstreamApiOptions:

  • ExtraHeaderParameters (IDictionary<string, string>?): Set extra headers in HTTP requests to downstream APIs.
  • ExtraQueryParameters (IDictionary<string, string>?): Set extra query parameters in HTTP requests to downstream APIs.
    This enables more flexible API calls and improved integration scenarios.

Fundamentals

• Development guidelines and Copilot integration:

  • Introduced .clinerules/abstractions-guidelines.md, .clinerules/csharp-guidelines.md, .clinerules/ai-guidelines.md, and .github/copilot-instructions.md to formalize and document development, AI assistant, and C# code standards for contributors and tooling.
  • Solution file and README updated to reference these guidelines.

• Analyzer and dependency updates:

  • Bumped analyzer versions in Directory.Build.props for better static analysis (BannedApiAnalyzers and MicrosoftCodeAnalysisPublicApiAnalyzers updated from 3.3.4 to 4.14.0).

9.1.0: Update Directory.Build.props (#188)

9.1.0

New features

• Add a new generic IAuthorizationHeaderProvider to have the possiblity of returning authorization header and metadata or error instead of throwing. For details see #172
• Add Algorithm property to CredentialDescription to describe signing credentials. For details see #182
• Adding serializer for CredentialDescription in .NET 8+. See #176

Fundamentals

• Add dev container to work in Code Spaces. See PR #175
• Adding a doc about CredentialDescription. See PR #181
• Fixing AoT warnings: part 1 - non breaking. See PR #187
• update Readme.md to explain the support policy for the library and the notion of LTS. See PRs 171, 183, , 185

9.0.0

9.0.0

New features

• Added a new class named MicrosoftEntraApplicationOptions inheriting from IdentityApplicationOptions and from which MicrosoftIdentityApplicationOptions inherits. Moved the EntraID specific properties related to web APIs from MicrosoftIdentityApplicationOptions to MicrosoftEntraApplicationOptions. MicrosoftIdentityApplicationOptions now only contains the
  properties related to web apps and B2C. See #165 for details.
• Added a Name property in MicrosoftEntraApplicationOptions to allow for dynamic discovery of ASP.NET Core authentication schemes / named options. See #168 for details.
• Changed the way the ID property is computed in ClientCredentials. All sensitive data is also now replaced by a hash. See #163 for details.
• Added XML comments with recommendations on which CredentialSource not to use in production. See #167 for details.

8.2.0

8.2.0

New feature:

• To support Federated Managed Identities a new parameter FmiPath was added to AcquireTokenOptions. See #161 for details.

8.1.1

8.1.1

**

8.1.0

8.1.0

New features:

• To support certain Federation identity cases, you need to add an additional parameter called TokenExchangeAuthority. This parameter is necessary when the issuer (the entity that issues the token) for the token exchange URL is different from the application's issuer. See #155 for details.
• Added a new interface ICustomSignedAssertionProvider for implementing custom signed assertion providers. This interface includes a Name property for configuration-friendly naming. See issue #153 for details.
• Added extensibility to the CredentialDescription class to support custom signed assertion providers. This includes new properties CustomSignedAssertionProviderName and CustomSignedAssertionProviderData. See issue #146 for details.

What's Changed

• Update changelog.md for 8.0.0 and other post release updates by @jmprieur in #152
• Add customSignedAssertion by @JoshLozensky in #150
• Adding ICustomSignedAssertionProvider by @JoshLozensky in #154
• done with copilot by @jennyf19 in #156

Full Changelog: 8.0.0...8.1.0

8.0.0

Fundamentals

• Removed the Container and ValueOrReference from the public API of CredentialDescription. They were technical debt used for compatibility
  with Microsoft.Identity.Web 1.x, no longer necessary. See PR #151
  for details.