Skip to content

Bump Microsoft.Identity.Client.Extensions.Msal from 4.63.0 to 4.74.1 #688

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump Microsoft.Identity.Client.Extensions.Msal from 4.63.0 to 4.74.1 #688

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 7, 2025

Updated Microsoft.Identity.Client.Extensions.Msal from 4.63.0 to 4.74.1.

Release notes

Sourced from Microsoft.Identity.Client.Extensions.Msal's releases.

4.74.1

Bug fixes

4.74.0

Features

Bug fixes

4.73.1

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.73.0...4.73.1

4.73.0

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.72.1...4.73.0

4.72.1

4.72.1

Bug Fixes

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.72.0...4.72.1

4.72.0

4.72.0

Features

Bug Fixes

  • Ensure additional cache parameters are persisted in cache serializationIssue #​5261

4.71.1

Bug Fixes

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.71.0...4.71.1

4.71.0

Bug Fixes

  • Enable the Service Fabric flow to get a httpClient from the factory with ssl validation callback. See Issue #​5220

Full changelog: 4.70.2 .. 4.71.0

4.70.2

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.70.1...4.70.2

4.70.1

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.70.0...4.70.1

4.70.0

Features

  • Added a .WithAccessTokenSha256ToRefresh() method to AcquireTokenForClientParameterBuilder for ConfidentialClientApplication, allowing finer control over token refresh scenarios. Issue #​5111, PR #​5179
  • Added TokenCacheNotificationArgs.NoDistributedCacheUseReason in order to indicate that the configured serialized cache should not be a distributed cache to prevent issues when acquiring tokens. Issue #​5199

Bug Fixes

  • Removed invalid tenant checks (/organizations or /common) in MTLS flows for AAD/dSTS authorities. Issue #​5093
  • Fixed an issue where specifying a null service config region in MTLS scenarios did not correctly throw an exception. Issue #​5181

4.69.1

4.69.1

Features

  • Enabled broker support on the Linux platform. See Issue #​5086
  • Added a WithCertificate(..., bool associateTokensWithCertificateSerialNumber) overload to enable the use of the certificate's serial number as part of the cache key for tokens. Issue #​5150

Bug Fixes

  • MSAL will now stop replacing "%20" with "+" since it is obsolete. See Issue #​5061
  • Exposed client capabilities in AssertionRequestOptions for MSI FIC scenarios Issue #​4948
  • Added the missing claims in SignedAssertion when using the AssertionRequestOptions Delegate Issue #​5143

4.68.0

Features

  • Added WithFmiPath() api to support FMI scenarios in MSAL. See Issue #​5110
  • MSAL will now pass Client sku and Version to MsalRuntime for MSAL Runtime's client telemetry. See Issue #​5103

Bug Fixes

  • Reordered the condition for ManagedIdentitySource.MachineLearning to be checked after ManagedIdentitySource.AppService instead of before it. See Issue #​5077
  • Improved Managed Identity Source Detection Logging for Debugging. See Issue #​5097
  • When a 404 error occurs, MSAL will now include the endpoint and authority URLs in the exception message for better debugging. See Issue #​4769
  • MSAL will now set UseShellExecute to false in OpenLinuxBrowser. See Issue #​5075
  • Fixed a threading exception when using ExtraQueryParameters. See Issue #​5108

4.67.2

Bug Fixes

  • Fixed an issue with Managed Identity source detection where Azure ML was prioritized incorrectly over Azure App Service, causing token acquisition failures. See Bug #​5077

4.67.1

Bug Fixes

  • Added support for Azure Machine Learning (Azure ML) Managed Identity (MSI) to address missing functionality for token acquisition in Azure Machine Learning environments. See Bug #​4984

4.67.0

New Features

  • MSAL.NET now supports acquiring token for Client Credentials flow with a Subject Name Issuer (SNI) certificate over Mutual TLS (mTLS) for first-party applications. See Issue #​4986
  • Bumped NET SDK from net6 to net8, aligning MSAL.NET with the latest .NET standards and features. See Feature Request #​5025
  • Public API analyzer integrated to enhance API compliance and stability. See Feature Request #​4931

Bug Fixes

  • Improved AcquireTokenSilent logging and handling of Family of Client IDs (FOCI). See Bug #​4988
  • Fixed issues where DurationTotalInMs in AuthenticationResultMetadata differed from Stopwatch measurements. See Bug #​4895
  • Resolved incorrect computation of OTel durations in L1 cache and during the creation of POP tokens. See Bug #​5036
  • Addressed an issue where AbstractAcquireTokenParameterBuilder<T>.WithAdfsAuthority threw exceptions when the tenant ID was null and the authority host URI ended in /adfs. See Bug #​4860
  • Fixed a parsing issue in Managed Identity to align with Azure.Identity's behavior for handling invalid JSON responses. See Bug #​5016

Deprecated

4.66.2

4.66.2

Bug Fixes

  • Fixed a bug where MSAL .NET fails to launch the iOS broker on IOS 18.0.1. See Issue #​4958

4.66.1

Bug Fixes

  • Fixed a bug where MSAL .NET fails to correctly handle the expires_on field for Managed Identity tokens in ISO 8601 format. This fix ensures accurate parsing of ISO 8601 date-time formats during token acquisition. See Issue #​4963

4.66.0

4.66.0

New Features

  • Enabled extended functionality in the MSAL authentication flow through the implementation of IAuthenticationOperation. This allows for custom extensions in the authentication flow by providing an authentication operation interface. See Issue #​4956
  • MSAL.NET will now opt-in to regional ESTS when the environment variable MSAL_FORCE_REGION is set (e.g., MSAL_FORCE_REGION=eastus). This automatically directs MSAL to use the specified region for token acquisition. If the region is explicitly set to "DisableMsalForceRegion", MSAL will not opt-in to regional ESTS. Use of the WithAzureRegion(xyz) API takes precedence over the environment variable. See Issue #​4930

4.65.2-Preview

  • Refactored CDT Prototype
  • Moved prototype to separate folder
  • Removed dependency on MSAL internals

4.65.0

New Features

  • Update telemetry to include the caller SDK details. See Issue #​4863
  • MSAL.Net now exposes an API to enable developers to cache additional values in the token response. See Issue #​4922
  • Managed identity .WithClaims() and .WithClientCapabilities() APIs are now generally available. See Issue #​4921

Bug Fixes

  • Fix a bug where MSAL .Net fails for DSTS authority when using .WithTenantIdFromAuthority(). See Issue #​4927

4.64.1

4.64.0

4.64.0

New Features

  • Added managed identity support for Azure ARC on Linux. See Issue #​4358
  • Added Username and password support for confidential clients. See Issue #​3774

Bug Fixes

  • Resolved SHA2 issues that break custom claims during authentication flows. See Issue #​4868

Commits viewable in compare view.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump Microsoft.Identity.Client.Extensions.Msal from 4.63.0 to 4.74.1
56c776f 
---
updated-dependencies:
- dependency-name: Microsoft.Identity.Client.Extensions.Msal
  dependency-version: 4.74.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added .NET Pull requests that update .net code dependencies Pull requests that update a dependency file labels Aug 7, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 18, 2025

Superseded by #708.

@dependabot dependabot bot closed this Aug 18, 2025
@dependabot dependabot bot deleted the dependabot/nuget/PXWeb/Microsoft.Identity.Client.Extensions.Msal-4.74.1 branch August 18, 2025 03:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .net code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants