What's Changed

• Fix prototype code to address CodeQL by @bgavrilMS in #5472
• Update CHANGELOG.md for MSAL 4.77.0 by @gladjohn in #5473
• Mark project as AOT compatible for net 8 by @neha-bhargava in #5458
• Update public api for MSAL Release 4.77.0 by @gladjohn in #5471
• Adjust issuer validation to accept differing paths by @Avery-Dunn in #5466
• Added better error message for OIDC error by @trwalke in #5433
• Remove failing test project from solution to prevent build breaks. by @MZOLN in #5481
• Fix MSB3277 “WindowsBase” conflicts in dev apps by enabling WPF build ref by @gladjohn in #5482
• Remove some flaky tests that were just an overkill by @gladjohn in #5486
• Remove dupe ropc b2c tests by @gladjohn in #5487
• Revert changes made for Http2 by @neha-bhargava in #5462

Full Changelog: 4.77.0...4.77.1

Features

• Added WinUI 3 support for Desktop Broker flows. #5411
• Introduced extensibility API to allow users to add custom HTTP headers to token acquisition requests (under extensibility). #5440

Changes

• Remove passing x-client-os as a query parameter in the authorization URI. #5456
• Bump Microsoft.IdentityModel.Abstractions to a supported version. #5452

Bug fixes

• Remove confusing error text as it only applies to one of many possible causes. #5467

What's Changed

• Removal of ExperimentalFeatures flag on WithMtlsProofOfPossession API: by @gladjohn in #5402
• #5400 Fixing issue that leads to multiple active access tokens in the cache for non-tenanted oidc authority by @andkorsh in #5401
• Add Service Fabric token revocation support by @gladjohn in #5421
• Update NativeInterop package version to 0.19.4 by @ashok672 in #5434
• Adding WithExtraBodyParameters api by @trwalke in #5389
• Enable mTLS Proof‑of‑Possession for Client‑Assertion Delegates by @gladjohn in #5409

New Contributors

• @andkorsh made their first contribution in #5401

Full Changelog: 4.74.1...4.76.0

Bug fixes

• When you configure MSAL with WithOidcAuthority(), the library now confirms that the issuer returned by the OIDC discovery endpoint matches the expected authority (including CIAM patterns) and throws an exception if it does not. #5358

• Re-expose public AuthenticationResult constructor. A public, test-friendly constructor of AuthenticationResult was inadvertently hidden behind [Obsolete] and [EditorBrowsable(Never)]. The constructor is now publicly available again. #5392

Features

• Deprecate ROPC flow in Public Client Applications #5355.
• AuthenticationResult exposes a new BindingCertificate property that returns the X.509 certificate bound to the access token in mTLS-PoP scenarios. #5370.

Bug fixes

• MSAL now honors the DEFAULT_IDENTITY_CLIENT_ID environment variable when acquiring tokens from Azure Machine Learning managed-identity endpoint. #5350.

What's Changed

• Deprecate AcquireTokenByIntegratedWindowsAuth API by @ashok672 in #5345
• Update native interop to 0.19.2 by @fengga in #5362
• update the deprecated openURL(:) api to openURL(:options:completionHandler) by @DharshanBJ in #5354

Full Changelog: 4.73.0...4.73.1

What's Changed

• Add mac broker console app support by @fengga in #5274
• Use HTTP 2 on .NET where possible by @bgavrilMS in #5314
• Expose access token cache count by @bgavrilMS in #5330
• Add an extensibility API - WithFmiPathForClientAssertion … by @bgavrilMS in #5347
• Hide ListOperatingSystemAccounts in intellisense by @ashok672 in #5304
• Reworked retry policy functionality & Created IMDS retry policy by @Robbie-Microsoft in #5231

Full Changelog: 4.72.1...4.73.0

4.72.1

Bug Fixes

• Ensure instance of IMsalHttpClientFactory passed by the user is used for managed identity flows that do not require cert validation. See Issue #5286
• Fix a URL typo in the API comments. See #5277

Full Changelog: 4.72.0...4.72.1

4.72.0

Features

• Added MacOs Broker support. See Issue #5051

Bug Fixes

• Ensure additional cache parameters are persisted in cache serializationIssue #5261

Bug Fixes

• Pass the validate function to the http manager. See Issue #5242
• Change the resource id param for IMDS. See Issue #5238

Full Changelog: 4.71.0...4.71.1