Skip to content

Bump Microsoft.Identity.Client from 4.79.2 to 4.82.1#79

Merged
FrodeHus merged 1 commit intomainfrom
dependabot/nuget/server/Microsoft.Identity.Client-4.82.1
Feb 10, 2026
Merged

Bump Microsoft.Identity.Client from 4.79.2 to 4.82.1#79
FrodeHus merged 1 commit intomainfrom
dependabot/nuget/server/Microsoft.Identity.Client-4.82.1

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 9, 2026
edited
Loading

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Updated Microsoft.Identity.Client from 4.79.2 to 4.82.1.

Release notes

Sourced from Microsoft.Identity.Client's releases.

4.82.1

Bug Fixes

  • Remove experimental flag requirement from IAuthenticationOperation #​5699
  • Add security warning to ICustomWebUi documentation #​5704

Changes

  • Adds support for implicit mTLS (Mutual TLS) transport for client assertion delegates #​5670

4.82.0

4.82.0

Highlights

This release expands extensibility for confidential-client authentication (certificates + client assertions), adds additional sovereign cloud environments, and hardens security-sensitive flows (mTLS PoP and system browser auth) with clearer validation and safer defaults.

Features

  • Certificate-based confidential client extensibility: Introduced CertificateOptions and updated WithCertificate extensibility APIs to accept it, including support for passing sendX5C configuration through the options model. (#​5655)
  • Sovereign cloud support: Added instance discovery / authority validation support for Bleu (France), Delos (Germany), and GovSG (Singapore) cloud environments. (#​5671)
  • Client assertion customization: Added WithExtraClientAssertionClaims on AcquireTokenForClientParameterBuilder to enable supplying additional signed claims in client assertions (intended for advanced scenarios and higher-level libraries). (#​5650)
  • mTLS PoP guardrails: Added validation and explicit error handling when mTLS PoP is requested for unsupported environments and/or non-login.* hosts. (#​5684)
  • System browser hardening: Added response_mode=form_post support for the default system browser (loopback) flow. MSAL will enforce form_post and process the authorization response from POST data. (#​5678)

Changes

  • Key Attestation packaging rename: Microsoft.Identity.Client.MtlsPop renamed to Microsoft.Identity.Client.KeyAttestation (assembly/package naming update). (#​5653)

4.81.0

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.80.0...4.81.0

4.80.0

Features

  • Added extensibility APIs—WithCertificate, OnMsalServiceFailure, and OnCompletion—to enable callback handling for certificate injection, retry on MSAL service failure events, and completion notifications #​5573
  • Extend IAuthenticationOperation interface with Async methods in IAuthenticationOperation2 #​5376
  • Enable IAuthenticationOperation2 to reject MSAL cached tokens and fetch new ones from ESTS #​5567

Changes

  • IMDS Source Detection Logic Improvement #​5602
  • Update DesktopOsHelper.IsMac to work properly on .NET 10 + macOS 26 #​5541

Bug Fixes

  • Fix KeyNotFoundException during retry when headers lack correlation ID #​5617
  • Implement Service Exception for IMDS Probe #​5615

Commits viewable in compare view.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Feb 9, 2026
@dependabot dependabot bot requested a review from FrodeHus as a code owner February 9, 2026 20:41
@dependabot dependabot bot added dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code labels Feb 9, 2026
@dependabot
Bump Microsoft.Identity.Client from 4.79.2 to 4.82.1
f142963 
---
updated-dependencies:
- dependency-name: Microsoft.Identity.Client
  dependency-version: 4.82.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/nuget/server/Microsoft.Identity.Client-4.82.1 branch from 4d57e03 to f142963 Compare February 10, 2026 07:09
@FrodeHus FrodeHus merged commit 6b548de into main Feb 10, 2026
2 checks passed
@FrodeHus FrodeHus deleted the dependabot/nuget/server/Microsoft.Identity.Client-4.82.1 branch February 10, 2026 07:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@FrodeHus FrodeHus FrodeHus approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@FrodeHus