Skip to content

deps: Bump Microsoft.Identity.Client and Microsoft.Identity.Client.Extensions.Msal#1189

Merged
joshsmithxrm merged 1 commit into
mainfrom
dependabot/nuget/multi-7d189f188e
Jun 10, 2026
Merged

deps: Bump Microsoft.Identity.Client and Microsoft.Identity.Client.Extensions.Msal#1189
joshsmithxrm merged 1 commit into
mainfrom
dependabot/nuget/multi-7d189f188e

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 8, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Updated Microsoft.Identity.Client from 4.83.3 to 4.84.2.

Release notes

Sourced from Microsoft.Identity.Client's releases.

4.84.2

New Features

  • Added ManagedIdentityApplication.GetManagedIdentityCapabilitiesAsync(CancellationToken) returning a ManagedIdentityCapabilities object that reports the detected managed identity Source, the host's MaxSupportedBindingStrength (new MtlsBindingStrength enum: None, Software, KeyGuard), and a derived IsMtlsPopSupportedByHost. Replaces GetManagedIdentitySourceAsync()/ManagedIdentitySourceResult. The public ManagedIdentitySource.ImdsV2 value is folded into Imds (v1/v2 routing remains internal). #​6049
  • Added OID-based user identification to the User Federated Identity Credential (user_fic) flow via AcquireTokenByUserFederatedIdentityCredential(scopes, Guid userObjectId, assertion). #​6050
  • Added WithClaimsFromClient(claimsJson) to forward client-originated claims across managed identity and confidential client flows. #​5999
  • Added mTLS PoP support for WithCertificate(() => x509) (dynamic certificate credential). #​5957
  • Added opt-in token-acquisition metrics covering both successful and failed attempts. #​6004

Changes

  • Extended mTLS bearer transport (CertificateOptions.SendCertificateOverMtls) to the OBO, refresh-token, and authorization-code flows. #​6009
  • General Availability of the Microsoft.Identity.Client.KeyAttestation package. #​6038
  • Managed identity now probes IMDSv2 first and the preview latch was removed. #​6041
  • Updated NativeInterop baseline and corrected devapp version ranges. #​6045
  • Simplified GetTenantedAuthority in CiamAuthority and DstsAuthority. #​6001

Bug Fixes

  • Fixed WithExtraQueryParameters on ManagedIdentityApplicationBuilder bypassing token caching. #​6035
  • Guarded HTTP status codes on discovery endpoints in KnownInstanceMetadataIsUpToDateAsync. #​6048
  • Detect orphaned KeyGuard certificates via public-key modulus comparison. #​6020

4.84.1

What's Changed

New Features

  • Added WithReservedScopes and WithCachePartitionKey public API extensions in #​6014
  • Added IAuthenticationOperation3 interface for CDT + mTLS PoP composition in #​5996
  • Added MsalRemainingTokenLifetime histogram metric for token expiry tracking in #​5920

Changes

  • Removed [Obsolete] attribute from WithExtraBodyParameters extension method in #​6006
  • Replaced ConcurrentHashSet with ConcurrentDictionary<T, byte> in #​5975

Bug Fixes

  • Fixed WithTenantId not honoring MSA tenant GUID when specified at request level in #​5958
  • Fixed OBO cache returning multiple_matching_tokens_detected when attributed tokens share a partition in #​5993

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@6ff7075...main (AzureAD/microsoft-authentication-library-for-dotnet@6ff7075...main)

4.84.0

What's Changed

New Features

  • Remove embedded Newtonsoft.Json, migrate to System.Text.Json exclusively in #​5959
  • Expose refresh token via extension and add CacheOptions.DisableInternalCache in #​5947
  • Added support for WithAttributeTokens in #​5888
  • Feature: mTLS Bearer via CertificateOptions.SendCertificateOverMtls in #​5849
  • Remove experimental feature gate from WithClientAssertion(ClientSignedAssertion) overload in #​5945
  • Support forwarding MSAL client metadata headers through IMDS to ESTS in #​5912
  • Add CorrelationId to AssertionRequestOptions for FIC in #​5937
  • Add raw STS error code to MsalFailure metric in #​5961

Bug Fixes

  • Fix: make System.ValueTuple conditional on net462 only in #​5906
  • Fix eager evaluation in ConcurrentDictionary.GetOrAdd calls in #​5950
  • Validate clientSignedAssertionProvider delegate is non-null in WithClientAssertion in #​5956
  • Improve MtlsPopTokenNotSupportedInImdsV1 error message clarity in #​5908
  • Added more checks for issuer validation in #​5931

Improvements

  • Remove region as hard requirement for mTLS PoP flows in #​5902
  • Add in-process MAA token caching to PopKeyAttestor in #​5887
  • Refactor client credential material resolution in #​5835

Dependencies Updates

  • Bump OpenTelemetry version in #​5960

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.83.3...cb59f84 (AzureAD/microsoft-authentication-library-for-dotnet@4.83.3...cb59f84)

Commits viewable in compare view.

Updated Microsoft.Identity.Client.Extensions.Msal from 4.83.3 to 4.84.2.

Release notes

Sourced from Microsoft.Identity.Client.Extensions.Msal's releases.

4.84.2

New Features

  • Added ManagedIdentityApplication.GetManagedIdentityCapabilitiesAsync(CancellationToken) returning a ManagedIdentityCapabilities object that reports the detected managed identity Source, the host's MaxSupportedBindingStrength (new MtlsBindingStrength enum: None, Software, KeyGuard), and a derived IsMtlsPopSupportedByHost. Replaces GetManagedIdentitySourceAsync()/ManagedIdentitySourceResult. The public ManagedIdentitySource.ImdsV2 value is folded into Imds (v1/v2 routing remains internal). #​6049
  • Added OID-based user identification to the User Federated Identity Credential (user_fic) flow via AcquireTokenByUserFederatedIdentityCredential(scopes, Guid userObjectId, assertion). #​6050
  • Added WithClaimsFromClient(claimsJson) to forward client-originated claims across managed identity and confidential client flows. #​5999
  • Added mTLS PoP support for WithCertificate(() => x509) (dynamic certificate credential). #​5957
  • Added opt-in token-acquisition metrics covering both successful and failed attempts. #​6004

Changes

  • Extended mTLS bearer transport (CertificateOptions.SendCertificateOverMtls) to the OBO, refresh-token, and authorization-code flows. #​6009
  • General Availability of the Microsoft.Identity.Client.KeyAttestation package. #​6038
  • Managed identity now probes IMDSv2 first and the preview latch was removed. #​6041
  • Updated NativeInterop baseline and corrected devapp version ranges. #​6045
  • Simplified GetTenantedAuthority in CiamAuthority and DstsAuthority. #​6001

Bug Fixes

  • Fixed WithExtraQueryParameters on ManagedIdentityApplicationBuilder bypassing token caching. #​6035
  • Guarded HTTP status codes on discovery endpoints in KnownInstanceMetadataIsUpToDateAsync. #​6048
  • Detect orphaned KeyGuard certificates via public-key modulus comparison. #​6020

4.84.1

What's Changed

New Features

  • Added WithReservedScopes and WithCachePartitionKey public API extensions in #​6014
  • Added IAuthenticationOperation3 interface for CDT + mTLS PoP composition in #​5996
  • Added MsalRemainingTokenLifetime histogram metric for token expiry tracking in #​5920

Changes

  • Removed [Obsolete] attribute from WithExtraBodyParameters extension method in #​6006
  • Replaced ConcurrentHashSet with ConcurrentDictionary<T, byte> in #​5975

Bug Fixes

  • Fixed WithTenantId not honoring MSA tenant GUID when specified at request level in #​5958
  • Fixed OBO cache returning multiple_matching_tokens_detected when attributed tokens share a partition in #​5993

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@6ff7075...main (AzureAD/microsoft-authentication-library-for-dotnet@6ff7075...main)

4.84.0

What's Changed

New Features

  • Remove embedded Newtonsoft.Json, migrate to System.Text.Json exclusively in #​5959
  • Expose refresh token via extension and add CacheOptions.DisableInternalCache in #​5947
  • Added support for WithAttributeTokens in #​5888
  • Feature: mTLS Bearer via CertificateOptions.SendCertificateOverMtls in #​5849
  • Remove experimental feature gate from WithClientAssertion(ClientSignedAssertion) overload in #​5945
  • Support forwarding MSAL client metadata headers through IMDS to ESTS in #​5912
  • Add CorrelationId to AssertionRequestOptions for FIC in #​5937
  • Add raw STS error code to MsalFailure metric in #​5961

Bug Fixes

  • Fix: make System.ValueTuple conditional on net462 only in #​5906
  • Fix eager evaluation in ConcurrentDictionary.GetOrAdd calls in #​5950
  • Validate clientSignedAssertionProvider delegate is non-null in WithClientAssertion in #​5956
  • Improve MtlsPopTokenNotSupportedInImdsV1 error message clarity in #​5908
  • Added more checks for issuer validation in #​5931

Improvements

  • Remove region as hard requirement for mTLS PoP flows in #​5902
  • Add in-process MAA token caching to PopKeyAttestor in #​5887
  • Refactor client credential material resolution in #​5835

Dependencies Updates

  • Bump OpenTelemetry version in #​5960

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.83.3...cb59f84 (AzureAD/microsoft-authentication-library-for-dotnet@4.83.3...cb59f84)

Commits viewable in compare view.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 8, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 8, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: nuget. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot temporarily deployed to test-dataverse June 8, 2026 09:11 Inactive
@dependabot dependabot Bot temporarily deployed to test-dataverse June 8, 2026 09:11 Inactive
@dependabot dependabot Bot temporarily deployed to test-dataverse June 8, 2026 09:11 Inactive
@dependabot dependabot Bot temporarily deployed to test-dataverse June 8, 2026 09:11 Inactive
@dependabot dependabot Bot temporarily deployed to test-dataverse June 8, 2026 09:11 Inactive
This was referenced Jun 8, 2026
Closed
Closed
@dependabot
deps: Bump Microsoft.Identity.Client and Microsoft.Identity.Client.Ex…
9dbfcf3 
…tensions.Msal

Bumps Microsoft.Identity.Client from 4.83.3 to 4.84.2
Bumps Microsoft.Identity.Client.Extensions.Msal from 4.83.3 to 4.84.2

---
updated-dependencies:
- dependency-name: Microsoft.Identity.Client
  dependency-version: 4.84.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: Microsoft.Identity.Client.Extensions.Msal
  dependency-version: 4.84.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/nuget/multi-7d189f188e branch from f28c1bc to 9dbfcf3 Compare June 8, 2026 21:47
@dependabot dependabot Bot temporarily deployed to test-dataverse June 8, 2026 21:47 Inactive
@dependabot dependabot Bot temporarily deployed to test-dataverse June 8, 2026 21:47 Inactive
@dependabot dependabot Bot temporarily deployed to test-dataverse June 8, 2026 21:47 Inactive
@dependabot dependabot Bot temporarily deployed to test-dataverse June 8, 2026 21:47 Inactive
@dependabot dependabot Bot temporarily deployed to test-dataverse June 8, 2026 21:47 Inactive
@joshsmithxrm joshsmithxrm enabled auto-merge (squash) June 10, 2026 09:17
@joshsmithxrm joshsmithxrm merged commit 80b5e36 into main Jun 10, 2026
22 checks passed
@joshsmithxrm joshsmithxrm deleted the dependabot/nuget/multi-7d189f188e branch June 10, 2026 09:17
@github-project-automation github-project-automation Bot moved this from Todo to Done in PPDS Roadmap Jun 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

PPDS Roadmap
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@joshsmithxrm