Bump Microsoft.Identity.Client and Microsoft.Identity.Client.Broker

[dependabot]

Updated Microsoft.Identity.Client from 4.84.1 to 4.84.2.

Release notes

Sourced from Microsoft.Identity.Client's releases.

4.84.2

New Features

• Added ManagedIdentityApplication.GetManagedIdentityCapabilitiesAsync(CancellationToken) returning a ManagedIdentityCapabilities object that reports the detected managed identity Source, the host's MaxSupportedBindingStrength (new MtlsBindingStrength enum: None, Software, KeyGuard), and a derived IsMtlsPopSupportedByHost. Replaces GetManagedIdentitySourceAsync()/ManagedIdentitySourceResult. The public ManagedIdentitySource.ImdsV2 value is folded into Imds (v1/v2 routing remains internal). #​6049
• Added OID-based user identification to the User Federated Identity Credential (user_fic) flow via AcquireTokenByUserFederatedIdentityCredential(scopes, Guid userObjectId, assertion). #​6050
• Added WithClaimsFromClient(claimsJson) to forward client-originated claims across managed identity and confidential client flows. #​5999
• Added mTLS PoP support for WithCertificate(() => x509) (dynamic certificate credential). #​5957
• Added opt-in token-acquisition metrics covering both successful and failed attempts. #​6004

Changes

• Extended mTLS bearer transport (CertificateOptions.SendCertificateOverMtls) to the OBO, refresh-token, and authorization-code flows. #​6009
• General Availability of the Microsoft.Identity.Client.KeyAttestation package. #​6038
• Managed identity now probes IMDSv2 first and the preview latch was removed. #​6041
• Updated NativeInterop baseline and corrected devapp version ranges. #​6045
• Simplified GetTenantedAuthority in CiamAuthority and DstsAuthority. #​6001

Bug Fixes

• Fixed WithExtraQueryParameters on ManagedIdentityApplicationBuilder bypassing token caching. #​6035
• Guarded HTTP status codes on discovery endpoints in KnownInstanceMetadataIsUpToDateAsync. #​6048
• Detect orphaned KeyGuard certificates via public-key modulus comparison. #​6020

Commits viewable in compare view.

Updated Microsoft.Identity.Client.Broker from 4.84.1 to 4.84.2.

Release notes

Sourced from Microsoft.Identity.Client.Broker's releases.

4.84.2

New Features

• Added ManagedIdentityApplication.GetManagedIdentityCapabilitiesAsync(CancellationToken) returning a ManagedIdentityCapabilities object that reports the detected managed identity Source, the host's MaxSupportedBindingStrength (new MtlsBindingStrength enum: None, Software, KeyGuard), and a derived IsMtlsPopSupportedByHost. Replaces GetManagedIdentitySourceAsync()/ManagedIdentitySourceResult. The public ManagedIdentitySource.ImdsV2 value is folded into Imds (v1/v2 routing remains internal). #​6049
• Added OID-based user identification to the User Federated Identity Credential (user_fic) flow via AcquireTokenByUserFederatedIdentityCredential(scopes, Guid userObjectId, assertion). #​6050
• Added WithClaimsFromClient(claimsJson) to forward client-originated claims across managed identity and confidential client flows. #​5999
• Added mTLS PoP support for WithCertificate(() => x509) (dynamic certificate credential). #​5957
• Added opt-in token-acquisition metrics covering both successful and failed attempts. #​6004

Changes

• Extended mTLS bearer transport (CertificateOptions.SendCertificateOverMtls) to the OBO, refresh-token, and authorization-code flows. #​6009
• General Availability of the Microsoft.Identity.Client.KeyAttestation package. #​6038
• Managed identity now probes IMDSv2 first and the preview latch was removed. #​6041
• Updated NativeInterop baseline and corrected devapp version ranges. #​6045
• Simplified GetTenantedAuthority in CiamAuthority and DstsAuthority. #​6001

Bug Fixes

• Fixed WithExtraQueryParameters on ManagedIdentityApplicationBuilder bypassing token caching. #​6035
• Guarded HTTP status codes on discovery endpoints in KnownInstanceMetadataIsUpToDateAsync. #​6048
• Detect orphaned KeyGuard certificates via public-key modulus comparison. #​6020

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)