9.2.0: changelog.md with recent changes since May 17th (#197)

9.2.0

New features

• OperationResult and OperationError abstractions:
  Introduced a new OperationResult<TResult, TError> struct and OperationError base class. These provide a discriminated union for representing either a result or an error, improving error handling and propagation.
  See implementation in src/Microsoft.Identity.Abstractions/Results/OperationResult.cs and OperationError.cs.

• DownstreamApiOptions extensibility:
  Added two new properties to DownstreamApiOptions:

  • ExtraHeaderParameters (IDictionary<string, string>?): Set extra headers in HTTP requests to downstream APIs.
  • ExtraQueryParameters (IDictionary<string, string>?): Set extra query parameters in HTTP requests to downstream APIs.
    This enables more flexible API calls and improved integration scenarios.

Fundamentals

• Development guidelines and Copilot integration:

  • Introduced .clinerules/abstractions-guidelines.md, .clinerules/csharp-guidelines.md, .clinerules/ai-guidelines.md, and .github/copilot-instructions.md to formalize and document development, AI assistant, and C# code standards for contributors and tooling.
  • Solution file and README updated to reference these guidelines.

• Analyzer and dependency updates:

  • Bumped analyzer versions in Directory.Build.props for better static analysis (BannedApiAnalyzers and MicrosoftCodeAnalysisPublicApiAnalyzers updated from 3.3.4 to 4.14.0).

9.1.0: Update Directory.Build.props (#188)

9.1.0

New features

• Add a new generic IAuthorizationHeaderProvider to have the possiblity of returning authorization header and metadata or error instead of throwing. For details see #172
• Add Algorithm property to CredentialDescription to describe signing credentials. For details see #182
• Adding serializer for CredentialDescription in .NET 8+. See #176

Fundamentals

• Add dev container to work in Code Spaces. See PR #175
• Adding a doc about CredentialDescription. See PR #181
• Fixing AoT warnings: part 1 - non breaking. See PR #187
• update Readme.md to explain the support policy for the library and the notion of LTS. See PRs 171, 183, , 185

9.0.0

9.0.0

New features

• Added a new class named MicrosoftEntraApplicationOptions inheriting from IdentityApplicationOptions and from which MicrosoftIdentityApplicationOptions inherits. Moved the EntraID specific properties related to web APIs from MicrosoftIdentityApplicationOptions to MicrosoftEntraApplicationOptions. MicrosoftIdentityApplicationOptions now only contains the
  properties related to web apps and B2C. See #165 for details.
• Added a Name property in MicrosoftEntraApplicationOptions to allow for dynamic discovery of ASP.NET Core authentication schemes / named options. See #168 for details.
• Changed the way the ID property is computed in ClientCredentials. All sensitive data is also now replaced by a hash. See #163 for details.
• Added XML comments with recommendations on which CredentialSource not to use in production. See #167 for details.

8.2.0

8.2.0

New feature:

• To support Federated Managed Identities a new parameter FmiPath was added to AcquireTokenOptions. See #161 for details.

8.1.1

8.1.1

**

8.1.0

8.1.0

New features:

• To support certain Federation identity cases, you need to add an additional parameter called TokenExchangeAuthority. This parameter is necessary when the issuer (the entity that issues the token) for the token exchange URL is different from the application's issuer. See #155 for details.
• Added a new interface ICustomSignedAssertionProvider for implementing custom signed assertion providers. This interface includes a Name property for configuration-friendly naming. See issue #153 for details.
• Added extensibility to the CredentialDescription class to support custom signed assertion providers. This includes new properties CustomSignedAssertionProviderName and CustomSignedAssertionProviderData. See issue #146 for details.

What's Changed

• Update changelog.md for 8.0.0 and other post release updates by @jmprieur in #152
• Add customSignedAssertion by @JoshLozensky in #150
• Adding ICustomSignedAssertionProvider by @JoshLozensky in #154
• done with copilot by @jennyf19 in #156

Full Changelog: 8.0.0...8.1.0

8.0.0

Fundamentals

• Removed the Container and ValueOrReference from the public API of CredentialDescription. They were technical debt used for compatibility
  with Microsoft.Identity.Web 1.x, no longer necessary. See PR #151
  for details.

7.2.1

7.2.1

Bug fix:

• Id property in CredentialDescription was derived from secret values, primarily affecting logging (information level) of credential attempts in Microsoft.Identity.Web, it doesn't affect higher log levels because if the failure occurs, it indicates that a credential description has both a credential source that can fail (e.g., certificate) and the ClientSecret property set, which is not a typical scenario. See issue #147 for details.

7.2.0

7.2.0

New features:

• Add AppHomeTenantId to MicrosoftIdentityApplicationOptions to allow multi-tenant applications to specify the AppHomeTenantId to be used for client credentials. See PR #142 and Id Web for details.

What's Changed

• Post release 7.1.0 - Update version to next and move unshipped public API to shipped by @jmprieur in #141
• Add AppHomeTenantId to MicrosoftIdentityApplicationOptions by @msbw2 in #142
• Update changelog.md by @jennyf19 in #143

New Contributors

• @msbw2 made their first contribution in #142

Full Changelog: 7.1.0...7.2.0

7.1.0

7.1.0

New features:

• Add support for internal Microsoft services for token acquisition extensibility. See issue #135 for details.

Engineering excellence

• Add publicAPI, bannedAPI and Async analyzers. See issue #136 for details.
• Fix compiler warnings. See issue #137 for details.