You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Official support for Sign in with Apple (preview): Apple is now added to our list of providers for which we offer first class support. This simplified experience can be enabled by configuring an Apple registration like our existing built in providers through the config file, while we work on adding support to this provider on the portal and via ARM. More information on setting up this provider can be found here: https://docs.microsoft.com/en-us/azure/app-service/configure-authentication-provider-apple. This provider can still be configured as a custom OpenID Connect provider, but by using the built-in provider, you'll receive first class support for the provider and have access to Apple specific features, such as the refresh endpoint.
Added support for form_post for custom OpenID Connect providers: The custom OpenID Connect provider now supports identity providers that relay the authorization code and state back to the callback url both in query string parameters and via form_post.
Bug Fixes
Legacy app settings (WEBSITE_AUTH_HIDE_DEPRECATED_SID, WEBSITE_AUTH_ZUMO_USE_TOKEN_STORE_CLAIMS, WEBSITE_AUTH_USE_LEGACY_CLAIMS, WEBSITE_AUTH_CONFIG_DIR) were not configurable when apps were using file based configuration. These app settings are now read in even when an app is using file based configuration.
The field loginParameterNames in the login object within a custom OpenID Connect provider config was accepting an array of entries in the form "queryStringParameterName=queryStringParameterValue" but was not correctly appending the key value pairs to the login request. This release fixes this bug and adds all key-value pairs in the loginParameterNames object to the login request against the identity provider.
The custom OpenID Connect providers were not correctly handling providers that had query string parameters in the authorization and token endpoints. This custom provider can now gracefully handle query string parameters in the authorization and token endpoints.
What's New
Bug Fixes
Please use Azure/app-service-announcements-discussions#212 for discussions related to this middleware version.
The text was updated successfully, but these errors were encountered: