4.14.0
New Features
MSAL no longer calls the OIDC metadata endpoint, as it can infer the authorization and token URLs based on the authority URL. This will speed up token acquisition, especially for multi-tenant applications, as fewer network calls will be made. For details see Issue for details
Client throttling extended support MSAL will throttle all /token calls during an event in which the server sends a Retry-After header, thus ensuring the Retry-After instruction is observed. MSAL will also throttle server requests that result in MsalUiRequiredException
being thrown, for example when the user is required to perform MFA but the app keeps trying to acquire a token silently. For details see Issue for details
Bug Fixes
MSAL .NET now respects the ValidateAuthority=false flag. See Issue for details
Resolved an issue with the Android broker - when Authenticator / Company Portal is configured but it is not installed, MSAL should revert to using its own cache to try to perform the AcquireTokenSilent call. Issue for details
Fixed android broker prompt parameter MSAL will now send the correct UI Behavior prompt value to the broker for authentication.