Skip to content

Bump Microsoft.Identity.Client from 4.67.2 to 4.83.3#381

Merged
mergify[bot] merged 1 commit intomainfrom
dependabot/nuget/GraphOrgExample/Microsoft.Identity.Client-4.83.3
May 4, 2026
Merged

Bump Microsoft.Identity.Client from 4.67.2 to 4.83.3#381
mergify[bot] merged 1 commit intomainfrom
dependabot/nuget/GraphOrgExample/Microsoft.Identity.Client-4.83.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 4, 2026
edited
Loading

Updated Microsoft.Identity.Client from 4.67.2 to 4.83.3.

Release notes

Sourced from Microsoft.Identity.Client's releases.

4.83.3

New Features

  • Added support for User Federated Identity Credential (UserFIC) scenarios through the IByUserFederatedIdentityCredential interface and user_fic grant type. #​5802

Changes

  • Updated NativeInterop to version 0.20.3. #​5866

Bug Fixes

  • Fixed response handling in HttpListenerInterceptor.cs to ensure the full response is properly closed. #​5478
  • Fixed macOS detection to include maccatalyst target in desktop platform checks.#​5882

Infrastructure & Dependencies

  • Extracted reusable MSAL test infrastructure into Microsoft.Identity.Lab.API. #​5864

4.83.1

Bug Fixes

4.83.0

New Features

  • Agent Skills: Added Agent Skills catalog with complete coverage of both Confidential Client Authentication and mTLS PoP flows #​5733
  • mTLS PoP Skills Guide: Added comprehensive guide for GitHub Copilot Chat covering MSAL.NET authentication, mTLS Proof of Possession, and Federated Identity Credentials #​5790

Changes

  • Credential Guard Attestation: Integrated native DLL handling for Credential Guard attestation with centralized versioning #​5674

Bug Fixes

  • IMDSv2 mTLS Auto-Recovery: Implemented automatic recovery from SCHANNEL handshake failures by evicting cached certificates and re-minting #​5761
  • Managed Identity Fallback Behavior: Restored classic fallback behavior in MSAL MI unless GetManagedIdentitySourceAsync() is explicitly invoked #​5815
  • Attestation Token Expiration: Exposed expires_on field in attestation tokens for better token lifecycle management #​5741
  • Service Fabric API Version: Updated Service Fabric managed identity API version from 2019-07-01-preview to 2020-05-01 #​5781
  • Cached Token Validation: Enhanced ValidateCachedTokenAsync to work properly with multiple APIs beyond the initial scope #​5764
  • Client Credentials Tenant ID: Updated result to properly pass tenant ID in client credentials flow #​5754
  • Experimental Flag Removal: Removed experimental flag requirement from IAuthenticationOperation and WithAuthenticationExtension #​5699
  • OpenTelemetry Exception Handling: Expanded OTel exception handling for Azure Functions compatibility #​5720
  • ICustomWebUi Security Warning: Added security warnings to ICustomWebUi documentation #​5704

Infrastructure & Dependencies

  • GitHub Actions Workflow: Added GitHub Actions workflow for Managed Identity WebAPI automated build and deployment to Azure #​5751
  • .NET SDK Security Update: Updated .NET SDK from version 8.0.415 to 8.0.418 to address high severity security vulnerabilities #​5779 #​5783

4.82.1

Bug Fixes

  • Remove experimental flag requirement from IAuthenticationOperation #​5699
  • Add security warning to ICustomWebUi documentation #​5704

Changes

  • Adds support for implicit mTLS (Mutual TLS) transport for client assertion delegates #​5670

4.82.0

4.82.0

Highlights

This release expands extensibility for confidential-client authentication (certificates + client assertions), adds additional sovereign cloud environments, and hardens security-sensitive flows (mTLS PoP and system browser auth) with clearer validation and safer defaults.

Features

  • Certificate-based confidential client extensibility: Introduced CertificateOptions and updated WithCertificate extensibility APIs to accept it, including support for passing sendX5C configuration through the options model. (#​5655)
  • Sovereign cloud support: Added instance discovery / authority validation support for Bleu (France), Delos (Germany), and GovSG (Singapore) cloud environments. (#​5671)
  • Client assertion customization: Added WithExtraClientAssertionClaims on AcquireTokenForClientParameterBuilder to enable supplying additional signed claims in client assertions (intended for advanced scenarios and higher-level libraries). (#​5650)
  • mTLS PoP guardrails: Added validation and explicit error handling when mTLS PoP is requested for unsupported environments and/or non-login.* hosts. (#​5684)
  • System browser hardening: Added response_mode=form_post support for the default system browser (loopback) flow. MSAL will enforce form_post and process the authorization response from POST data. (#​5678)

Changes

  • Key Attestation packaging rename: Microsoft.Identity.Client.MtlsPop renamed to Microsoft.Identity.Client.KeyAttestation (assembly/package naming update). (#​5653)

4.81.0

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.80.0...4.81.0

4.80.0

Features

  • Added extensibility APIs—WithCertificate, OnMsalServiceFailure, and OnCompletion—to enable callback handling for certificate injection, retry on MSAL service failure events, and completion notifications #​5573
  • Extend IAuthenticationOperation interface with Async methods in IAuthenticationOperation2 #​5376
  • Enable IAuthenticationOperation2 to reject MSAL cached tokens and fetch new ones from ESTS #​5567

Changes

  • IMDS Source Detection Logic Improvement #​5602
  • Update DesktopOsHelper.IsMac to work properly on .NET 10 + macOS 26 #​5541

Bug Fixes

  • Fix KeyNotFoundException during retry when headers lack correlation ID #​5617
  • Implement Service Exception for IMDS Probe #​5615

4.79.2

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.79.0...4.79.2

4.79.0

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.78.0...4.79.0

4.78.0

Changes

  • Update SDK version from 8.0.404 to 8.0.415. #​5543
  • Hide / deprecate some obscure APIs. #​5484

Bug Fixes

  • Support Android edge-to-edge. #​5499
  • Android broker does not support ADFS authority. #​5522

4.77.1

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.77.0...4.77.1

4.77.0

Features

Changes

Bug fixes

4.76.0

What's Changed

New Contributors

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.74.1...4.76.0

4.74.1

Bug fixes

4.74.0

Features

Bug fixes

4.73.1

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.73.0...4.73.1

4.73.0

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.72.1...4.73.0

4.72.1

4.72.1

Bug Fixes

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.72.0...4.72.1

4.72.0

4.72.0

Features

Bug Fixes

  • Ensure additional cache parameters are persisted in cache serializationIssue #​5261

4.71.1

Bug Fixes

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.71.0...4.71.1

4.71.0

Bug Fixes

  • Enable the Service Fabric flow to get a httpClient from the factory with ssl validation callback. See Issue #​5220

Full changelog: 4.70.2 .. 4.71.0

4.70.2

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.70.1...4.70.2

4.70.1

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.70.0...4.70.1

4.70.0

Features

  • Added a .WithAccessTokenSha256ToRefresh() method to AcquireTokenForClientParameterBuilder for ConfidentialClientApplication, allowing finer control over token refresh scenarios. Issue #​5111, PR #​5179
  • Added TokenCacheNotificationArgs.NoDistributedCacheUseReason in order to indicate that the configured serialized cache should not be a distributed cache to prevent issues when acquiring tokens. Issue #​5199

Bug Fixes

  • Removed invalid tenant checks (/organizations or /common) in MTLS flows for AAD/dSTS authorities. Issue #​5093
  • Fixed an issue where specifying a null service config region in MTLS scenarios did not correctly throw an exception. Issue #​5181

4.69.1

4.69.1

Features

  • Enabled broker support on the Linux platform. See Issue #​5086
  • Added a WithCertificate(..., bool associateTokensWithCertificateSerialNumber) overload to enable the use of the certificate's serial number as part of the cache key for tokens. Issue #​5150

Bug Fixes

  • MSAL will now stop replacing "%20" with "+" since it is obsolete. See Issue #​5061
  • Exposed client capabilities in AssertionRequestOptions for MSI FIC scenarios Issue #​4948
  • Added the missing claims in SignedAssertion when using the AssertionRequestOptions Delegate Issue #​5143

4.68.0

Features

  • Added WithFmiPath() api to support FMI scenarios in MSAL. See Issue #​5110
  • MSAL will now pass Client sku and Version to MsalRuntime for MSAL Runtime's client telemetry. See Issue #​5103

Bug Fixes

  • Reordered the condition for ManagedIdentitySource.MachineLearning to be checked after ManagedIdentitySource.AppService instead of before it. See Issue #​5077
  • Improved Managed Identity Source Detection Logging for Debugging. See Issue #​5097
  • When a 404 error occurs, MSAL will now include the endpoint and authority URLs in the exception message for better debugging. See Issue #​4769
  • MSAL will now set UseShellExecute to false in OpenLinuxBrowser. See Issue #​5075
  • Fixed a threading exception when using ExtraQueryParameters. See Issue #​5108

Commits viewable in compare view.

@dependabot dependabot Bot added .NET Pull requests that update .net code dependencies Pull requests that update a dependency file labels May 4, 2026
mergify[bot]
mergify Bot approved these changes May 4, 2026
View reviewed changes
Copy link
Copy Markdown

@mergify mergify Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automatically approving dependabot

@dependabot
Bump Microsoft.Identity.Client from 4.67.2 to 4.83.3
e3980b5 
---
updated-dependencies:
- dependency-name: Microsoft.Identity.Client
  dependency-version: 4.83.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/nuget/GraphOrgExample/Microsoft.Identity.Client-4.83.3 branch from fc62184 to e3980b5 Compare May 4, 2026 01:08
@mergify mergify Bot merged commit db4ec20 into main May 4, 2026
5 checks passed
@dependabot dependabot Bot deleted the dependabot/nuget/GraphOrgExample/Microsoft.Identity.Client-4.83.3 branch May 4, 2026 01:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mergify mergify[bot] mergify[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .net code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants