Skip to content
Jean-Marc Prieur edited this page Feb 11, 2021 · 26 revisions

Microsoft.Identity.Web 1.6.0 released

Simplification of the API

When using the delegates overrides, no need to repeat in EnableTokenAcquisitionToCallDownstreamApi what you already specified in AddMicrosoftIdentityWebXXX

Until Microsoft.Identity.Web 1.6.0, when you were using the delegates overrides of AddMicrosoftIdentityWebApp, AddMicrosoftIdentityWebApi, and EnableTokenAcquisitionToCallDownstreamApi, you had to re-specify, in EnableTokenAcquisitionToCallDownstreamApi some ConfidentialClientApplicationOptions (ClientId, Instance, TenantId), that you had already specified in AddMicrosoftIdentityWebApp or AddMicrosoftIdentityWebApi. Microsoft.Identity.Web 1.6.0 fixes this, and you only need to provide the very options which would not be already in MicrosoftIdentityOptions.

Validating scopes in web APIs is now easier

Until now, you had, in each controller or page action to verify the scopes accepted by a web API, even if this scopes were the same for all the actions of a controller for example

From Microsoft.Identity.Web 1.6.0, you can achieve the same result by adding an attribute, which takes directly the scopes to validate, or a key to the configuration settings where to look for these scopes

It's easier to rotate decrypt certificates

When a web API requires token encryption, you were on your own to rotate the certificates. It's now possible to specific several TokenDecryption certificate descriptions in the configuration, and Microsoft.Identity.Web will do the right thing to use the right one.

Microsoft.Identity.Web templates enable you to create Azure functions and gRPC services protected with Azure AD and Azure AD B2C.

Microsoft.Identity.Web now supports (in addition to web apps, web APIs, and blazor apps), Azure functions and gRPC services, protected by the MIcrosoft.Identity.Platform. These behave like web APIs, and therefore, protected with AAD, can call Microsoft Graph or downstream APIs.

Microsoft.Identity.Web.ProjectTemplates.1.6.0 and above also contains project templates to create these Azure functions and web APIs.

image

ASP.NET, or .NET Framework applications now benefit from help to load certificates (including from KeyVault)

In the continuation of version 1.4.0 where Microsoft.Identity.Web provided token cache serialization for ASP.NET framework and .NET framework, version 1.6.0 now adds support for certificate description and loading.

Two samples were updated to show how to do:

  • .NET Core daemon app:
  • v1-to-v2 token cache migration

Performance improvement in the cache for AcquireTokenForApp in multi-tenant applications

cache key in ForApp =>

Getting started with Microsoft Identity Web

Token cache serialization

Web apps

Web APIs

Daemon scenario

Advanced topics

FAQ

News

Contribute

Other resources

Clone this wiki locally