Releases: AzureAD/microsoft-authentication-library-for-python
MSAL Python 1.24.1
Includes minor adjustments on handling acquire_token_interactive(). The scope of the issue being addressed was limited to a short-lived sign-in attempt. The potential misuse vector complexity was high, therefore it is unlikely to be reproduced in standard usage scenarios; however, out of abundance of caution, this fix is shipped to align ourselves with Microsoft's policy of secure-by-default.
MSAL Python 1.24.0b2
Experimental: Building on top of 1.24.0b1 and includes some adjustment on handling acquire_token_interactive().
MSAL Python 1.24.0
- Enhancement: There may be a new
msal_telemetry
key available in MSAL's acquire token response, currently observed when broker is enabled. Its content and format are opaque to caller. This telemetry blob allows participating apps to collect them via telemetry, and it may help future troubleshooting. (#575) - Enhancement: A new
enable_pii_log
parameter is added intoClientApplication
constructor. When enabled, the broker component may include PII (Personal Identifiable Information) in logs. This may help troubleshooting. (#568, #590)
MSAL Python 1.24.0b1
Experimental: Surface msal telemetry as a long opaque string (#575). This behavior is useful if your app has your own telemetry mechanism and wants to also collect MSAL's telemetry.
MSAL Python 1.23.0
Improvements:
acquire_token_for_client()
will automatically look up tokens from cache (#577). (But all otheracquire_token_...()
methods still require an explicitacquire_token_silent()
in order to utilize token cache.)
MSAL Python 1.22.0
MSAL Python 1.21.0
The API in this new version remains the same as the previous version.
Enhancements:
- Support getting an ssh certificate via broker (#515)
- Support B2C's usage pattern of using client id as a scope (#505, #530)
- MSAL's token cache helper can now be used to store tokens returned by App Service's Managed Identity (#519)
- Switch to a new set of regional endpoints (#513)
- Test matrix covers Python 3.11 (#512)
Known issue:
The following issues were discovered after this version's release: #563
MSAL Python 1.20.0
New feature:
If your app uses MSAL's acquire_token_interactive()
, you can now opt in to use broker on Windows platform to achieve Single-Sign-On (SSO) and also obtain more secure tokens, all without switching the log-in experience to a browser. See details in this online doc, and try it out from this sample. (#451, #415)
For example, after utilizing this new feature, a command-line (CLI) app's login experience would look like this:
Known issue:
The following issues were discovered after this version's release: #563
MSAL Python 1.19.0
- New feature: A new
ClientApplication(..., instance_discovery=False)
parameter to turn off MSAL's Instance Discovery behavior. See more details in its full documentation. Also, ADFS authority will no longer trigger Instance Discovery. (#496) - Enhancement: Use provided authority port when building the tenant discovery endpoint (#484)
- Bugfix: Fix a regression in regional endpoint which affects MSAL Python 1.14+ (#485)
- Enhancement: Tolerate home_account_id to be None
MSAL Python 1.20.0b1
New feature:
If your app uses MSAL's acquire_token_interactive()
, you can now opt in to use broker on Windows platform to achieve Single-Sign-On (SSO) and also obtain more secure tokens, all without switching the log-in experience to a browser. See details in this online doc, and try it out from this sample. (#451, #415)
For example, after utilizing this new feature, a command-line (CLI) app's login experience would look like this: