Releases: AzureAD/microsoft-authentication-library-for-python
MSAL Python 1.24.0b2
Experimental: Building on top of 1.24.0b1 and includes some adjustment on handling acquire_token_interactive().
MSAL Python 1.24.0
- Enhancement: There may be a new
msal_telemetry
key available in MSAL's acquire token response, currently observed when broker is enabled. Its content and format are opaque to caller. This telemetry blob allows participating apps to collect them via telemetry, and it may help future troubleshooting. (#575) - Enhancement: A new
enable_pii_log
parameter is added intoClientApplication
constructor. When enabled, the broker component may include PII (Personal Identifiable Information) in logs. This may help troubleshooting. (#568, #590)
MSAL Python 1.24.0b1
Experimental: Surface msal telemetry as a long opaque string (#575). This behavior is useful if your app has your own telemetry mechanism and wants to also collect MSAL's telemetry.
MSAL Python 1.23.0
Improvements:
acquire_token_for_client()
will automatically look up tokens from cache (#577). (But all otheracquire_token_...()
methods still require an explicitacquire_token_silent()
in order to utilize token cache.)
MSAL Python 1.22.0
MSAL Python 1.21.0
The API in this new version remains the same as the previous version.
Enhancements:
- Support getting an ssh certificate via broker (#515)
- Support B2C's usage pattern of using client id as a scope (#505, #530)
- MSAL's token cache helper can now be used to store tokens returned by App Service's Managed Identity (#519)
- Switch to a new set of regional endpoints (#513)
- Test matrix covers Python 3.11 (#512)
Known issue:
The following issues were discovered after this version's release: #563
MSAL Python 1.20.0
New feature:
If your app uses MSAL's acquire_token_interactive()
, you can now opt in to use broker on Windows platform to achieve Single-Sign-On (SSO) and also obtain more secure tokens, all without switching the log-in experience to a browser. See details in this online doc, and try it out from this sample. (#451, #415)
For example, after utilizing this new feature, a command-line (CLI) app's login experience would look like this:
Known issue:
The following issues were discovered after this version's release: #563
MSAL Python 1.19.0
- New feature: A new
ClientApplication(..., instance_discovery=False)
parameter to turn off MSAL's Instance Discovery behavior. See more details in its full documentation. Also, ADFS authority will no longer trigger Instance Discovery. (#496) - Enhancement: Use provided authority port when building the tenant discovery endpoint (#484)
- Bugfix: Fix a regression in regional endpoint which affects MSAL Python 1.14+ (#485)
- Enhancement: Tolerate home_account_id to be None
MSAL Python 1.20.0b1
New feature:
If your app uses MSAL's acquire_token_interactive()
, you can now opt in to use broker on Windows platform to achieve Single-Sign-On (SSO) and also obtain more secure tokens, all without switching the log-in experience to a browser. See details in this online doc, and try it out from this sample. (#451, #415)
For example, after utilizing this new feature, a command-line (CLI) app's login experience would look like this:
MSAL Python 1.18.0
(The MSAL Python 1.18.0b1 has been stable in last 2 weeks, and we are now shipping it as 1.18.0)
- New feature: Optional
initiate_auth_code_flow(..., response_mode="form_post")
to allow the auth code being delivered to your app by form post, which is considered even more secure. (#396, #469) - New feature:
acquire_token_interactive(..., prompt="none")
can obtain some tokens from within Cloud Shell, without any prompt. (#420)