MSAL Python 1.8.0

• New feature: A new extra_scopes_to_consent parameter is introduced to the acquire_token_interactive(...) API (#212, #286)
• Adjustment to previous version 1.7.0: Lazy import webbrowser module only when necessary (#287, #288)

MSAL Python 1.7.0

This version contains a bugfix. We recommend all customers to upgrade to this version and upwards. msal>=1.7.0,<2.

• New feature: A new initiate_auth_code_flow() & acquire_token_by_auth_code_flow() API, which automatically provides PKCE protection for you (#276, #255). (You are recommended to use these 2 new APIs to replace the previous get_authorization_request_url() and acquire_token_by_authorization_code().)
• New feature: A new acquire_token_interactive() (#138, #260, #282), comes with a sample (#283)
• Bugfix: Now MSAL Python can properly access those Refresh Tokens which were keyed slightly differently by different apps. (#279, #280)

MSAL Python 1.6.0

• New Feature: ConfidentialClientApplication accepts private key encrypted by a passphrase. (#232, #270)
• Enhancement: Provides different exception and messages while encountering transient error during tenant discovery (#263, #269)

MSAL Python 1.5.1

• Bugfix: We now cache tokens by specified environment, not by OIDC Discovery. This won't matter most of the time, but it can be needed when your tenant is in transitional state while migrating to a different cloud. (#247)
• Bugfix: We now make sure one app's sign-out operation would be successful even when another app is acquiring token from cache at the same time. (#258, #262)

MSAL Python 1.5.0

• Added support for setting client capabilities to enable CAE(Continuous Access Evaluation) (#240, #174)
• Device code endpoint is now fetched from open-id configuration, if available. (#245, #242)
• Fixes in test cases (#239, #211)

MSAL Python 1.4.3

• Bugfix: A side effect in previous release prevented reading some tokens from a different authority alias (#235, #236)

MSAL Python 1.4.2

• Bugfix: Changed case of messageID in WS-Trust Requests (#228 , #230 )
• Bugfix: Removed content-type header sent in request to Mex endpoint (#226 , #227 )
• Bugfix: Bypasses cache lookup for authority alias if no refresh token found (#223, #225 )

MSAL Python 1.4.1

• Reverts Application Initializer will not send network requests introduced in MSAL Python 1.4.0 (#205, #216, #187)

MSAL Python 1.4.0

• Enhancement: Application initializer will not send network requests. (#205, #187)
• Enhancement: Improved handling of errors in ADAL to MSAL token migration scenario. (#209, #208)
• Added changelog in PYPI (#203, #202)
• Other readme and reference docs adjustments (#200, #197)

MSAL Python 1.3.0

• New feature: class ClientApplication accepts a new optional parameter http_client. You can provide your own HTTP client to have different behavior. (#169)
  Please refer to API Reference doc.

• New feature: method get_authorization_request_url() accepts a new optional parameter domain_hint. (#158, #181)
  Please refer to API Reference doc.

• New feature: A new method acquire_token_by_refresh_token() to help migrating refresh tokens from elsewhere to MSAL Python. (#193)
  Its usage is demonstrated in this sample.