MSAL Python 1.27.0b2

This beta release is a preview for the broker-on-Mac support. You can install it by pip install msal==1.27.0b2. Please refer to this staged API Reference Doc for how to opt into this new feature.

_{(Note to MSAL maintenance team: The tag was accidentally named "...b1", while the actual version number was "...b2". This is not a problem when we eventually do it right when shipping the stable "1.27.0" in the future.)}

MSAL Python 1.26.0

• Do not auto-detect region if app developer does not opt-in to region (#629, #630)
• Support Proof-of-Possession (PoP) for Public Client based on broker (#511)

MSAL Python 1.25.0

• Deprecation: allow_broker will be replaced by enable_broker_on_windows (#613)
• Bugfix: Device Code Flow (and Username Password Flow) and its subsequent silent request will automatically bypass broker and succeed. (#569)
• Enhancement: acquire_token_interactive() supports running inside Docker
• Observability: Successful token response will contain a new token_source field to indicate where the token was obtained from: identity_provider, cache or broker. (#610)

MSAL Python 1.24.1

Includes minor adjustments on handling acquire_token_interactive(). The scope of the issue being addressed was limited to a short-lived sign-in attempt. The potential misuse vector complexity was high, therefore it is unlikely to be reproduced in standard usage scenarios; however, out of abundance of caution, this fix is shipped to align ourselves with Microsoft's policy of secure-by-default.

MSAL Python 1.24.0b2

Experimental: Building on top of 1.24.0b1 and includes some adjustment on handling acquire_token_interactive().

MSAL Python 1.24.0

• Enhancement: There may be a new msal_telemetry key available in MSAL's acquire token response, currently observed when broker is enabled. Its content and format are opaque to caller. This telemetry blob allows participating apps to collect them via telemetry, and it may help future troubleshooting. (#575)
• Enhancement: A new enable_pii_log parameter is added into ClientApplication constructor. When enabled, the broker component may include PII (Personal Identifiable Information) in logs. This may help troubleshooting. (#568, #590)

MSAL Python 1.24.0b1

Experimental: Surface msal telemetry as a long opaque string (#575). This behavior is useful if your app has your own telemetry mechanism and wants to also collect MSAL's telemetry.

MSAL Python 1.23.0

Improvements:

• acquire_token_for_client() will automatically look up tokens from cache (#577). (But all other acquire_token_...() methods still require an explicit acquire_token_silent() in order to utilize token cache.)

MSAL Python 1.22.0

New feature:

• Support CIAM authorities in the form of "tenant.ciamlogin.com/*" (#520)

Known issue:
The following issues were discovered after this version's release: #563

MSAL Python 1.21.0

The API in this new version remains the same as the previous version.

Enhancements:

• Support getting an ssh certificate via broker (#515)
• Support B2C's usage pattern of using client id as a scope (#505, #530)
• MSAL's token cache helper can now be used to store tokens returned by App Service's Managed Identity (#519)
• Switch to a new set of regional endpoints (#513)
• Test matrix covers Python 3.11 (#512)

Known issue:
The following issues were discovered after this version's release: #563