microsoft-authentication-library-for-dotnet icon indicating copy to clipboard operation
microsoft-authentication-library-for-dotnet copied to clipboard

Published 20 hours ago verified publisher icon AzureAD

[Feature Request] Expose client capabilities in AssertionRequestOptions for MSI FIC scenarios

Open gladjohn opened this issue 1 year ago • 3 comments

MSAL client type

Managed identity

Problem statement

Update AssertionRequestOptions to handle client capabilities for MSI Federated Identity Credential (FIC) scenarios, ensuring that higher-level SDKs can pass capabilities to MSAL.

Proposed solution

We will introduce a new property ClientCapabilities in the AssertionRequestOptions class to support the passing of capabilities during token acquisition.

Alternatives

No response

gladjohn avatar Oct 01 '24 19:10 gladjohn

Is this needed ? If the app declares client capabilities, then they should simply apply to both the assertion provider and to the CCA object.

bgavrilMS avatar Oct 01 '24 20:10 bgavrilMS

Thinking more about this, it is ok to add to help create the assertion.

bgavrilMS avatar Oct 02 '24 14:10 bgavrilMS

moving to in-progress @bgavrilMS based on our discussion @localden FYI

gladjohn avatar Oct 14 '24 20:10 gladjohn