microsoft-identity-web

microsoft-identity-web copied to clipboard

[Feature Request] Replace the memory cache and distributed cache implementation with .NET9's Hybrid Cache

2

[**Is your feature request related to a problem? Please describe.** .NET team provides a new library called HybridCache, which by default uses MemoryCache, but can optionally also be configured with...

bgavrilMS

Refresh token not updated in Cache

12

### Microsoft.Identity.Web Library Microsoft.Identity.Web ### Microsoft.Identity.Web version 3.4.0 ### Web app Sign-in users and call web APIs ### Web API Protected web APIs (validating tokens) ### Token cache serialization Distributed...

michiproep

[Feature Request] Add overloads to DefaultCertificateLoader and DefaultCredentialLoader that accept a cancellation token

2

**Is your feature request related to a problem? Please describe.** It's a best practice to have async methods accept and honor a cancellation token. [DefaultCredentialsLoader.LoadCredentialsIfNeededAsync](https://github.com/AzureAD/microsoft-identity-web/blob/011bd155ce3ddedeb43daa7348e09584cfa20552/src/Microsoft.Identity.Web.Certificate/DefaultCredentialsLoader.cs#L59C27-L59C55) uses a semaphore which accepts...

pmaytak

[Feature Request] (or Bug) - AccountID and CacheKey construction overrides

2

**Is your feature request related to a problem? Please describe.** Our B2C tenant/policy provides a feature where certain admin users can (e.g. for support reasons) impersonate another user. After such...

michiproep

[Feature Request] AuthorizeForGroups and AuthorizeForRoles HttpContext extension methods

10

I think it would be great, if Microsoft.Identity.Web provided two extension methods - `AuthorizeForGroupsAsync(string[] groupIds, bool useAppOnly = false)` and `AuthorizeForTenantRolesAsync(string[] roleIds, bool useAppOnly = false)`. # AuthorizeForGroupsAsync I am...

hajekj

Update locking and caching for `OpenIdConnectCachingSecurityTokenProvider`

3

# Update locking and caching for `OpenIdConnectCachingSecurityTokenProvider` - [X] You've read the [Contributor Guide](https://github.com/AzureAD/microsoft-identity-web/blob/master/CONTRIBUTING.md) and [Code of Conduct](https://github.com/AzureAD/microsoft-identity-web/blob/master/CODE_OF_CONDUCT.md). - [ ] You've included unit or integration tests for your change,...

mderriey

Invalidate access token upon SignOut

2

Would it possible to modify the SignOut method in Microsoft.Identity.Web.UI - AccountController.cs to invalidate the user's access token on the server? My app using Microsoft.Identity.Web.UI 1.16.0 and Azure AD B2C....

david-palladino

Calling downstream Graph fails due to incorrect reply address (AADSTS500112) when behind a TLS termination proxy

3

### Microsoft.Identity.Web Library Microsoft.Identity.Web ### Microsoft.Identity.Web version 3.2.2 ### Web app Sign-in users and call web APIs ### Web API Protected web APIs call downstream web APIs ### Token cache...

oddeirik

# Fix certificate reload logic to only trigger on certificate-specific errors - [x] You've read the [Contributor Guide](https://github.com/AzureAD/microsoft-identity-web/blob/master/CONTRIBUTING.md) and [Code of Conduct](https://github.com/AzureAD/microsoft-identity-web/blob/master/CODE_OF_CONDUCT.md). - [x] You've included unit or integration tests...

Copilot

### Microsoft.Identity.Web Library Microsoft.Identity.Web.TokenAcquisition ### Microsoft.Identity.Web version 4.x ### Web app Not Applicable ### Web API Not Applicable ### Token cache serialization Not Applicable ### Description The certificate reload logic...

jmprieur