Copilot

# Fix certificate reload logic to only trigger on certificate-specific errors - [x] You've read the [Contributor Guide](https://github.com/AzureAD/microsoft-identity-web/blob/master/CONTRIBUTING.md) and [Code of Conduct](https://github.com/AzureAD/microsoft-identity-web/blob/master/CODE_OF_CONDUCT.md). - [x] You've included unit or integration tests...

Add AddMicrosoftIdentityMessageHandler extension methods for IHttpClientBuilder

2

# Add AddMicrosoftIdentityMessageHandler extension methods for IHttpClientBuilder - [x] You've read the [Contributor Guide](https://github.com/AzureAD/microsoft-identity-web/blob/master/CONTRIBUTING.md) and [Code of Conduct](https://github.com/AzureAD/microsoft-identity-web/blob/master/CODE_OF_CONDUCT.md). - [x] You've included unit or integration tests for your change, where...

# Documentation: Clarify managed identity credential types for containerized vs. VM/App Service deployments - [x] You've read the [Contributor Guide](https://github.com/AzureAD/microsoft-identity-web/blob/master/CONTRIBUTING.md) and [Code of Conduct](https://github.com/AzureAD/microsoft-identity-web/blob/master/CODE_OF_CONDUCT.md). - [x] You've included unit or...

Add comprehensive authority configuration and precedence documentation

1

# Add comprehensive authority configuration and precedence documentation - [x] You've read the [Contributor Guide](https://github.com/AzureAD/microsoft-identity-web/blob/master/CONTRIBUTING.md) and [Code of Conduct](https://github.com/AzureAD/microsoft-identity-web/blob/master/CODE_OF_CONDUCT.md). - [x] You've included unit or integration tests for your change,...

# Throw InvalidOperationException with actionable message when custom credential not registered - [x] You've read the [Contributor Guide](https://github.com/AzureAD/microsoft-identity-web/blob/master/CONTRIBUTING.md) and [Code of Conduct](https://github.com/AzureAD/microsoft-identity-web/blob/master/CODE_OF_CONDUCT.md). - [x] You've included unit or integration tests...

Adopt .NET configuration binding source generators for net8.0/net9.0 (AOT compatibility)

2

Adopt .NET Configuration Binding Source Generators for net8.0/net9.0 (AOT compatibility) This PR refactors configuration binding code to use source generator-powered APIs for AOT compatibility on .NET 8.0 and 9.0 target...

Extract shared WWW-Authenticate challenge handling as internal helper

1

## Overview This PR extracts duplicate WWW-Authenticate challenge handling logic from `DownstreamApi` and `MicrosoftIdentityMessageHandler` into a shared internal helper, improving maintainability and fixing a bug where `ForceRefresh` was incorrectly set...

## Overview This PR implements a Roslyn Analyzer package (`Microsoft.Identity.Web.Analyzers`) to help developers migrate from Microsoft.Identity.Web v3.x to v4.0.0 by detecting obsolete APIs and breaking changes at compile time. ##...

## Problem When `MicrosoftIdentityApplicationOptions` are not properly configured for an authentication scheme, developers encounter a misleading error message: ``` IDW10503: Cannot determine the cloud Instance. The provided authentication scheme was...

This PR adds comprehensive developer documentation for the Microsoft.Identity.Web.Certificateless feature by introducing a new file: `src/Microsoft.Identity.Web.Certificateless/README-certificateless.md`. ## Overview The certificateless feature enables confidential client flows in Microsoft Entra ID (Azure...