MSAL Python 1.5.1

• Bugfix: We now cache tokens by specified environment, not by OIDC Discovery. This won't matter most of the time, but it can be needed when your tenant is in transitional state while migrating to a different cloud. (#247)
• Bugfix: We now make sure one app's sign-out operation would be successful even when another app is acquiring token from cache at the same time. (#258, #262)

MSAL Python 1.5.0

• Added support for setting client capabilities to enable CAE(Continuous Access Evaluation) (#240, #174)
• Device code endpoint is now fetched from open-id configuration, if available. (#245, #242)
• Fixes in test cases (#239, #211)

MSAL Python 1.4.3

• Bugfix: A side effect in previous release prevented reading some tokens from a different authority alias (#235, #236)

MSAL Python 1.4.2

• Bugfix: Changed case of messageID in WS-Trust Requests (#228 , #230 )
• Bugfix: Removed content-type header sent in request to Mex endpoint (#226 , #227 )
• Bugfix: Bypasses cache lookup for authority alias if no refresh token found (#223, #225 )

MSAL Python 1.4.1

• Reverts Application Initializer will not send network requests introduced in MSAL Python 1.4.0 (#205, #216, #187)

MSAL Python 1.4.0

• Enhancement: Application initializer will not send network requests. (#205, #187)
• Enhancement: Improved handling of errors in ADAL to MSAL token migration scenario. (#209, #208)
• Added changelog in PYPI (#203, #202)
• Other readme and reference docs adjustments (#200, #197)

MSAL Python 1.3.0

• New feature: class ClientApplication accepts a new optional parameter http_client. You can provide your own HTTP client to have different behavior. (#169)
  Please refer to API Reference doc.

• New feature: method get_authorization_request_url() accepts a new optional parameter domain_hint. (#158, #181)
  Please refer to API Reference doc.

• New feature: A new method acquire_token_by_refresh_token() to help migrating refresh tokens from elsewhere to MSAL Python. (#193)
  Its usage is demonstrated in this sample.

MSAL Python 1.2.0

• New nonce parameter is provided in both get_authorization_request_url(..., nonce=...) and acquire_token_by_authorization_code(..., nonce=...) method, so that you can use them to mitigate replay attacks, per OIDC specs. (#128, #173).

MSAL Python 1.1.0

• New acquire_token_silent_with_error(...) method to expose conditional access error classifications (#143, closes #57).
• App developers can opt in to provide their app's name and version for Microsoft Telemetry, so that we can understand your usage pattern and serve you better. (#136 closes #130)
• Internally,
  • Collect anonymous telemetry data to help us improve MSAL Python (#103)
  • Test cases cover ADFS 2019 on-premise scenarios (#142, closes #132)
  • Switched to our latest lab apis for better test infrastructure (#108, #133, #134, #135)

MSAL Python 1.0.0

• The major version number is bumped to have a 1.0.0 release. This indicates that the API surface in MSAL Python 1.0.0 is now stable and production ready. You may learn more about Versioning from Semantic Versioning FAQ.
• There is no actual change between the previous 0.9.0 release and this release.