Microsoft.Identity.Abstractions 9.0.0

Prefix Reserved
.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher. .NET Standard 2.0 This package targets .NET Standard 2.0. The package is compatible with this framework or higher. .NET Framework 4.6.2 This package targets .NET Framework 4.6.2. The package is compatible with this framework or higher. 
dotnet add package Microsoft.Identity.Abstractions --version 9.0.0
                    


                    

                
NuGet\Install-Package Microsoft.Identity.Abstractions -Version 9.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Microsoft.Identity.Abstractions" Version="9.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Microsoft.Identity.Abstractions" Version="9.0.0" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Microsoft.Identity.Abstractions" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Microsoft.Identity.Abstractions --version 9.0.0
                    


                    

                
#r "nuget: Microsoft.Identity.Abstractions, 9.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#addin nuget:?package=Microsoft.Identity.Abstractions&version=9.0.0
                    


                            Install Microsoft.Identity.Abstractions as a Cake Addin
                        

                    

                
#tool nuget:?package=Microsoft.Identity.Abstractions&version=9.0.0
                    


                            Install Microsoft.Identity.Abstractions as a Cake Tool

CI

Microsoft.Identity.Abstractions

Microsoft.Identity.Abstractions contain interfaces and POCO classes used in the Microsoft .NET authentication libraries (Microsoft.IdentityModel, MSAL.NET and Microsoft.Identity.Web). It exposes concepts in three domains:

Concepts

Overview of the data classes

the following diagram provides an overview of the data classes exposed by Microsoft.Identity.Abstractions

classDiagram
        namespace ApplicationOptions {
    class CredentialDescription {
    &lt;&lt;ro&gt;&gt; +string Id
    &lt;&lt;rw&gt;&gt; +CredentialSource SourceType
    &lt;&lt;rw&gt;&gt; +string KeyVaultUrl
    &lt;&lt;rw&gt;&gt; +string CertificateStorePath
    &lt;&lt;rw&gt;&gt; +string CertificateDistinguishedName
    &lt;&lt;rw&gt;&gt; +string KeyVaultCertificateName
    &lt;&lt;rw&gt;&gt; +string CertificateThumbprint
    &lt;&lt;rw&gt;&gt; +string CertificateDiskPath
    &lt;&lt;rw&gt;&gt; +string CertificatePassword
    &lt;&lt;rw&gt;&gt; +string Base64EncodedValue
    &lt;&lt;rw&gt;&gt; +string ClientSecret
    &lt;&lt;rw&gt;&gt; +string ManagedIdentityClientId
    &lt;&lt;rw&gt;&gt; +string SignedAssertionFileDiskPath
    &lt;&lt;rw&gt;&gt; +AuthorizationHeaderProviderOptions DecryptKeysAuthenticationOptions
    &lt;&lt;rw&gt;&gt; +string TokenExchangeAuthority
    &lt;&lt;rw&gt;&gt; +X509Certificate2 Certificate
    &lt;&lt;rw&gt;&gt; +Object CachedValue
    &lt;&lt;rw&gt;&gt; +bool Skip
    &lt;&lt;ro&gt;&gt; +CredentialType CredentialType
    &lt;&lt;rw&gt;&gt; +string TokenExchangeUrl
    &lt;&lt;rw&gt;&gt; +string CustomSignedAssertionProviderName
    &lt;&lt;rw&gt;&gt; +Dictionary&lt;string, Object&gt; CustomSignedAssertionProviderData
    }
    class CredentialSource { <<enum>>
    Certificate = 0
    KeyVault = 1
    Base64Encoded = 2
    Path = 3
    StoreWithThumbprint = 4
    StoreWithDistinguishedName = 5
    ClientSecret = 6
    SignedAssertionFromManagedIdentity = 7
    SignedAssertionFilePath = 8
    SignedAssertionFromVault = 9
    AutoDecryptKeys = 10
    CustomSignedAssertion = 11
    }
    class CredentialType { <<enum>>
    Certificate = 0
    Secret = 1
    SignedAssertion = 2
    DecryptKeys = 3
    }
    class IdentityApplicationOptions {
    &lt;&lt;rw&gt;&gt; +string Authority
    &lt;&lt;rw&gt;&gt; +string ClientId
    &lt;&lt;rw&gt;&gt; +bool EnablePiiLogging
    &lt;&lt;rw&gt;&gt; +IDictionary&lt;string, string&gt; ExtraQueryParameters
    &lt;&lt;rw&gt;&gt; +IEnumerable&lt;CredentialDescription&gt; ClientCredentials
    &lt;&lt;rw&gt;&gt; +string Audience
    &lt;&lt;rw&gt;&gt; +IEnumerable&lt;string&gt; Audiences
    &lt;&lt;rw&gt;&gt; +IEnumerable&lt;CredentialDescription&gt; TokenDecryptionCredentials
    &lt;&lt;rw&gt;&gt; +bool AllowWebApiToBeAuthorizedByACL
    }
    class MicrosoftEntraApplicationOptions {
    &lt;&lt;rw&gt;&gt; +string Instance
    &lt;&lt;rw&gt;&gt; +string TenantId
    &lt;&lt;rw&gt;&gt; +string Authority
    &lt;&lt;rw&gt;&gt; +string AppHomeTenantId
    &lt;&lt;rw&gt;&gt; +string AzureRegion
    &lt;&lt;rw&gt;&gt; +IEnumerable&lt;string&gt; ClientCapabilities
    &lt;&lt;rw&gt;&gt; +bool SendX5C
    }
    class MicrosoftIdentityApplicationOptions {
    &lt;&lt;rw&gt;&gt; +bool WithSpaAuthCode
    &lt;&lt;rw&gt;&gt; +string Domain
    &lt;&lt;rw&gt;&gt; +string EditProfilePolicyId
    &lt;&lt;rw&gt;&gt; +string SignUpSignInPolicyId
    &lt;&lt;rw&gt;&gt; +string ResetPasswordPolicyId
    &lt;&lt;ro&gt;&gt; +string DefaultUserFlow
    &lt;&lt;rw&gt;&gt; +string ResetPasswordPath
    &lt;&lt;rw&gt;&gt; +string ErrorPath
    }
 }

        namespace TokenAcquisition {
    class AcquireTokenOptions {
    +AcquireTokenOptions Clone()
    &lt;&lt;rw&gt;&gt; +string AuthenticationOptionsName
    &lt;&lt;rw&gt;&gt; +Nullable&lt;Guid&gt; CorrelationId
    &lt;&lt;rw&gt;&gt; +IDictionary&lt;string, string&gt; ExtraQueryParameters
    &lt;&lt;rw&gt;&gt; +IDictionary&lt;string, Object&gt; ExtraParameters
    &lt;&lt;rw&gt;&gt; +IDictionary&lt;string, string&gt; ExtraHeadersParameters
    &lt;&lt;rw&gt;&gt; +string Claims
    &lt;&lt;rw&gt;&gt; +string FmiPath
    &lt;&lt;rw&gt;&gt; +bool ForceRefresh
    &lt;&lt;rw&gt;&gt; +string PopPublicKey
    &lt;&lt;rw&gt;&gt; +string PopClaim
    &lt;&lt;rw&gt;&gt; +ManagedIdentityOptions ManagedIdentity
    &lt;&lt;rw&gt;&gt; +string LongRunningWebApiSessionKey
    &lt;&lt;ro&gt;&gt; +string LongRunningWebApiSessionKeyAuto
    &lt;&lt;rw&gt;&gt; +string Tenant
    &lt;&lt;rw&gt;&gt; +string UserFlow
    }
    class AcquireTokenResult {
    &lt;&lt;rw&gt;&gt; +string AccessToken
    &lt;&lt;rw&gt;&gt; +DateTimeOffset ExpiresOn
    &lt;&lt;rw&gt;&gt; +string TenantId
    &lt;&lt;rw&gt;&gt; +string IdToken
    &lt;&lt;rw&gt;&gt; +IEnumerable&lt;string&gt; Scopes
    &lt;&lt;rw&gt;&gt; +Guid CorrelationId
    &lt;&lt;rw&gt;&gt; +string TokenType
    }
    class ITokenAcquirer { <<interface>>
    +Task&lt;AcquireTokenResult&gt; GetTokenForUserAsync(IEnumerable&lt;string&gt; scopes, AcquireTokenOptions tokenAcquisitionOptions, ClaimsPrincipal user, CancellationToken cancellationToken)
    +Task&lt;AcquireTokenResult&gt; GetTokenForAppAsync(string scope, AcquireTokenOptions tokenAcquisitionOptions, CancellationToken cancellationToken)
    }
    class ITokenAcquirerFactory { <<interface>>
    +ITokenAcquirer GetTokenAcquirer(IdentityApplicationOptions identityApplicationOptions)
    +ITokenAcquirer GetTokenAcquirer(string optionName)
    }
    class ManagedIdentityOptions {
    +ManagedIdentityOptions Clone()
    &lt;&lt;rw&gt;&gt; +string UserAssignedClientId
    }
 }

        namespace DownstreamApis {
    class AuthorizationHeaderProviderOptions {
    +AuthorizationHeaderProviderOptions Clone()
    #AuthorizationHeaderProviderOptions CloneInternal()
    +string GetApiUrl()
    &lt;&lt;rw&gt;&gt; +string BaseUrl
    &lt;&lt;rw&gt;&gt; +string RelativePath
    &lt;&lt;rw&gt;&gt; +string HttpMethod
    &lt;&lt;rw&gt;&gt; +Action&lt;HttpRequestMessage&gt; CustomizeHttpRequestMessage
    &lt;&lt;rw&gt;&gt; +AcquireTokenOptions AcquireTokenOptions
    &lt;&lt;rw&gt;&gt; +string ProtocolScheme
    &lt;&lt;rw&gt;&gt; +bool RequestAppToken
    }
    class DownstreamApiOptions {
    +DownstreamApiOptions Clone()
    #AuthorizationHeaderProviderOptions CloneInternal()
    &lt;&lt;rw&gt;&gt; +IEnumerable&lt;string&gt; Scopes
    &lt;&lt;rw&gt;&gt; +Func&lt;Object, HttpContent&gt; Serializer
    &lt;&lt;rw&gt;&gt; +Func&lt;HttpContent, Object&gt; Deserializer
    &lt;&lt;rw&gt;&gt; +string AcceptHeader
    &lt;&lt;rw&gt;&gt; +string ContentType
    }
    class DownstreamApiOptionsReadOnlyHttpMethod {
    +DownstreamApiOptionsReadOnlyHttpMethod Clone()
    #AuthorizationHeaderProviderOptions CloneInternal()
    &lt;&lt;rw&gt;&gt; +string HttpMethod
    }

 }


    IdentityApplicationOptions <|-- MicrosoftEntraApplicationOptions : Inherits
    MicrosoftEntraApplicationOptions <|-- MicrosoftIdentityApplicationOptions : Inherits
    AuthorizationHeaderProviderOptions <|-- DownstreamApiOptions : Inherits
    DownstreamApiOptions <|-- DownstreamApiOptionsReadOnlyHttpMethod : Inherits

    CredentialDescription *-- "SourceType" CredentialSource : Has
    CredentialDescription --> "DecryptKeysAuthenticationOptions" AuthorizationHeaderProviderOptions : Has
    CredentialDescription *-- "CredentialType" CredentialType : Has

    IdentityApplicationOptions --> "ClientCredentials" CredentialDescription : Has many
    IdentityApplicationOptions --> "TokenDecryptionCredentials" CredentialDescription : Has many
    AuthorizationHeaderProviderOptions --> "AcquireTokenOptions" AcquireTokenOptions : Has
    AcquireTokenOptions --> "ManagedIdentity" ManagedIdentityOptions : Has

   ITokenAcquirerFactory --> ITokenAcquirer : produces
   ITokenAcquirer -->  AcquireTokenOptions : parametrized by
   AcquireTokenOptions --> "ManagedIdentity" ManagedIdentityOptions : Has
   ITokenAcquirer -->  AcquireTokenResult : returns

Application options and credentials

The application options are typically the options that you find in configuration files like the appsettings.json file. They describe the authentication aspects of your application. The library offers two layer. A standard layer, and a Microsoft Identity platform specialization.

classDiagram
 class CredentialDescription {
  &lt;&lt;ro&gt;&gt; +string Id
  &lt;&lt;rw&gt;&gt; +CredentialSource SourceType
  &lt;&lt;rw&gt;&gt; +string KeyVaultUrl
  &lt;&lt;rw&gt;&gt; +string CertificateStorePath
  &lt;&lt;rw&gt;&gt; +string CertificateDistinguishedName
  &lt;&lt;rw&gt;&gt; +string KeyVaultCertificateName
  &lt;&lt;rw&gt;&gt; +string CertificateThumbprint
  &lt;&lt;rw&gt;&gt; +string CertificateDiskPath
  &lt;&lt;rw&gt;&gt; +string CertificatePassword
  &lt;&lt;rw&gt;&gt; +string Base64EncodedValue
  &lt;&lt;rw&gt;&gt; +string ClientSecret
  &lt;&lt;rw&gt;&gt; +string ManagedIdentityClientId
  &lt;&lt;rw&gt;&gt; +string SignedAssertionFileDiskPath
  &lt;&lt;rw&gt;&gt; +AuthorizationHeaderProviderOptions DecryptKeysAuthenticationOptions
  &lt;&lt;rw&gt;&gt; +string TokenExchangeAuthority
  &lt;&lt;rw&gt;&gt; +X509Certificate2 Certificate
  &lt;&lt;rw&gt;&gt; +Object CachedValue
  &lt;&lt;rw&gt;&gt; +bool Skip
  &lt;&lt;ro&gt;&gt; +CredentialType CredentialType
  &lt;&lt;rw&gt;&gt; +string TokenExchangeUrl
  &lt;&lt;rw&gt;&gt; +string CustomSignedAssertionProviderName
  &lt;&lt;rw&gt;&gt; +Dictionary&lt;string, Object&gt; CustomSignedAssertionProviderData
  }
  class CredentialSource { <<enum>>
  Certificate = 0
  KeyVault = 1
  Base64Encoded = 2
  Path = 3
  StoreWithThumbprint = 4
  StoreWithDistinguishedName = 5
  ClientSecret = 6
  SignedAssertionFromManagedIdentity = 7
  SignedAssertionFilePath = 8
  SignedAssertionFromVault = 9
  AutoDecryptKeys = 10
  CustomSignedAssertion = 11
  }
  class CredentialType { <<enum>>
  Certificate = 0
  Secret = 1
  SignedAssertion = 2
  DecryptKeys = 3
  }
  class IdentityApplicationOptions {
  &lt;&lt;rw&gt;&gt; +string Authority
  &lt;&lt;rw&gt;&gt; +string ClientId
  &lt;&lt;rw&gt;&gt; +bool EnablePiiLogging
  &lt;&lt;rw&gt;&gt; +IDictionary&lt;string, string&gt; ExtraQueryParameters
  &lt;&lt;rw&gt;&gt; +IEnumerable&lt;CredentialDescription&gt; ClientCredentials
  &lt;&lt;rw&gt;&gt; +string Audience
  &lt;&lt;rw&gt;&gt; +IEnumerable&lt;string&gt; Audiences
  &lt;&lt;rw&gt;&gt; +IEnumerable&lt;CredentialDescription&gt; TokenDecryptionCredentials
  &lt;&lt;rw&gt;&gt; +bool AllowWebApiToBeAuthorizedByACL
  }
  class MicrosoftEntraApplicationOptions {
  &lt;&lt;rw&gt;&gt; +string Instance
  &lt;&lt;rw&gt;&gt; +string TenantId
  &lt;&lt;rw&gt;&gt; +string Authority
  &lt;&lt;rw&gt;&gt; +string AppHomeTenantId
  &lt;&lt;rw&gt;&gt; +string AzureRegion
  &lt;&lt;rw&gt;&gt; +IEnumerable&lt;string&gt; ClientCapabilities
  &lt;&lt;rw&gt;&gt; +bool SendX5C
  }
  class MicrosoftIdentityApplicationOptions {
  &lt;&lt;rw&gt;&gt; +bool WithSpaAuthCode
  &lt;&lt;rw&gt;&gt; +string Domain
  &lt;&lt;rw&gt;&gt; +string EditProfilePolicyId
  &lt;&lt;rw&gt;&gt; +string SignUpSignInPolicyId
  &lt;&lt;rw&gt;&gt; +string ResetPasswordPolicyId
  &lt;&lt;ro&gt;&gt; +string DefaultUserFlow
  &lt;&lt;rw&gt;&gt; +string ResetPasswordPath
  &lt;&lt;rw&gt;&gt; +string ErrorPath
  }

  IdentityApplicationOptions <|-- MicrosoftEntraApplicationOptions : Inherits
  MicrosoftEntraApplicationOptions <|-- MicrosoftIdentityApplicationOptions : Inherits

  CredentialDescription *-- "SourceType" CredentialSource : Has
  CredentialDescription --> "DecryptKeysAuthenticationOptions" AuthorizationHeaderProviderOptions : Has
  note for AuthorizationHeaderProviderOptions "see below"
  CredentialDescription *-- "CredentialType" CredentialType : Has
  IdentityApplicationOptions --> "ClientCredentials" CredentialDescription : Has many
  IdentityApplicationOptions --> "TokenDecryptionCredentials" CredentialDescription : Has many

Credential loaders

An important part of the application options are the credentials. In addition to the credential descriptions, the library offers extensibility mechanisms so that implementers can add their own credential source loaders.

classDiagram
class CredentialSourceLoaderParameters {
 &lt;&lt;rw&gt;&gt; +string ClientId
 &lt;&lt;rw&gt;&gt; +string Authority
 }
 class ICredentialsLoader { <<interface>>
 +Task LoadCredentialsIfNeededAsync(CredentialDescription credentialDescription, CredentialSourceLoaderParameters parameters)
 +Task&lt;CredentialDescription&gt; LoadFirstValidCredentialsAsync(IEnumerable&lt;CredentialDescription&gt; credentialDescriptions, CredentialSourceLoaderParameters parameters)
 +Void ResetCredentials(IEnumerable&lt;CredentialDescription&gt; credentialDescriptions)
 &lt;&lt;ro&gt;&gt; +IDictionary&lt;CredentialSource, ICredentialSourceLoader&gt; CredentialSourceLoaders
 }
 class ICredentialSourceLoader { <<interface>>
 +Task LoadIfNeededAsync(CredentialDescription credentialDescription, CredentialSourceLoaderParameters parameters)
 &lt;&lt;ro&gt;&gt; +CredentialSource CredentialSource
 }
 class ICustomSignedAssertionProvider { <<interface>>
 &lt;&lt;ro&gt;&gt; +string Name
 }

 ICredentialSourceLoader <|-- ICustomSignedAssertionProvider : Inherits
 ICredentialSourceLoader *-- "CredentialSource" CredentialSource : Has
 ICredentialsLoader --> ICredentialSourceLoader : Loads
 ICredentialSourceLoader --> CredentialSourceLoaderParameters : Uses
 note for CredentialSource "see above"

There can be several application options with different names (for instance in ASP.NET Core these would be different authentication schemes)

Token acquisition

Once configured, an application can acquire tokens from the Identity provider. This is a low level API, in the sense that you would probably prefer to call downstream web APIs without having to be preoccupied about the authentication aspects. If you really want to use the lower level API, you should:

  • get hold of a ITokenAcquirerFactory. Implementations can provide a TokenAcquirerFactory for instance, with a singleton.
  • get a ITokenAcquirer (by its name, for instance). This corresponds to the application options
  • From the token acquirer get a token for on behalf of the user, or the app. If you don't specify any AcquireTokenOptions, the implementation should do its best effort. The AcquireTokenOptions enable you to override the defaults.
classDiagram
   class AcquireTokenOptions {
    +AcquireTokenOptions Clone()
    &lt;&lt;rw&gt;&gt; +string AuthenticationOptionsName
    &lt;&lt;rw&gt;&gt; +Nullable&lt;Guid&gt; CorrelationId
    &lt;&lt;rw&gt;&gt; +IDictionary&lt;string, string&gt; ExtraQueryParameters
    &lt;&lt;rw&gt;&gt; +IDictionary&lt;string, Object&gt; ExtraParameters
    &lt;&lt;rw&gt;&gt; +IDictionary&lt;string, string&gt; ExtraHeadersParameters
    &lt;&lt;rw&gt;&gt; +string Claims
    &lt;&lt;rw&gt;&gt; +string FmiPath
    &lt;&lt;rw&gt;&gt; +bool ForceRefresh
    &lt;&lt;rw&gt;&gt; +string PopPublicKey
    &lt;&lt;rw&gt;&gt; +string PopClaim
    &lt;&lt;rw&gt;&gt; +ManagedIdentityOptions ManagedIdentity
    &lt;&lt;rw&gt;&gt; +string LongRunningWebApiSessionKey
    &lt;&lt;ro&gt;&gt; +string LongRunningWebApiSessionKeyAuto
    &lt;&lt;rw&gt;&gt; +string Tenant
    &lt;&lt;rw&gt;&gt; +string UserFlow
    }
    class AcquireTokenResult {
    &lt;&lt;rw&gt;&gt; +string AccessToken
    &lt;&lt;rw&gt;&gt; +DateTimeOffset ExpiresOn
    &lt;&lt;rw&gt;&gt; +string TenantId
    &lt;&lt;rw&gt;&gt; +string IdToken
    &lt;&lt;rw&gt;&gt; +IEnumerable&lt;string&gt; Scopes
    &lt;&lt;rw&gt;&gt; +Guid CorrelationId
    &lt;&lt;rw&gt;&gt; +string TokenType
    }
    class ITokenAcquirer { <<interface>>
    +Task&lt;AcquireTokenResult&gt; GetTokenForUserAsync(IEnumerable&lt;string&gt; scopes, AcquireTokenOptions tokenAcquisitionOptions, ClaimsPrincipal user, CancellationToken cancellationToken)
    +Task&lt;AcquireTokenResult&gt; GetTokenForAppAsync(string scope, AcquireTokenOptions tokenAcquisitionOptions, CancellationToken cancellationToken)
    }
    class ITokenAcquirerFactory { <<interface>>
    +ITokenAcquirer GetTokenAcquirer(IdentityApplicationOptions identityApplicationOptions)
    +ITokenAcquirer GetTokenAcquirer(string optionName)
    }
    class ManagedIdentityOptions {
    +ManagedIdentityOptions Clone()
    &lt;&lt;rw&gt;&gt; +string UserAssignedClientId
    }

   ITokenAcquirerFactory ..> ITokenAcquirer : produces
   ITokenAcquirer -->  AcquireTokenOptions : parametrized by
   AcquireTokenOptions --> "ManagedIdentity" ManagedIdentityOptions : Has
   ITokenAcquirer ..>  AcquireTokenResult : returns

Call downstream APIs

It's also possible (and recommended) to use higher level APIs:

  • IDownstreamApi enables you to call a downstream web API and let the implementation handle the serialization of the input parameter (if any), handling the getting the authorization header and attaching it to the HttpClient, call the downstream web API, handle errors, deserialize the answer and return it as a strongly typed object. You can use customize all these steps, for instance by providing your own serializer / deserializer.
  • IAuthorizationHeaderProvider is the component that provides the authorization header, delegating to the ITokenAcquirer. Whereas ITokenAcquirer only knows about tokens, IAuthorizationHeaderProvider knows about protocols (for instance bearer, Pop, etc ...)
classDiagram
   class AuthorizationHeaderProviderOptions {
   +AuthorizationHeaderProviderOptions Clone()
   #AuthorizationHeaderProviderOptions CloneInternal()
   +string GetApiUrl()
   &lt;&lt;rw&gt;&gt; +string BaseUrl
   &lt;&lt;rw&gt;&gt; +string RelativePath
   &lt;&lt;rw&gt;&gt; +string HttpMethod
   &lt;&lt;rw&gt;&gt; +Action&lt;HttpRequestMessage&gt; CustomizeHttpRequestMessage
   &lt;&lt;rw&gt;&gt; +AcquireTokenOptions AcquireTokenOptions
   &lt;&lt;rw&gt;&gt; +string ProtocolScheme
   &lt;&lt;rw&gt;&gt; +bool RequestAppToken
   }
   class DownstreamApiOptions {
   +DownstreamApiOptions Clone()
   #AuthorizationHeaderProviderOptions CloneInternal()
   &lt;&lt;rw&gt;&gt; +IEnumerable&lt;string&gt; Scopes
   &lt;&lt;rw&gt;&gt; +Func&lt;Object, HttpContent&gt; Serializer
   &lt;&lt;rw&gt;&gt; +Func&lt;HttpContent, Object&gt; Deserializer
   &lt;&lt;rw&gt;&gt; +string AcceptHeader
   &lt;&lt;rw&gt;&gt; +string ContentType
   }
   class DownstreamApiOptionsReadOnlyHttpMethod {
   +DownstreamApiOptionsReadOnlyHttpMethod Clone()
   #AuthorizationHeaderProviderOptions CloneInternal()
   &lt;&lt;rw&gt;&gt; +string HttpMethod
   }
   class IAuthorizationHeaderProvider { <<interface>>
   +Task&lt;string&gt; CreateAuthorizationHeaderForUserAsync(IEnumerable&lt;string&gt; scopes, AuthorizationHeaderProviderOptions authorizationHeaderProviderOptions, ClaimsPrincipal claimsPrincipal, CancellationToken cancellationToken)
   +Task&lt;string&gt; CreateAuthorizationHeaderForAppAsync(string scopes, AuthorizationHeaderProviderOptions downstreamApiOptions, CancellationToken cancellationToken)
   +Task&lt;string&gt; CreateAuthorizationHeaderAsync(IEnumerable&lt;string&gt; scopes, AuthorizationHeaderProviderOptions options, ClaimsPrincipal claimsPrincipal, CancellationToken cancellationToken)
   }
   class IDownstreamApi { <<interface>>
   +Task&lt;HttpResponseMessage&gt; CallApiAsync(DownstreamApiOptions downstreamApiOptions, ClaimsPrincipal user, HttpContent content, CancellationToken cancellationToken)
   +Task&lt;HttpResponseMessage&gt; CallApiAsync(string serviceName, Action&lt;DownstreamApiOptions&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, HttpContent content, CancellationToken cancellationToken)
   +Task&lt;HttpResponseMessage&gt; CallApiForUserAsync(string serviceName, Action&lt;DownstreamApiOptions&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, HttpContent content, CancellationToken cancellationToken)
   +Task&lt;HttpResponseMessage&gt; CallApiForAppAsync(string serviceName, Action&lt;DownstreamApiOptions&gt; downstreamApiOptionsOverride, HttpContent content, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; CallApiForUserAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptions&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; CallApiForUserAsync(string serviceName, Action&lt;DownstreamApiOptions&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; CallApiForAppAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptions&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; CallApiForAppAsync(string serviceName, Action&lt;DownstreamApiOptions&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; CallApiForUserAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptions&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; CallApiForUserAsync(string serviceName, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptions&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; CallApiForAppAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptions&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; CallApiForAppAsync(string serviceName, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptions&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; GetForUserAsync(string serviceName, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; GetForUserAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; GetForAppAsync(string serviceName, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; GetForAppAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task PostForUserAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PostForUserAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task PostForAppAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PostForAppAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task PutForUserAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PutForUserAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task PutForAppAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PutForAppAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task PatchForUserAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PatchForUserAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task PatchForAppAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PatchForAppAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task DeleteForUserAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; DeleteForUserAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task DeleteForAppAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; DeleteForAppAsync(string serviceName, IDownstreamApi.TInput input, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; GetForUserAsync(string serviceName, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; GetForUserAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; GetForAppAsync(string serviceName, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; GetForAppAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task PostForUserAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PostForUserAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task PostForAppAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PostForAppAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task PutForUserAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PutForUserAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task PutForAppAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PutForAppAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task PatchForUserAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PatchForUserAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task PatchForAppAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; PatchForAppAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task DeleteForUserAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; DeleteForUserAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, ClaimsPrincipal user, CancellationToken cancellationToken)
   +Task DeleteForAppAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   +Task&lt;IDownstreamApi.TOutput&gt; DeleteForAppAsync(string serviceName, IDownstreamApi.TInput input, JsonTypeInfo&lt;IDownstreamApi.TInput&gt; inputJsonTypeInfo, JsonTypeInfo&lt;IDownstreamApi.TOutput&gt; outputJsonTypeInfo, Action&lt;DownstreamApiOptionsReadOnlyHttpMethod&gt; downstreamApiOptionsOverride, CancellationToken cancellationToken)
   }

   AuthorizationHeaderProviderOptions <|-- DownstreamApiOptions : Inherits
   DownstreamApiOptions <|-- DownstreamApiOptionsReadOnlyHttpMethod : Inherits
   CredentialDescription --> "DecryptKeysAuthenticationOptions" AuthorizationHeaderProviderOptions : Has
   AuthorizationHeaderProviderOptions --> "AcquireTokenOptions" AcquireTokenOptions : Has
   AcquireTokenOptions --> "ManagedIdentity" ManagedIdentityOptions : Has
   IDownstreamApi ..> DownstreamApiOptions : Uses
   IAuthorizationHeaderProvider ..> AuthorizationHeaderProviderOptions : Uses

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Trademarks

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 is compatible. 
.NET Framework net461 was computed.  net462 is compatible.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

  • .NETFramework 4.6.2

    • No dependencies.

  • .NETStandard 2.0

    • No dependencies.

  • .NETStandard 2.1

    • No dependencies.

  • net8.0

    • No dependencies.

NuGet packages (7)

Showing the top 5 NuGet packages that depend on Microsoft.Identity.Abstractions:

Package Downloads
Microsoft.Identity.Web.Certificate

This package brings certificate management for MSAL.NET.
Microsoft.Identity.Web.TokenAcquisition

Implementation for higher level API for confidential client applications (ASP.NET Core and SDK/.NET).
Rystem.Authentication.Social.Blazor

Rystem.Authentication.Social helps you to integrate with new .Net Identity system and social logins.
Rystem.RepositoryFramework.Api.Client.Authentication.BlazorServer

Rystem.RepositoryFramework allows you to use correctly concepts like repository pattern, CQRS and DDD. You have interfaces for your domains, auto-generated api, auto-generated HttpClient to simplify connection "api to front-end", a functionality for auto-population in memory of your models, a functionality to simulate exceptions and waiting time from external sources to improve your implementation/business test and load test.
TEM.Common.Facades

Common facade methods and models shared by TEM services.

GitHub repositories (1)

Showing the top 1 popular GitHub repositories that depend on Microsoft.Identity.Abstractions:

Repository Stars
AzureAD/microsoft-identity-web
Helps creating protected web apps and web APIs with Microsoft identity platform and Azure AD B2C
Version Downloads Last updated
9.0.0 38,915 3/31/2025
8.2.0 647,217 2/13/2025
8.1.1 1,055,335 2/7/2025
8.1.0 5,923 1/29/2025
8.0.0 614,831 1/23/2025
7.2.1 68,340 1/21/2025
7.2.0 3,784,413 11/7/2024
7.1.0 4,473,472 9/24/2024
7.0.0 16,811 7/30/2024
6.0.0 6,983,351 6/21/2024
5.3.0 7,134,981 4/22/2024
5.2.0 2,203 4/18/2024
5.1.0 10,122,525 1/6/2024
5.0.0 8,630,590 9/20/2023
4.1.0 1,078,423 9/7/2023
4.0.0 3,341,034 7/11/2023
3.2.1 31,019 5/29/2023
3.2.0 4,041,689 5/11/2023
3.1.0 1,809,654 4/12/2023
3.0.1 61,882 4/6/2023
3.0.0 733 4/4/2023
2.1.0 1,315,113 3/12/2023
2.0.1 2,815,607 1/20/2023
2.0.0 555 1/19/2023
1.2.0 87,239 1/11/2023
1.1.0 1,891 1/6/2023
1.0.6-preview 388 12/29/2022
1.0.5-preview 86,694 12/13/2022
1.0.4-preview 58,006 11/16/2022
1.0.3-preview 45,323 11/5/2022
1.0.2-preview 339 11/3/2022
1.0.1-preview 25,968 10/18/2022
1.0.0-preview 318 10/18/2022

The release notes are available at https://github.com/AzureAD/microsoft-identity-abstractions-for-dotnet/releases and the roadmap at https://github.com/AzureAD/microsoft-identity-abstractions-for-dotnet/wiki#roadmap