1.60.0 (2026-06-30)
Features Added
- Added experimental (
AZID0004)DisableMtlsProofOfPossessionproperty toManagedIdentityCredentialOptionsto allow explicit opt-out of mTLS proof-of-possession token acquisition when the underlying requirements are met. - Simplified mTLS token binding integration for Managed Identity by moving to an optional, runtime-resolved attestation model using lazy reflection-based resolution of the
Microsoft.Identity.Client.KeyAttestationextension package.
Bugs Fixed
- Fixed a regression (introduced with managed identity host capability detection) where
DefaultAzureCredentialcould throw anAuthenticationFailedExceptionand stop evaluating the credential chain on hosts without a managed identity — for example, a developer machine running in Visual Studio where the IMDS endpoint (169.254.169.254) is unreachable. WhenManagedIdentityCredentialis part of a chain, a failure to detect the managed identity source/capabilities is now surfaced as aCredentialUnavailableException, allowing the chain to continue to the next credential.