This release introduces the following changes:
-
A new
OpenIddict.Client.SystemIntegrationpackage is now offered to easily use the OpenIddict client in Windows and Linux desktop applications. For more information, see Introducing system integration support for the OpenIddict client. -
Active Directory Federation Services (Windows 2016+) and Stripe Connect support has been added to
OpenIddict.Client.WebIntegration. -
The stricter
id_token_hintvalidation rules introduced in OpenIddict 4.0 have been relaxed to avoid rejecting authorization and logout requests that specify invalid token hints (e.g identity tokens whose database entry has been pruned and no longer exists). See #1649 (comment) for more information. -
A workaround has been added to allow the compromised tokens revocation logic to work with the Pomelo MySQL provider (see #1658 for more information).