Microsoft Identity Web is a library which contains a set of reusable classes used in conjunction with ASP.NET Core for integrating with the Microsoft identity platform (formerly Azure AD v2.0 endpoint) and AAD B2C.

This library is for specific usage with:

• Web applications, which sign in users and, optionally, call web APIs
• Protected web APIs, which optionally call protected downstream web APIs

Quick links:

The Microsoft Identity Web roadmap is available from Roadmap in the Wiki pages, along with release notes.

• Major versions are supported for twelve months after the release of the next major version.
• Minor versions older than N-1 are not supported.

  Minor versions are bugfixes or features with non-breaking (additive) API changes. It is expected apps can upgrade. Therefore, we will not patch old minor versions of the library. You should also confirm, in issue repros, that you are using the latest minor version before the Microsoft Identity Web team spends time investigating an issue.

• The conceptual documentation is currently available from the Wiki pages.
• Code samples are available for web app samples and web API samples

This is the correct repo to file issues.

If you find a bug or have a feature or documentation request, please raise the issue on GitHub Issues.

We use Stack Overflow with the community to provide support, using the tags web-app, web-api, asp.net-core, microsoft-identity-web. We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before.

To provide a recommendation, visit our User Voice page.

We enthusiastically welcome contributions and feedback. You can clone the repo and start contributing now. Read our Contribution Guide for more information.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

This library controls how users sign-in and access services. We recommend you always take the latest version of our library in your app when possible. We use semantic versioning so you can control the risk associated with updating your app. As an example, always downloading the latest minor version number (e.g. x.y.x) ensures you get the latest security and feature enhancements, but our API surface remains the same. You can always see the latest version and release notes under the Releases tab of GitHub.

If you find a security issue with our libraries or services, please report it to secure@microsoft.com with as much detail as possible. Your submission may be eligible for a bounty through the Microsoft Bounty program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting this page and subscribing to Security Advisory Alerts.

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.

Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License (the "License").