AppConfig — Release Notes

Comprehensive Microsoft Entra ID application management and testing platform

Latest Release

v1.21.121-1.21.122 Current Release — Streamlined Tool Suite (March 2026)
  • Security Tools Removed: Permission Analyzer, Attack Surface Analyzer, Secrets Expiry Monitor, and all security-analyzer sub-components removed to reduce scope and maintain focus on core app management and testing featuresArchitectural
  • AppContent Cleanup: Orphaned legacy AppContent component (superseded by ContentArea in earlier builds) deleted, reducing codebase size and complexityCleanup
v1.20.119-1.20.121 OAuth Workshop Moved to Dedicated App (March 2026)
  • OAuth Workshop & Learning Category Removed: All 7 workshop components (AppReg vs Service Principal Explainer, Flow Decision Helper, OAuth Flow Visualizer, OAuth Endpoints Explainer, Permission Consent Reference, OAuth Evolution Explainer, Microsoft Graph Explainer) transferred to a dedicated OAuth workshop companion appArchitectural
  • Footer Link: Link to the new OAuth workshop companion app added to the application footerUX
v1.19.108-1.19.119 Auth Flow Fixes & OAuth Workshop Tools (March 2026)
  • OAuth Evolution Explainer (v1.19.108): New educational tool covering the history and evolution of OAuth and identity protocolsNew Tool
  • AuthenticateAs Logout Fix (v1.19.116): Added postLogoutRedirectUri to logoutPopup() so the popup redirects to silent-end.html instead of reloading the full app — resolves COOP header interferenceBug Fix
  • AuthFlowTester Logout Fix (v1.19.117): Same logout popup fix applied to AuthFlowTester handleSignout() to prevent full-app reload in popup windowsBug Fix
  • FlowDecisionHelper Enhancement (v1.18.107): Device Code Flow added to decision logic; workshop link footer addedEnhancement

Version History

v1.18.103-1.18.108 MSAL Cache Inspector & Visualizer Updates (February–March 2026)
  • MSAL Cache Inspector (v1.18.103): New tool for inspecting MSAL browser cache entries — debug token storage, account state, and cache policy issuesNew Tool
  • ToolsTab Documentation (v1.18.105): All previously missing tool cards added and sorted into categoriesDocs
  • OAuth Flow Visualizer: OBO Flow (v1.18.106): On-Behalf-Of flow diagram added to the OAuth Flow VisualizerEnhancement
v1.17.98-1.17.103 Helpers Expansion & Category Reorganization (February 2026)
  • Permission Consent Reference (v1.17.98): New reference tool for understanding and managing OAuth permission consent flowsNew Tool
  • Category Split (v1.17.101): Helpers category divided into “Helpers & Debugging” and “OAuth Workshop & Learning” for better tool discoverabilityUX
  • AppsContent (v1.17.102): Simplified layout by removing show/hide filter toggleUX
  • MsalErrorDecoder (v1.17.103): Error code data correctionBug Fix
v1.14.91-1.16.98 Educational Explainer Tools Suite (February 2026)

New Tools

  • AppReg vs Service Principal Explainer (v1.14.91): New educational tool explaining the relationship and differences between app registrations and service principalsNew Tool
  • OAuth Endpoints Explainer (v1.15.93): Comprehensive educational tool covering OAuth endpoints, roles, flows, PKCE, tokens, scopes, and errorsNew Tool
  • Microsoft Graph Explainer (v1.16.93): Educational tool explaining Graph endpoints, authentication, queries, errors, and best practicesNew Tool

Enhancements

  • MsalErrorDecoder (v1.14.93): “Who Fixes” column added per error code; 6 additional error codes includedEnhancement
  • Claims Extensions Reference (v1.16.97): SchemaExtensionsTool renamed to “Claims Extensions Reference” and moved to the Helpers categoryUX
v1.13.88-1.13.91 OAuth Flow Visualizer (February 2026)
  • OAuth Flow Visualizer (v1.13.88): New tool providing visual diagrams of OAuth 2.0 and OIDC authentication flows for educational and debugging purposesNew Tool
  • Tool Rename (v1.13.90): AuthFlowVisualizer renamed to “OAuth Flow Visualizer” and SAML reference removed from AuthFlowTester descriptionUX
v1.12.86-1.12.88 Ownership Assignment Tool & Lifecycle Details (January 2026)
  • Ownership Assignment Tool (v1.12.86): New Action tool for bulk and individual ownership assignment across applicationsNew Tool
  • AppLifecycleDetails Enhancement (v1.12.88): Added Credential Health Status, App ID URIs display, Optional Claims summary, and my ownership status to the lifecycle viewEnhancement
v1.11.79-1.11.86 UX Polish, Renaming & Bug Fixes (January 2026)
  • MsalErrorDecoder (v1.11.79): Enhanced with modal dialog for error details and single streamlined search inputUX
  • Sign-in Screen (v1.11.78): Cleaner visual hierarchy — primary action emphasis, redundant alert box removed, “First-time user?” link moved below buttonUX
  • Release Notes (v1.11.80): In-app Release Notes page added at /public/appconfig-release-notes.html with a footer linkFeature
  • Tool Rename (v1.11.82): ConfidentialClientAuthDebugger renamed to “Confidential Client Auth Tester”UX
  • MsalTraceViewer Fix (v1.11.84): Corrected Client ID recognition in isolated test instanceBug Fix
  • WelcomeDashboard (v1.11.85): Replaced multi-button toolbar with hybrid toggle — centered icon when collapsed, subtle banner when expandedUX
  • AuthFlowTester (v1.11.86): Removed Related Testing Tools card for a cleaner, flow-focused UIUX
v1.11.73-1.11.77 Authentication Helper Tools Suite (January 2026)
  • Auth Helpers Category: New tool category created for authentication utilitiesFeature
  • OAuth Flow Decision Helper: Interactive 4-step wizard recommending optimal OAuth 2.0/OIDC flowsNew Tool
  • MSAL Error Decoder: Enhanced error lookup with list view, detailed information, and improved UXNew Tool
  • Tool Reorganization: MsalErrorDecoder, FlowDecisionHelper, EntraEndpointsExplorer, and OidcMetadataInspector moved to Auth Helpers categoryUX
v1.9.70-1.10.72 Token Analysis & Debugging Tools (January 2026)
  • Token Comparison Tool: Side-by-side JWT token comparison with smart insights and difference highlightingNew Tool
  • ContentArea Enhancement: Auto-scroll to top when activating tools for improved navigationUX
  • Footer Updates: GitHub link update and sharing functionality improvementsEnhancement
v1.8.59-1.8.70 Confidential Client Testing & Session Management (December 2025-January 2026)

Major Features

  • Confidential Client OAuth Debugger (v1.8.59): Complete 4-step interactive Authorization Code Flow tester for confidential clients with PKCE, token exchange, and educational contentNew Tool
  • MSAL Trace Viewer Test Mode (v1.8.68): Isolated test instance with dual monitoring, safe logout testing, and event source taggingMajor Update
  • Test Tool Session Isolation (v1.8.67): Fixed cross-contamination between test tools and main app authenticationBug Fix

Backend & API Enhancements

  • Authorization Code Exchange API (v1.8.60): New /api/exchange-code endpoint supporting PKCE for confidential client flowsBackend
  • Callback Page: confidential-auth-callback.html for OAuth redirect handling with postMessage integrationInfrastructure

UX & Interface Improvements

  • ConfidentialClientAuthDebugger Polish (v1.8.64-1.8.65): Accordion-based flow execution, progress indicators, and streamlined configuration UIUX
  • Auto-scroll Navigation (v1.8.70): Content area always displays tools from top when switchingUX

Configuration & Security

  • Session Storage Migration (v1.8.58): Main app MSAL cache moved from localStorage to sessionStorageSecurity
  • Supported Account Types (v1.8.61): GeneralSettings updated to match Entra portal behaviorEnhancement
v1.7.31-1.7.58 Security Hardening & Enhanced Monitoring (October-December 2025)

Key Features Added

  • Session Timeout (v1.7.34-1.7.35): Automatic logout after 60 minutes of inactivity with seamless redirectSecurity
  • List View Mode (v1.7.33): Alternative list-based display for tools and actions alongside card viewUX
  • Token & Consent Tester (v1.7.51-1.7.57): Renamed from TokenScopeRequester with enhanced delegated consent grants, account differentiation, and test user isolationEnhancement
  • Overall App Backup Paging (v1.7.38): Supports 100+ apps with confirmation dialog and estimated countFeature

Security & Compliance Improvements

  • Least-Privilege Schema Extensions (v1.7.42-1.7.43): Switched to Directory.Read.All, removed Directory Extensions tabSecurity
  • Claims Mapping Policy JIT Permissions (v1.7.44-1.7.45): Write operations request Policy.ReadWrite.ApplicationConfiguration on-demand onlySecurity
  • Default Scopes Updated (v1.7.46-1.7.47): TokenScopeRequester and RawOAuthTester now default to "openid profile" instead of including User.ReadSecurity
  • Privacy Policy Updates (v1.7.40): Clarifications for customer data handlingCompliance

UX & Interface Enhancements

  • AppsContent Optimization (v1.7.32-1.7.36): Consolidated metadata display, card containers with visual separation, compact sort controlsUX
  • Graph Explorer Autocomplete (v1.7.37): OAuth2 permission grants and app role assignment endpoint detectionUX
  • Welcome Dashboard (v1.7.30): Minimal design with cleaner chip displayUX
  • TokenDecoder About Section (v1.7.39): Wrapped in accordion with enhanced contentUX
  • Authorization Request Visualization (v1.7.41): Added to TokenScopeRequester for educational purposesEnhancement

Bug Fixes & Performance

  • Test User Token Cache (v1.7.57): Fixed MSAL returning cached tokens from previous test usersBug Fix
  • UserProvisioning (v1.7.54): Prevents assigning application-only app roles to usersBug Fix
  • Account Recognition (v1.7.55-1.7.56): Fixed logout and sign-out handling for test accountsBug Fix

Documentation & Guidance

  • Tool Documentation (v1.7.49): Added guides for MsalTraceViewer, EntraEndpointsExplorer, and ConsentManagerDocs
  • Troubleshooting Section (v1.7.48): Added "Understanding OAuth2PermissionGrants vs OAuth2PermissionScopes vs RequiredResourceAccess"Docs
  • Prerequisite Setup (v1.8.62): Updated to leverage ConfidentialClientAuthDebugger for confidential client testingDocs
v1.7.x Security, Consent Management & Enterprise Features (October-November 2025)

Key Features Added (Early v1.7.x)

  • ConsentManager Tool (v1.7.15): Comprehensive consent grant management with enhanced error handling and UI modernizationNew Tool
  • Dynamic Token Management (v1.7.26): All tools request permissions dynamically via TokenService instead of static upfront consentSecurity
  • SecretsExpiryMonitor (v1.7.27): Enhanced monitoring with flexible table columns and risk-level filteringEnhancement
  • Enhanced Backup (v1.7.23): Download capability for last 3 backups per applicationFeature

Security & Compliance Improvements

  • Permission Optimization (v1.7.20): Removed Application.ReadWrite.ApplicationConfiguration and Directory.AccessAsUser.All from static AppConfig permissionsSecurity
  • Least-Privilege Implementation (v1.7.20-1.7.22): ClaimsMappingPolicy and other tools use minimal required permissionsSecurity
  • authConfig Updates (v1.7.19): Added openId and profile scopes to exported loginRequest for proper authenticationSecurity

Tools & Debugging

  • RestoreAppForm (v1.7.18): Added context-aware permission warnings before restoring applicationsEnhancement
  • DeleteAppForm (v1.7.18): Updated scope for Consent Management (DelegatedPermissionGrant.ReadWrite.All)Enhancement
  • CAP Applied (v1.7.14): Updated to require only read permissions (Application.Read.All, Policy.Read.ConditionalAccess)Enhancement

Bug Fixes & Performance

  • AppCacheContext (v1.7.19): Major bug fix related to application caching and state managementBug Fix
  • API Permissions Restore (v1.7.24-1.7.25): Fixed restore functionality and improved permission handlingBug Fix
v1.6.x Authentication Debugging & Flow Modernization (October 2025)

Major Features

  • MsalTraceViewer Tool (v1.6.13): MSAL.js debugging and trace analysis with flow visualization for troubleshooting authentication issuesNew Tool
  • AuthFlowTester Modernization (v1.6.14): Comprehensive UI/UX overhaul with enhanced flow testing, detailed logging, and improved token displayMajor Update
  • EntraEndpointsExplorer Integration (v1.6.15): Removed duplicate Endpoints section from GeneralSettings (now standalone tool)Cleanup

Authentication Enhancements

  • Dynamic Tenant Detection: AuthFlowTester updated to handle both single-tenant and multi-tenant apps with proper authority configurationEnhancement
  • Hybrid Flow Support: Added comprehensive Hybrid Flow testing to AuthFlowTester with proper token handlingFeature
  • Implicit & Device Code Flows: Extended AuthFlowTester to support Implicit Grant and Device Code flowsFeature
v1.5.x Conditional Access & Metadata Tools (September-October 2025)

Key Features

  • EntraEndpointsExplorer Tool (v1.5.10): Comprehensive OAuth/OIDC endpoint discovery and testing with dynamic tenant detectionNew Tool
  • Enhanced CAP Analysis (v1.5.12): Added grant controls and session controls to Conditional Access Policy display for comprehensive policy visibilityEnhancement
  • CAP Scope Optimization (v1.5.12): Replaced Application.ReadWrite.All with Application.Read.All for CAP analysis - implementing least-privilege principleSecurity

Bug Fixes

  • Schema Extensions (v1.5.11): Fixed expired token issue by implementing proper consent flow with clear error messaging and "Grant admin consent" buttonBug Fix
  • OIDC Metadata Inspector (v1.5.13): Corrected access token identification to prevent confusion with ID tokensBug Fix
v1.4.x OIDC Tools & Beta Support (September 2025)

New Tools & Features

  • OIDC Metadata Inspector (v1.4.6): OpenID Connect discovery endpoint analysis and JWKS validationNew Tool
  • Token Decoder Enhancement (v1.4.7): Added Token Analysis tab and JWKS Inspector for signature verificationEnhancement
  • Graph Explorer Beta Support (v1.4.8): Microsoft Graph beta endpoint with version switching capabilityEnhancement
  • Token Scope Requester (v1.4.9): Added token preview and enhanced About sectionUX
  • RawOAuthTester Enhancement (v1.4.10): Hybrid Flow support addedFeature
v1.3.x OAuth Testing & Security Hardening (August 2025)

New Tools

  • Raw OAuth Tester (v1.3.3): Manual OAuth flow testing without MSAL for Implicit Flow scenariosNew Tool

Enhancements

  • Token Scope Requester (v1.3.4): Added /.default scope support and tenant authority controlsEnhancement
  • Security Hardening (v1.3.6): Comprehensive security guidance documentation addedSecurity
  • Documentation Updates (v1.3.5): Tools tab documentation expandedDocs
v1.2.x OData Query Builder & Visual Tools (August 2025)
  • OData Query Builder (v1.2.2): Visual Microsoft Graph API query construction with pagination and JSON exportNew Tool
  • TokenScopeRequester Polish (v1.2.3): Visual enhancements and improved usabilityUX
v1.1.x Token Management & Monitoring Tools (July 2025)
  • Token Scope Requester (v1.1.2): Request tokens for Microsoft Graph or custom APIs with configurable scopesNew Tool
  • Secrets & Certificate Expiration Monitor (v1.1.2): Track expiring credentials across all applications and service principalsNew Tool
v1.0.x Initial Release & Foundation (July 2025)
  • Browser Navigation Support (v1.0.1): Browser Back button functionality addedFeature
  • Token Decoder Updates (v1.0.2): Initial enhancements and bug fixesEnhancement
  • Core Platform (v1.0.0): Initial release with authentication testing, Graph Explorer, security analysis, and application managementLaunch

Version 1.0.0 - Initial Release Features

The initial release of AppConfig provided core Microsoft Entra ID application management and testing capabilities:

Core Platform Features

Authentication & Testing

Application Management

Security & Analysis

Microsoft Graph Integration

Platform Architecture

Feature Highlights

Specialized Developer Tools Suite (Added in versions 1.1-1.4)

Platform Enhancements

Security & Compliance

Enterprise Integration

Support & Documentation

In-App Resources

AppConfig² Suite Information

Contact & Community