AppConfig Release Notes

Version History

Version	Date/Type	Summary
1.0.0	Initial Release	Core AppConfig platform with Authentication Testing, Graph Explorer, Security Analysis, and Application Management
1.0.1	Feature	Browser Back button functionality added in addition to existing in-app Back button
1.0.2	Patch	TokenDecoder update
1.1.2	Feature	Token Scope Requester and Secrets & Certificate Expiration Monitor tools created
1.2.2	Feature	OData Query Builder tool created for visual Graph API query construction
1.2.3	Patch	TokenScopeRequester visual update
1.3.3	Feature	Raw OAuth Tester tool created for manual OAuth flow testing without MSAL
1.3.4	Feature	Token Scope Requester enhanced with /.default scope support and tenant authority controls
1.3.5	Documentation	ToolsTab documentation update - new tools documented
1.3.6	Security	Added security hardening guidance (security-hardening.html, getting-started.html, Footer.tsx)
1.4.6	Feature	OIDC Metadata Inspector tool created for OpenID Connect discovery and JWKS validation
1.4.7	Patch	Token Decoder enhanced with Token Analysis tab and JWKS signature verification
1.4.8	Patch	Graph Explorer enhanced with Microsoft Graph beta endpoint support and version switching

Version 1.0.0 - Initial Release Features

The initial release of AppConfig provided core Microsoft Entra ID application management and testing capabilities:

Core Platform Features

Application Portfolio Dashboard - Comprehensive view of all Microsoft Entra ID applications with key metrics
Enhanced Security Dashboard - Real-time security posture analysis across applications
Interactive Metrics - Clickable cards for filtering and navigation
Export Capabilities - CSV exports for compliance and reporting

Authentication & Testing

Multi-Flow Support - Authorization Code, Implicit, Client Credentials, and hybrid flows
Real-Time Token Analysis - Live JWT token decoding with syntax highlighting
Claims Inspector - Detailed token claims analysis and validation
User Context Testing - Test authentication flows as different users
Token Decoder - Advanced JWT analysis with claim categorization

Application Management

Complete Application Lifecycle - Create, configure, and manage applications
Backup & Restore - Automatic configuration backups with one-click restoration
User Provisioning - Bulk and individual user provisioning with role assignment
Credential Management - Client secret and certificate generation
App Roles Management - Dynamic role creation with permission mapping
API Permissions - Interactive Microsoft Graph permission picker
Claims Mapping Policies - Visual policy editor with template library
Directory Extensions - Custom attribute creation and schema management

Security & Analysis

Attack Surface Analysis - Comprehensive vulnerability assessment
Permission Analysis - Detailed API permission review with risk scoring
Security Scorecard - Overall security posture with actionable recommendations
Application Lifecycle Tracking - Monitor creation, ownership, and changes

Microsoft Graph Integration

Embedded Graph Explorer - Full Microsoft Graph API console (v1.0 endpoint)
Request Templates - Pre-built queries for common scenarios
Permission Detection - Automatic scope detection and consent flows

Platform Architecture

React 18+ with TypeScript - Modern, type-safe user interface
Microsoft MSAL 2.0 - Secure Microsoft identity integration
Material-UI Framework - Consistent, accessible design system
Azure Static Web Apps - Secure, scalable hosting platform
Azure Functions Backend - Serverless marketplace integration

Feature Highlights

Specialized Developer Tools Suite (Added in versions 1.1-1.4)

Token Scope Requester (v1.1.2) - Request tokens for Graph or custom APIs with /.default scope support and tenant authority controls
Secrets & Certificate Expiration Monitor (v1.1.2) - Track expiring credentials across applications and service principals with risk-level filtering
OData Query Builder (v1.2.2) - Visual Graph API query construction with pagination and JSON export capabilities
Raw OAuth Tester (v1.3.3) - Test OAuth Implicit flow (unsupported by MSAL 2.0) with manual authorize URL generation and token inspection
OIDC Metadata Inspector (v1.4.6) - OpenID Connect discovery endpoint analysis and JWKS validation

Platform Enhancements

Advanced Token Analysis (v1.4.7) - Enhanced Token Decoder with JWKS signature verification and semantic token analysis
Graph Explorer Beta Support (v1.4.8) - Microsoft Graph beta endpoint support with version switching and production warnings
Split UI Architecture - Improved navigation and modularity with sidebar navigation
Browser Back Support - Comprehensive browser navigation support across all tools
Performance Optimization - AppCacheContext for fast loading and intelligent caching

Security & Compliance

Security Hardening Guide (v1.3.6) - Operational best practices and security recommendations
Attack Surface Analysis - Comprehensive vulnerability assessment and risk evaluation
API Permissions Management - Incremental consent and admin consent flows
Least Privilege Principles - Request elevated permissions only when needed

Enterprise Integration

Azure Marketplace Integration - SaaS onboarding and subscription management
Backend Migration - Azure Functions for cost and performance optimization
Documentation Suite - Getting Started, Best Practices, and Troubleshooting guides
Versioning Strategy - MAJOR.MINOR.PATCH for clear release communication

Support & Documentation

In-App Resources

Getting Started Guide - Comprehensive onboarding and setup instructions
Best Practices - Security and operational recommendations
Tools Documentation - Detailed guides for each specialized tool
Troubleshooting - Common issues and resolution steps
Security Hardening Guide - Operational security best practices

AppConfig² Suite Information

AppConfig (Full Management) - Complete application lifecycle management with backup/restore capabilities
AppTesting (Read-Only) - Comprehensive analysis and testing for compliance-ready environments
Azure Marketplace - Enterprise deployment with Azure-native billing
Enterprise Support - Professional technical support available

Contact & Community

Technical Support - support@appconfig.app
Website - www.appconfig.eu
LinkedIn - AppConfig² Company Page
Azure Marketplace - Search for "AppConfig²" for enterprise deployment

AppConfig — Release Notes

Version History

Version 1.0.0 - Initial Release Features

Core Platform Features

Authentication & Testing

Application Management

Security & Analysis

Microsoft Graph Integration

Platform Architecture

Feature Highlights

Specialized Developer Tools Suite (Added in versions 1.1-1.4)

Platform Enhancements

Security & Compliance

Enterprise Integration

Support & Documentation

In-App Resources

AppConfig² Suite Information

Contact & Community